Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/lZ-AOq7_6QtP_M2_NSdFkS5kWDw.roa
File: lZ-AOq7_6QtP_M2_NSdFkS5kWDw.roa (raw, json)
Hash identifier: QIlc9W3HH3Xuxs2UHApl1aj37iKKZQTLV1xjUXcHjZI=
Subject key identifier: 95:9F:80:3A:AE:FF:E9:0B:4F:FC:CD:BF:35:27:45:91:2E:64:58:3C
Certificate issuer: /CN=dbc7840920d1c709ff299aed3682c23fb432767d
Certificate serial: 019425FD9C3E23D723621F53535BADAEA061
Authority key identifier: DB:C7:84:09:20:D1:C7:09:FF:29:9A:ED:36:82:C2:3F:B4:32:76:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28eECSDRxwn_KZrtNoLCP7Qydn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/lZ-AOq7_6QtP_M2_NSdFkS5kWDw.roa
Signing time: Thu 02 Jan 2025 07:49:25 +0000
ROA not before: Thu 02 Jan 2025 07:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209588
IP address blocks: 141.98.82.0/24 maxlen: 24
141.98.83.0/24 maxlen: 24
2a10:9107:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9c:3e:23:d7:23:62:1f:53:53:5b:ad:ae:a0:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc7840920d1c709ff299aed3682c23fb432767d
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=959f803aaeffe90b4ffccdbf352745912e64583c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b0:42:9e:be:be:52:ee:b1:19:5b:46:6a:97:
83:83:b2:bf:57:93:6a:e2:12:3a:46:e1:ea:bf:61:
02:1b:4f:ff:12:bc:75:4a:66:bc:1b:b6:2d:a6:1f:
70:a3:1d:c9:d5:47:6b:91:2b:70:58:e9:09:b9:f1:
75:b7:9e:c0:78:e4:f6:6b:32:f0:85:68:44:0d:7b:
87:da:9b:85:fe:48:0e:c1:cf:ad:79:7d:85:32:6d:
a5:a3:86:08:26:7a:55:3f:97:ba:3e:90:f8:89:04:
e9:b7:3e:55:c9:20:51:15:d6:f3:3d:3e:fa:84:c7:
9e:c5:e7:2c:4a:c3:6c:ff:10:86:3b:47:cb:e6:34:
f9:de:4c:6f:9d:98:ff:d6:82:60:01:05:91:0d:40:
a4:3e:f2:ff:df:c2:43:c4:33:80:3e:1f:d9:03:ae:
99:46:e2:4b:33:e6:a6:9f:db:3c:03:ff:5d:c6:38:
b4:ec:61:cf:96:a0:ab:92:ea:b5:47:a8:9a:2e:9e:
f7:df:22:9b:e9:dd:8e:f7:a5:dd:eb:49:9b:cc:ed:
86:c8:ba:a9:21:cf:57:33:db:cc:d5:48:60:98:41:
a2:46:b7:e6:04:a3:c3:9b:4f:cc:4f:45:bd:e4:35:
a1:cf:6b:07:dc:e7:75:03:0f:e8:6d:f6:67:4a:47:
95:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9F:80:3A:AE:FF:E9:0B:4F:FC:CD:BF:35:27:45:91:2E:64:58:3C
X509v3 Authority Key Identifier:
keyid:DB:C7:84:09:20:D1:C7:09:FF:29:9A:ED:36:82:C2:3F:B4:32:76:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28eECSDRxwn_KZrtNoLCP7Qydn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/lZ-AOq7_6QtP_M2_NSdFkS5kWDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/28eECSDRxwn_KZrtNoLCP7Qydn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.82.0/23
IPv6:
2a10:9107:f000::/36
Signature Algorithm: sha256WithRSAEncryption
49:b8:67:56:76:f9:c2:f2:26:e0:9e:47:67:28:17:fe:72:e1:
be:c3:10:fd:56:36:e4:c5:1a:02:af:7f:74:ef:52:30:ed:ec:
88:2e:52:84:c6:2e:f0:59:67:10:b7:54:ce:f9:05:d7:28:3b:
fc:99:e8:c2:eb:40:a6:d9:05:b0:71:ee:c6:26:67:e2:1a:60:
d7:23:48:98:6a:bf:27:84:f8:8c:78:7a:16:19:46:bd:a6:61:
00:62:fa:e8:84:dd:c6:ca:c8:df:7a:bd:d4:dd:1d:02:94:1b:
7c:a4:f7:cd:94:32:f8:cf:ba:9b:b7:99:89:ce:ef:d8:fe:d2:
ef:5b:e1:b6:79:a2:46:e9:65:9d:ea:4f:4c:d2:e3:c0:78:dc:
3f:f6:08:2a:13:64:e8:ac:cb:57:38:49:fc:9f:b2:71:25:48:
ef:53:d8:d9:a1:d3:66:bb:ab:5e:77:90:f4:b1:57:1a:71:f7:
fa:cc:0a:98:05:1b:58:cf:37:09:6b:2d:18:88:85:ea:a8:d5:
0d:e3:d6:24:b3:ab:2f:4f:36:5e:d6:17:be:42:da:30:7a:9d:
ef:af:99:02:ef:f2:67:aa:30:00:f5:ef:f4:c8:88:a2:ad:fe:
f9:86:16:64:a5:20:08:50:58:a1:37:48:33:6e:ee:2b:02:e7:
70:ab:30:84
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQl/Zw+I9cjYh9TU1utrqBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzc4NDA5MjBkMWM3MDlmZjI5OWFlZDM2ODJjMjNmYjQz
Mjc2N2QwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlmODAzYWFlZmZlOTBiNGZmY2NkYmYzNTI3NDU5MTJlNjQ1ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrBCnr6+Uu6xGVtGapeDg7K/V5Nq
4hI6RuHqv2ECG0//Erx1Sma8G7Ytph9wox3J1UdrkStwWOkJufF1t57AeOT2azLw
hWhEDXuH2puF/kgOwc+teX2FMm2lo4YIJnpVP5e6PpD4iQTptz5VySBRFdbzPT76
hMeexecsSsNs/xCGO0fL5jT53kxvnZj/1oJgAQWRDUCkPvL/38JDxDOAPh/ZA66Z
RuJLM+amn9s8A/9dxji07GHPlqCrkuq1R6iaLp733yKb6d2O96Xd60mbzO2GyLqp
Ic9XM9vM1UhgmEGiRrfmBKPDm0/MT0W95DWhz2sH3Od1Aw/obfZnSkeVFwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJWfgDqu/+kLT/zNvzUnRZEuZFg8MB8GA1UdIwQY
MBaAFNvHhAkg0ccJ/yma7TaCwj+0MnZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhlRUNTRFJ4d25fS1pydE5vTENQN1F5ZG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85NTIxZTEtNzYxMC00ZDQzLTg2ODMt
NTFiZTJmOTYwOGJjLzEvbFotQU9xN182UXRQX00yX05TZEZrUzVrV0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC85NTIxZTEtNzYxMC00ZDQzLTg2ODMtNTFiZTJmOTYwOGJj
LzEvMjhlRUNTRFJ4d25fS1pydE5vTENQN1F5ZG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBjWJSMA4E
AgACMAgDBgQqEJEH8DANBgkqhkiG9w0BAQsFAAOCAQEASbhnVnb5wvIm4J5HZygX
/nLhvsMQ/VY25MUaAq9/dO9SMO3siC5ShMYu8FlnELdUzvkF1yg7/JnowutAptkF
sHHuxiZn4hpg1yNImGq/J4T4jHh6FhlGvaZhAGL66ITdxsrI33q91N0dApQbfKT3
zZQy+M+6m7eZic7v2P7S71vhtnmiRullnepPTNLjwHjcP/YIKhNk6KzLVzhJ/J+y
cSVI71PY2aHTZrurXneQ9LFXGnH3+swKmAUbWM83CWstGIiF6qjVDePWJLOrL082
XtYXvkLaMHqd76+ZAu/yZ6owAPXv9MiIoq3++YYWZKUgCFBYoTdIM27uKwLncKsw
hA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:39:40 2025 by rpki-client