Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/lFgELs-6U9LmkYHkmfWvRVk6dy0.roa
File: lFgELs-6U9LmkYHkmfWvRVk6dy0.roa (raw, json)
Hash identifier: HkfggUBx5yU8x6cdfKU1SNsTBw1i46OnLIIvxMILIQQ=
Subject key identifier: 94:58:04:2E:CF:BA:53:D2:E6:91:81:E4:99:F5:AF:45:59:3A:77:2D
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 018499D9D15E53B22319BFDCFDC21545E490
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/lFgELs-6U9LmkYHkmfWvRVk6dy0.roa
Signing time: Mon 21 Nov 2022 11:01:39 +0000
ROA not before: Mon 21 Nov 2022 11:01:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204508
IP address blocks: 2a06:a005:d29::/48 maxlen: 48
2a06:a005:5f2::/48 maxlen: 48
2a06:a005:f50::/44 maxlen: 48
2a06:a005:1930::/44 maxlen: 48
2a06:a005:5fa::/47 maxlen: 48
2a07:54c2:b00b::/48 maxlen: 48
2a05:dfc7:800::/39 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:99:d9:d1:5e:53:b2:23:19:bf:dc:fd:c2:15:45:e4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Nov 21 11:01:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9458042ecfba53d2e69181e499f5af45593a772d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:41:d0:6d:c3:c2:ee:a8:bf:80:49:cb:62:dc:
18:75:45:ad:c5:32:f4:3a:39:89:64:65:3a:61:c1:
e4:fa:4d:a7:b1:60:fe:9b:bc:fb:a3:eb:d8:2d:fd:
64:bf:6a:cb:ca:51:f5:86:67:ad:3a:48:1e:0c:dd:
30:62:62:6e:7b:c5:db:09:2f:42:31:66:e6:bd:d6:
1b:eb:cd:67:36:f0:d3:7e:87:21:61:0b:3a:5a:0b:
55:ae:6f:29:07:d5:fa:d3:69:c6:ec:27:87:ec:44:
60:64:c2:f7:0f:64:e9:6a:bd:9b:ce:3b:77:60:72:
03:62:fc:89:4b:3d:b5:60:7f:75:c4:e2:2a:5a:52:
90:39:68:0e:c3:70:26:d0:ea:f6:59:4d:46:f5:ff:
b5:20:05:0c:af:ea:38:6b:28:e4:10:4e:a6:f3:7e:
74:92:52:02:df:20:4d:6e:2b:22:4f:d9:df:d0:b6:
ba:fc:45:11:0e:b1:ea:ad:b7:9d:2a:78:43:fe:a0:
fe:4b:84:07:c5:c6:f6:72:0a:e1:cb:11:a9:b6:33:
d6:97:65:3e:b0:04:5c:22:9e:ea:66:87:7b:60:39:
72:c5:f2:99:00:5e:c6:93:5b:50:a5:6a:a2:c1:b6:
d2:8d:68:1b:fe:13:58:41:0f:49:d2:5a:3b:86:01:
96:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:58:04:2E:CF:BA:53:D2:E6:91:81:E4:99:F5:AF:45:59:3A:77:2D
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/lFgELs-6U9LmkYHkmfWvRVk6dy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc7:800::/39
2a06:a005:5f2::/48
2a06:a005:5fa::/47
2a06:a005:d29::/48
2a06:a005:f50::/44
2a06:a005:1930::/44
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
98:aa:37:3c:ce:93:35:2d:5b:8d:5a:56:54:b7:d2:ae:1c:a4:
56:cd:61:99:cc:e0:b5:16:3d:dd:03:af:c4:9a:27:e4:a8:30:
a3:74:92:af:7c:07:45:92:48:3e:a4:1f:ac:63:9b:23:b5:2b:
49:b3:61:8a:db:51:dd:2c:66:11:69:ef:7b:52:a4:bc:63:7a:
f8:2d:af:97:e8:0a:bb:2c:5f:f4:19:bf:8e:90:c0:02:d7:05:
27:b0:9b:af:b5:cd:39:c2:44:4c:6b:87:59:89:54:bc:0b:3b:
6f:b0:ef:2c:c1:5f:97:78:75:b2:26:bf:22:dc:36:54:22:6f:
62:4c:15:d1:86:a5:4b:c7:5d:84:f7:94:1b:9f:8c:e0:ff:39:
8e:18:fd:68:6a:48:8c:12:59:19:22:e9:43:41:c8:9d:f7:24:
47:c2:7c:b5:c6:7d:07:a5:18:2b:31:0f:17:cf:e0:01:1e:ee:
e1:3b:d5:1f:ae:6d:03:9a:e0:ab:e5:65:2b:db:3b:ca:de:46:
f8:ad:a1:40:38:ba:4c:4f:e6:10:7c:d3:f1:32:88:18:94:4c:
6b:79:64:65:2f:6f:88:9e:b4:f2:4a:4b:19:c0:c8:46:5f:d8:
1f:2f:19:a3:a1:21:7a:f7:97:9b:6a:2c:b5:7d:bc:c9:06:31:
1d:a9:01:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYSZ2dFeU7IjGb/c/cIVReSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIxMTIxMTEwMTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU4MDQyZWNmYmE1M2QyZTY5MTgxZTQ5OWY1YWY0NTU5M2E3NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEHQbcPC7qi/gEnLYtwYdUWtxTL0
OjmJZGU6YcHk+k2nsWD+m7z7o+vYLf1kv2rLylH1hmetOkgeDN0wYmJue8XbCS9C
MWbmvdYb681nNvDTfochYQs6WgtVrm8pB9X602nG7CeH7ERgZML3D2Tpar2bzjt3
YHIDYvyJSz21YH91xOIqWlKQOWgOw3Am0Or2WU1G9f+1IAUMr+o4ayjkEE6m8350
klIC3yBNbisiT9nf0La6/EURDrHqrbedKnhD/qD+S4QHxcb2cgrhyxGptjPWl2U+
sARcIp7qZod7YDlyxfKZAF7Gk1tQpWqiwbbSjWgb/hNYQQ9J0lo7hgGWqQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJRYBC7PulPS5pGB5Jn1r0VZOnctMB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEvbEZnRUxzLTZVOUxta1lIa21mV3ZSVms2ZHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAAjA+AwYBKgXfxwgD
BwAqBqAFBfIDBwEqBqAFBfoDBwAqBqAFDSkDBwQqBqAFD1ADBwQqBqAFGTADBwAq
B1TCsAswDQYJKoZIhvcNAQELBQADggEBAJiqNzzOkzUtW41aVlS30q4cpFbNYZnM
4LUWPd0Dr8SaJ+SoMKN0kq98B0WSSD6kH6xjmyO1K0mzYYrbUd0sZhFp73tSpLxj
evgtr5foCrssX/QZv46QwALXBSewm6+1zTnCRExrh1mJVLwLO2+w7yzBX5d4dbIm
vyLcNlQib2JMFdGGpUvHXYT3lBufjOD/OY4Y/WhqSIwSWRki6UNByJ33JEfCfLXG
fQelGCsxDxfP4AEe7uE71R+ubQOa4KvlZSvbO8reRvitoUA4ukxP5hB80/EyiBiU
TGt5ZGUvb4ietPJKSxnAyEZf2B8vGaOhIXr3l5tqLLV9vMkGMR2pAc8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:13:12 2025 by rpki-client