Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/lmY3OHV06iQ2okHJC_xew_5c0LY.roa
File: lmY3OHV06iQ2okHJC_xew_5c0LY.roa (raw, json)
Hash identifier: VAAXf3sc2kIcjjslDb0B8KOFlo5MNyl0zFRFKzuk/g0=
Subject key identifier: 96:66:37:38:75:74:EA:24:36:A2:41:C9:0B:FC:5E:C3:FE:5C:D0:B6
Certificate issuer: /CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Certificate serial: 019426D963B9FA3B5F6A52C1B2E3CE1907BE
Authority key identifier: CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/lmY3OHV06iQ2okHJC_xew_5c0LY.roa
Signing time: Thu 02 Jan 2025 11:49:28 +0000
ROA not before: Thu 02 Jan 2025 11:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 91.102.184.0/24 maxlen: 24
91.102.185.0/24 maxlen: 24
91.102.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:63:b9:fa:3b:5f:6a:52:c1:b2:e3:ce:19:07:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Validity
Not Before: Jan 2 11:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=966637387574ea2436a241c90bfc5ec3fe5cd0b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:d6:4b:3f:81:14:30:36:aa:c7:b3:83:a7:
36:3d:a7:2a:c0:fd:43:e7:6c:7c:c6:50:7d:8e:01:
15:ad:51:e3:c7:89:b8:75:0d:b4:dd:6e:a7:4f:99:
42:ba:98:af:5c:32:7e:e3:6b:d8:af:6b:a7:a2:3d:
74:ba:61:fd:cd:e8:85:12:2d:e4:4d:77:6d:bf:4e:
71:d3:73:fa:b5:e3:3c:c2:3a:6f:c9:eb:5e:ad:06:
3e:16:45:87:6c:f8:68:a1:e9:90:d4:43:43:58:ed:
f5:44:02:1c:4b:a0:aa:a0:2c:f2:53:23:fb:ea:bf:
53:24:b2:1c:1e:cf:ac:07:08:11:97:7f:62:66:a1:
c1:8b:45:0c:a4:51:23:ea:21:36:45:4f:b5:9c:33:
ef:78:40:e0:e1:cc:87:ab:94:94:34:e6:ef:1e:87:
1f:af:8c:e3:9f:37:37:df:c7:59:5f:28:c0:fe:02:
b8:c7:c1:12:95:59:d4:b1:7d:25:8d:44:39:83:83:
c7:bf:74:bb:7c:30:49:59:3d:9a:c2:cf:e8:a3:3e:
94:ea:71:43:cb:55:69:b5:8c:6e:fc:35:a1:f9:f8:
36:68:d2:4c:d9:a5:21:5f:8a:aa:0b:43:66:a7:d4:
71:a3:95:24:66:bd:cd:c7:37:fd:a3:96:b0:e0:83:
a7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:66:37:38:75:74:EA:24:36:A2:41:C9:0B:FC:5E:C3:FE:5C:D0:B6
X509v3 Authority Key Identifier:
keyid:CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/lmY3OHV06iQ2okHJC_xew_5c0LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/zsOzR6IWvEN7C9TPC8jNpl6MLTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.184.0-91.102.186.255
Signature Algorithm: sha256WithRSAEncryption
4b:5a:70:16:42:ff:1c:d5:2e:2a:6f:89:fa:8c:81:e1:6d:ee:
f9:5f:79:3b:df:ab:1b:83:16:d6:99:62:09:df:c1:3a:43:1c:
b5:18:9a:d0:02:8e:e3:67:ec:3c:67:36:4a:40:2c:19:35:06:
51:0e:08:2c:01:82:0b:35:c7:82:94:f4:79:3d:6d:db:bf:42:
f6:a3:f5:6a:69:4d:4b:c3:0f:bc:6a:5a:dd:6c:f4:53:a8:5d:
2d:ac:9c:66:72:e5:bd:20:3e:ac:dd:16:2c:f4:d6:09:13:f0:
29:ca:de:1a:cd:3e:24:71:cf:aa:d4:05:4a:84:2d:5d:c6:b2:
52:aa:e7:1d:a7:64:fc:22:e8:5b:34:9d:86:9e:e6:06:86:eb:
c8:dc:7c:3e:03:20:b9:86:8c:b3:0f:32:6e:f6:a3:f8:d9:bb:
ec:04:20:1c:4e:45:64:4a:ab:85:1b:6e:d8:5a:79:a7:17:cf:
3e:c9:c8:b4:6c:53:1f:13:b8:36:00:11:34:b6:40:a1:23:58:
18:aa:e5:fd:15:ba:d6:3c:d7:c3:c1:66:87:ba:87:8c:4f:13:
0a:01:8e:ce:f2:12:99:4e:f2:3f:b2:8f:54:f0:ec:26:2a:2f:
a7:86:b4:cd:cc:cc:1d:59:07:37:a7:db:0e:bc:07:b6:1f:0b:
d5:cc:bc:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQm2WO5+jtfalLBsuPOGQe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzNiMzQ3YTIxNmJjNDM3YjBiZDRjZjBiYzhjZGE2NWU4
YzJkM2IwHhcNMjUwMTAyMTE0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY2MzczODc1NzRlYTI0MzZhMjQxYzkwYmZjNWVjM2ZlNWNkMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzizWSz+BFDA2qsezg6c2PacqwP1D
52x8xlB9jgEVrVHjx4m4dQ203W6nT5lCupivXDJ+42vYr2unoj10umH9zeiFEi3k
TXdtv05x03P6teM8wjpvyeterQY+FkWHbPhooemQ1ENDWO31RAIcS6CqoCzyUyP7
6r9TJLIcHs+sBwgRl39iZqHBi0UMpFEj6iE2RU+1nDPveEDg4cyHq5SUNObvHocf
r4zjnzc338dZXyjA/gK4x8ESlVnUsX0ljUQ5g4PHv3S7fDBJWT2aws/ooz6U6nFD
y1VptYxu/DWh+fg2aNJM2aUhX4qqC0Nmp9Rxo5UkZr3Nxzf9o5aw4IOnzQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJZmNzh1dOokNqJByQv8XsP+XNC2MB8GA1UdIwQY
MBaAFM7Ds0eiFrxDewvUzwvIzaZejC07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYt
MTU1ZmIzZmUyODdlLzEvbG1ZM09IVjA2aVEyb2tISkNfeGV3XzVjMExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYtMTU1ZmIzZmUyODdl
LzEvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANbZrgD
BABbZrowDQYJKoZIhvcNAQELBQADggEBAEtacBZC/xzVLipvifqMgeFt7vlfeTvf
qxuDFtaZYgnfwTpDHLUYmtACjuNn7DxnNkpALBk1BlEOCCwBggs1x4KU9Hk9bdu/
Qvaj9WppTUvDD7xqWt1s9FOoXS2snGZy5b0gPqzdFiz01gkT8CnK3hrNPiRxz6rU
BUqELV3GslKq5x2nZPwi6Fs0nYae5gaG68jcfD4DILmGjLMPMm72o/jZu+wEIBxO
RWRKq4UbbthaeacXzz7JyLRsUx8TuDYAETS2QKEjWBiq5f0VutY818PBZoe6h4xP
EwoBjs7yEplO8j+yj1Tw7CYqL6eGtM3MzB1ZBzen2w68B7YfC9XMvJk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:43 2025 by rpki-client