Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/LtctFlc4GRCf3PIlxO5Sz70Upcc.roa
File: LtctFlc4GRCf3PIlxO5Sz70Upcc.roa (raw, json)
Hash identifier: 9oaNZGvrfQP+yRIBwwcg5U7jui8/sOP7Dz6ZLTuPIgM=
Subject key identifier: 2E:D7:2D:16:57:38:19:10:9F:DC:F2:25:C4:EE:52:CF:BD:14:A5:C7
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 0194266BDA4C9F34CED2E8321650FE23D9CB
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/LtctFlc4GRCf3PIlxO5Sz70Upcc.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a04:5b81:2120::/44 maxlen: 48
2a04:5b82:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:da:4c:9f:34:ce:d2:e8:32:16:50:fe:23:d9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ed72d16573819109fdcf225c4ee52cfbd14a5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2e:38:40:c9:1a:0a:f1:82:d1:8a:fc:03:49:
ab:f5:0a:92:b6:52:89:24:96:6f:c9:ba:35:38:56:
bc:16:89:31:28:8f:30:ec:d0:52:95:e9:47:06:0c:
0c:89:e4:b8:11:58:79:32:9c:ef:61:4a:e8:fc:b2:
2b:19:f9:28:41:0e:58:73:56:97:e2:4e:38:d7:46:
52:80:c2:f1:f1:5c:d1:c4:57:69:6a:2f:3d:8e:5d:
a0:cd:5c:f5:d1:f1:5d:36:49:e1:80:f5:6e:9a:67:
6a:77:0b:98:81:5c:16:ee:e9:31:71:d5:30:e1:21:
64:34:10:25:8b:85:52:64:8b:d8:96:ef:ce:bc:e2:
ba:82:3f:0b:06:ca:d4:7f:0d:10:a6:bf:22:cd:53:
96:82:d0:d7:c5:28:91:65:8a:70:7d:df:e9:8a:84:
2c:ba:aa:70:fd:66:aa:c3:49:3c:d0:8f:50:d0:9f:
67:b5:52:d3:81:4c:86:45:fa:09:7a:dc:36:03:6c:
63:c0:0e:1b:eb:14:39:72:b7:b2:8e:2f:99:56:51:
0f:8a:d2:df:d1:de:69:9f:a5:5d:d2:f7:58:fe:61:
b0:a6:7b:be:37:a3:a0:6c:3f:48:a3:ae:1f:f7:62:
8d:0a:25:18:34:46:b1:71:c7:f7:30:da:4b:76:47:
58:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D7:2D:16:57:38:19:10:9F:DC:F2:25:C4:EE:52:CF:BD:14:A5:C7
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/LtctFlc4GRCf3PIlxO5Sz70Upcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b81:2120::/44
2a04:5b82:2000::/48
Signature Algorithm: sha256WithRSAEncryption
9a:f0:7a:38:35:c2:6d:5a:70:50:ef:aa:9f:ff:35:01:c2:c1:
92:02:e4:52:77:94:b5:d5:36:3c:31:a3:0d:6b:62:ef:db:a9:
00:c4:41:e3:ef:4a:d3:fd:29:72:5a:bd:b2:32:fc:67:88:8b:
6d:8b:fc:71:db:e1:4c:67:44:8b:80:cd:fc:ae:41:ef:7a:1d:
21:f5:11:ba:8d:9c:d5:8d:c8:a9:4c:64:98:db:70:e9:05:41:
fe:d4:93:7e:82:ab:ac:77:55:32:7f:ff:d3:28:d5:06:ef:2b:
ba:f4:7b:ef:02:50:6b:e7:b7:c1:df:ce:39:b4:2d:73:c3:5e:
1d:7c:21:24:3c:2f:c4:7d:24:02:60:b2:0b:8d:a1:4e:93:fb:
fe:33:49:37:ef:4b:8d:ca:a8:ae:08:94:85:8a:43:e9:e8:b2:
91:c8:da:3f:53:7f:78:9e:b9:55:af:fa:f7:88:8f:06:cb:f6:
c0:d2:29:82:8f:07:f3:e8:7f:28:05:74:b2:62:50:80:9d:9f:
d8:d4:b8:31:19:d7:98:36:8c:b6:b9:9d:56:e1:a6:7c:b6:06:
6d:62:37:76:e8:fe:7a:2c:2c:3b:02:3e:06:77:af:85:45:4c:
a8:7f:c0:2f:cc:df:2e:41:9c:0c:bc:22:13:42:60:d4:d7:61:
a8:24:0c:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma9pMnzTO0ugyFlD+I9nLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ3MmQxNjU3MzgxOTEwOWZkY2YyMjVjNGVlNTJjZmJkMTRhNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry44QMkaCvGC0Yr8A0mr9QqStlKJ
JJZvybo1OFa8FokxKI8w7NBSlelHBgwMieS4EVh5MpzvYUro/LIrGfkoQQ5Yc1aX
4k4410ZSgMLx8VzRxFdpai89jl2gzVz10fFdNknhgPVummdqdwuYgVwW7ukxcdUw
4SFkNBAli4VSZIvYlu/OvOK6gj8LBsrUfw0Qpr8izVOWgtDXxSiRZYpwfd/pioQs
uqpw/Waqw0k80I9Q0J9ntVLTgUyGRfoJetw2A2xjwA4b6xQ5creyji+ZVlEPitLf
0d5pn6Vd0vdY/mGwpnu+N6OgbD9Io64f92KNCiUYNEaxccf3MNpLdkdYEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC7XLRZXOBkQn9zyJcTuUs+9FKXHMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvTHRjdEZsYzRHUkNmM1BJbHhPNVN6NzBVcGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgRbgSEg
AwcAKgRbgiAAMA0GCSqGSIb3DQEBCwUAA4IBAQCa8Ho4NcJtWnBQ76qf/zUBwsGS
AuRSd5S11TY8MaMNa2Lv26kAxEHj70rT/SlyWr2yMvxniItti/xx2+FMZ0SLgM38
rkHveh0h9RG6jZzVjcipTGSY23DpBUH+1JN+gqusd1Uyf//TKNUG7yu69HvvAlBr
57fB3845tC1zw14dfCEkPC/EfSQCYLILjaFOk/v+M0k370uNyqiuCJSFikPp6LKR
yNo/U394nrlVr/r3iI8Gy/bA0imCjwfz6H8oBXSyYlCAnZ/Y1LgxGdeYNoy2uZ1W
4aZ8tgZtYjd26P56LCw7Aj4Gd6+FRUyof8AvzN8uQZwMvCITQmDU12GoJAxi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:29 2025 by rpki-client