Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa
File: LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa (raw, json)
Hash identifier: ScQNvXtsK5w/Wj3QzlqfHMAUcdIYUpFbtGKhSGmn1FI=
Subject key identifier: 2D:07:26:D2:78:50:4E:0C:5F:70:01:07:15:2A:52:79:01:6C:54:7A
Certificate issuer: /CN=6d23ce7b0c10068fbc44c021943e339013f2aee0
Certificate serial: 019420D5C0F22785B75F60F379E5D35DF65F
Authority key identifier: 6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58291
IP address blocks: 45.11.28.0/22 maxlen: 24
2a0e:5700::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c0:f2:27:85:b7:5f:60:f3:79:e5:d3:5d:f6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d23ce7b0c10068fbc44c021943e339013f2aee0
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d0726d278504e0c5f700107152a5279016c547a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:73:81:ce:cf:c4:80:00:a9:f2:3e:62:6d:08:
a4:d5:4e:18:dd:77:20:52:7b:dc:0b:52:fc:18:41:
ee:d5:ef:9b:27:37:e2:26:72:60:f1:55:b8:f3:54:
73:2d:d2:cc:58:5e:c0:fe:58:04:7e:58:d9:8b:38:
c4:4c:20:d7:6c:3b:66:24:9c:0f:ea:b5:8b:a6:aa:
96:41:62:ea:e3:f1:55:6d:b4:c9:13:96:28:51:d7:
8c:a1:8d:96:02:0e:a3:db:a1:f0:4a:7f:b0:1c:84:
82:a6:fa:57:53:2a:71:61:ca:df:a4:50:c3:6d:e8:
c7:a0:4e:87:64:25:fc:f5:c3:f2:54:fc:f9:e2:5d:
d2:fc:8c:1d:49:59:b3:5e:fd:d4:31:01:8f:fa:50:
5d:54:73:60:dc:9e:13:49:d4:c8:f5:64:20:c5:cf:
94:e3:31:c9:1c:6b:a3:9b:d1:e3:2a:35:0f:7a:da:
cf:21:5f:51:dd:1d:f5:4c:84:ad:12:51:74:d5:18:
e1:14:cc:29:6e:04:60:6a:5d:8d:6b:ce:57:8c:7c:
64:2f:38:39:ce:08:2c:f0:08:50:68:30:9d:d4:12:
8b:04:16:22:d0:ae:bc:11:6c:d9:93:bc:89:a1:17:
4e:31:4f:55:a2:1c:43:96:a6:1d:c4:92:6e:60:df:
c1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:07:26:D2:78:50:4E:0C:5F:70:01:07:15:2A:52:79:01:6C:54:7A
X509v3 Authority Key Identifier:
keyid:6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/LQcm0nhQTgxfcAEHFSpSeQFsVHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.28.0/22
IPv6:
2a0e:5700::/32
Signature Algorithm: sha256WithRSAEncryption
67:be:3a:6e:a7:a0:2a:aa:ea:cc:cf:fb:83:8f:0e:a9:47:a9:
4f:96:af:a6:01:65:66:0c:3a:7a:db:03:e2:bd:11:d5:ae:fd:
99:8e:0b:11:e7:d1:f0:a0:d6:d2:d0:bb:30:4c:ab:3e:3f:2c:
7b:50:5e:33:16:d6:ae:30:cd:66:6a:c0:2c:0a:bf:4c:fd:e3:
51:43:91:cf:64:28:58:41:9a:96:59:13:4d:4a:63:14:1f:3a:
11:fa:22:3a:93:bb:be:d6:23:c2:2e:85:c8:d3:98:cd:66:be:
49:7b:19:62:84:bb:e7:40:2e:51:86:c6:c4:67:67:a5:36:9f:
6d:68:50:f7:4a:c7:a6:b7:a2:3b:e3:a9:b5:87:44:7f:ba:f3:
15:ed:8a:9d:84:a4:14:5e:c6:41:ca:be:3c:9d:28:2e:41:40:
34:f5:eb:e4:08:e9:83:12:a3:2d:95:10:db:b3:47:32:8f:fb:
ed:72:ff:b3:af:19:ec:05:cc:5b:35:fa:ef:4e:f8:a3:59:aa:
db:42:65:d1:a0:79:7b:39:50:12:29:80:da:f6:36:af:f9:f3:
9b:08:4c:a8:48:a1:da:6a:23:54:52:99:f4:a3:ca:bb:54:9d:
6c:6d:9a:f9:0b:d0:93:42:f4:94:f4:31:03:44:26:4c:f3:1f:
c6:e1:fe:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1cDyJ4W3X2DzeeXTXfZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjNjZTdiMGMxMDA2OGZiYzQ0YzAyMTk0M2UzMzkwMTNm
MmFlZTAwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA3MjZkMjc4NTA0ZTBjNWY3MDAxMDcxNTJhNTI3OTAxNmM1NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3OBzs/EgACp8j5ibQik1U4Y3Xcg
UnvcC1L8GEHu1e+bJzfiJnJg8VW481RzLdLMWF7A/lgEfljZizjETCDXbDtmJJwP
6rWLpqqWQWLq4/FVbbTJE5YoUdeMoY2WAg6j26HwSn+wHISCpvpXUypxYcrfpFDD
bejHoE6HZCX89cPyVPz54l3S/IwdSVmzXv3UMQGP+lBdVHNg3J4TSdTI9WQgxc+U
4zHJHGujm9HjKjUPetrPIV9R3R31TIStElF01RjhFMwpbgRgal2Na85XjHxkLzg5
zggs8AhQaDCd1BKLBBYi0K68EWzZk7yJoRdOMU9VohxDlqYdxJJuYN/BmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC0HJtJ4UE4MX3ABBxUqUnkBbFR6MB8GA1UdIwQY
MBaAFG0jznsMEAaPvETAIZQ+M5AT8q7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYt
NDBjNWViYzZmNzM2LzEvTFFjbTBuaFFUZ3hmY0FFSEZTcFNlUUZzVkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYtNDBjNWViYzZmNzM2
LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQscMA0E
AgACMAcDBQAqDlcAMA0GCSqGSIb3DQEBCwUAA4IBAQBnvjpup6AqqurMz/uDjw6p
R6lPlq+mAWVmDDp62wPivRHVrv2ZjgsR59HwoNbS0LswTKs+Pyx7UF4zFtauMM1m
asAsCr9M/eNRQ5HPZChYQZqWWRNNSmMUHzoR+iI6k7u+1iPCLoXI05jNZr5Jexli
hLvnQC5RhsbEZ2elNp9taFD3Ssemt6I746m1h0R/uvMV7YqdhKQUXsZByr48nSgu
QUA09evkCOmDEqMtlRDbs0cyj/vtcv+zrxnsBcxbNfrvTvijWarbQmXRoHl7OVAS
KYDa9jav+fObCEyoSKHaaiNUUpn0o8q7VJ1sbZr5C9CTQvSU9DEDRCZM8x/G4f5/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:01 2025 by rpki-client