Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/LH296LDhp0NpN03CH_7AHdgR3oI.roa
File: LH296LDhp0NpN03CH_7AHdgR3oI.roa (raw, json)
Hash identifier: qAJE9H4UZQpnTPu/wSPVu/T3NkJCWO2jzw0tvYQKVPE=
Subject key identifier: 2C:7D:BD:E8:B0:E1:A7:43:69:37:4D:C2:1F:FE:C0:1D:D8:11:DE:82
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019428260B0CB3B092A903269AD05BFB489E
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/LH296LDhp0NpN03CH_7AHdgR3oI.roa
Signing time: Thu 02 Jan 2025 17:52:49 +0000
ROA not before: Thu 02 Jan 2025 17:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 188.191.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:0b:0c:b3:b0:92:a9:03:26:9a:d0:5b:fb:48:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 17:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c7dbde8b0e1a74369374dc21ffec01dd811de82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b0:b6:a8:56:ed:1d:86:ef:e2:de:5d:b2:87:
20:7d:bf:5d:ce:0a:20:2d:ec:90:57:b5:ee:b7:ff:
27:79:00:f5:1e:cc:ee:c1:20:9d:55:1a:74:eb:4a:
d7:c5:72:f5:7c:0e:9e:85:4c:e3:8c:17:f2:84:71:
c7:1f:bc:46:6b:73:63:c1:7e:ab:ee:ef:b5:c9:ef:
75:6d:b7:0e:b2:13:a0:9a:5d:f1:ab:ac:77:0c:bc:
0b:55:3b:9d:7e:be:75:fa:a0:e7:1f:f7:60:f9:78:
27:fc:2b:99:22:b0:2e:2d:8e:03:4f:31:6a:dc:1a:
e6:46:85:a4:da:0a:68:b6:78:0a:a1:fc:98:52:aa:
e5:06:6b:b8:3e:84:c3:fe:9d:c3:c2:0f:6d:e5:b7:
3c:6e:ab:d4:66:ce:fc:c0:93:eb:3e:22:d2:2d:ed:
d4:9f:e6:3f:da:59:43:72:69:1a:f2:09:0a:a3:79:
81:bb:c8:ec:a2:4c:1c:be:57:eb:a8:a0:5d:ec:8d:
47:99:17:23:64:0d:5b:43:e3:95:16:61:2d:fe:3d:
ac:94:2f:6e:09:7f:e0:1e:2a:c4:a0:f5:98:c9:c7:
7b:56:f0:10:c3:d3:57:5a:2c:36:03:79:ad:da:55:
de:0d:1c:a4:f1:a3:3a:cd:eb:8a:87:7a:f4:7e:f3:
3d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7D:BD:E8:B0:E1:A7:43:69:37:4D:C2:1F:FE:C0:1D:D8:11:DE:82
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/LH296LDhp0NpN03CH_7AHdgR3oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.104.0/24
Signature Algorithm: sha256WithRSAEncryption
22:28:c1:20:0e:e6:77:06:c0:3c:d9:5a:ec:34:8d:91:dd:17:
37:0a:53:f1:db:e4:23:27:a8:09:fe:0e:73:b4:b2:fe:b9:09:
f0:5a:05:55:52:90:37:b9:63:e8:c1:66:61:7a:95:2a:42:27:
a4:93:a7:af:d3:16:7e:82:43:57:1f:4c:11:50:62:cb:18:12:
50:18:58:33:88:5e:f5:fc:5f:14:5c:71:2c:d7:2b:60:14:b5:
9f:a6:da:46:6e:c0:8a:64:82:83:ac:73:c9:04:c7:ea:fa:59:
77:79:e3:2a:a3:dc:71:de:d7:0a:fa:3e:18:44:6c:42:12:54:
d3:4b:38:7c:45:12:45:3c:3f:2a:ef:16:2a:c6:2d:a0:00:93:
d6:67:d9:e5:e5:4b:1d:ee:28:c8:cb:39:18:8c:21:89:48:93:
f4:41:82:44:36:32:15:db:84:f1:89:18:80:d1:95:3d:11:be:
b2:8a:72:ae:76:b2:52:5d:6c:b1:d1:ab:63:4d:4d:ef:9e:86:
ae:1c:53:76:bd:83:0a:1c:e3:50:49:9b:6c:8c:45:a6:2d:0b:
fd:c1:01:0c:31:a3:bd:cf:e1:05:c4:f0:23:4c:30:e9:4f:d4:
60:29:84:c6:13:d0:f2:73:b0:0c:d3:68:5a:1c:1e:16:1e:fa:
b8:6d:cc:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJgsMs7CSqQMmmtBb+0ieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTAyMTc1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdkYmRlOGIwZTFhNzQzNjkzNzRkYzIxZmZlYzAxZGQ4MTFkZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7C2qFbtHYbv4t5dsocgfb9dzgog
LeyQV7Xut/8neQD1HszuwSCdVRp060rXxXL1fA6ehUzjjBfyhHHHH7xGa3NjwX6r
7u+1ye91bbcOshOgml3xq6x3DLwLVTudfr51+qDnH/dg+Xgn/CuZIrAuLY4DTzFq
3BrmRoWk2gpotngKofyYUqrlBmu4PoTD/p3Dwg9t5bc8bqvUZs78wJPrPiLSLe3U
n+Y/2llDcmka8gkKo3mBu8jsokwcvlfrqKBd7I1HmRcjZA1bQ+OVFmEt/j2slC9u
CX/gHirEoPWYycd7VvAQw9NXWiw2A3mt2lXeDRyk8aM6zeuKh3r0fvM9/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCx9veiw4adDaTdNwh/+wB3YEd6CMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvTEgyOTZMRGhwME5wTjAzQ0hfN0FIZGdSM29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9oMA0G
CSqGSIb3DQEBCwUAA4IBAQAiKMEgDuZ3BsA82VrsNI2R3Rc3ClPx2+QjJ6gJ/g5z
tLL+uQnwWgVVUpA3uWPowWZhepUqQiekk6ev0xZ+gkNXH0wRUGLLGBJQGFgziF71
/F8UXHEs1ytgFLWfptpGbsCKZIKDrHPJBMfq+ll3eeMqo9xx3tcK+j4YRGxCElTT
Szh8RRJFPD8q7xYqxi2gAJPWZ9nl5Usd7ijIyzkYjCGJSJP0QYJENjIV24TxiRiA
0ZU9Eb6yinKudrJSXWyx0atjTU3vnoauHFN2vYMKHONQSZtsjEWmLQv9wQEMMaO9
z+EFxPAjTDDpT9RgKYTGE9Dyc7AM02haHB4WHvq4bcx9
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:14 2025 by rpki-client