Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/lEoyS4txP0weBenKRAakaaQoJ0w.roa
File: lEoyS4txP0weBenKRAakaaQoJ0w.roa (raw, json)
Hash identifier: 9vQfOuOOKN7s8vhNqYMjcu3BCBSfP8Yeb3igjaSrt/E=
Subject key identifier: 94:4A:32:4B:8B:71:3F:4C:1E:05:E9:CA:44:06:A4:69:A4:28:27:4C
Certificate issuer: /CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Certificate serial: 0186705BB5190DBDB2DA0121398A2308E8B4
Authority key identifier: B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/lEoyS4txP0weBenKRAakaaQoJ0w.roa
Signing time: Mon 20 Feb 2023 19:45:03 +0000
ROA not before: Mon 20 Feb 2023 19:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 176.53.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:5b:b5:19:0d:bd:b2:da:01:21:39:8a:23:08:e8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Validity
Not Before: Feb 20 19:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=944a324b8b713f4c1e05e9ca4406a469a428274c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cb:52:50:6a:e8:f9:d9:2c:2d:0a:4a:b1:b9:
cf:7e:4a:2a:a2:f8:18:00:3d:cc:e7:7d:17:61:de:
21:d4:c0:f0:ba:25:9c:d9:69:95:1c:75:7b:90:99:
5d:ba:0e:4e:7b:f1:4d:be:e2:0f:ba:76:bc:fc:45:
19:7a:67:a6:11:52:97:3e:e7:f2:52:6c:60:2e:35:
1f:69:61:b7:fb:c3:0b:b9:42:7c:17:81:93:bc:26:
91:cb:da:7d:2c:9c:e3:a3:e5:95:c6:bd:c3:5f:be:
d1:85:2d:5e:55:e0:16:70:d1:5b:d6:d8:89:60:e8:
b2:cc:1c:fb:da:d3:5f:f9:f4:c0:74:b9:8e:d0:7f:
90:3f:7c:88:ba:75:dc:80:54:ac:6b:ec:28:a6:c7:
23:31:4f:09:bb:8d:80:54:30:e9:08:5a:7b:fc:c6:
48:e0:4a:c0:e0:70:fb:32:2d:8e:24:34:60:60:3c:
b7:e6:c1:5f:78:92:48:1a:59:e7:0d:8f:a4:91:b2:
3c:5f:da:0a:a7:77:47:90:72:d8:86:02:9c:43:08:
5d:a5:bb:26:fc:71:d7:85:b1:cf:1a:50:12:4f:5d:
8c:96:8f:8c:a8:d2:36:bd:70:59:3a:2b:71:fd:f4:
1d:1b:6d:35:a7:6c:aa:5e:b1:6b:13:45:69:48:c8:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4A:32:4B:8B:71:3F:4C:1E:05:E9:CA:44:06:A4:69:A4:28:27:4C
X509v3 Authority Key Identifier:
keyid:B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/lEoyS4txP0weBenKRAakaaQoJ0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tSBEnURVz3icZOpjy_SPw7ssdmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.146.0/24
Signature Algorithm: sha256WithRSAEncryption
47:12:7d:e6:13:c1:d9:af:e8:c5:2a:87:81:03:bb:76:9a:3f:
12:49:a1:7b:06:63:d0:d7:f6:4c:76:05:c3:98:4c:7f:68:9f:
70:8a:7b:32:b9:e3:e7:89:c9:e9:94:9d:8c:aa:01:ca:47:bd:
7e:b6:25:81:0d:34:bc:f3:f6:8d:47:be:02:fa:05:b3:b2:1d:
93:0f:e7:6c:1a:ee:71:1f:c2:30:68:d8:45:3e:f1:6e:f8:0e:
f8:ad:3d:da:45:67:59:a4:81:15:12:ba:a3:8f:75:14:22:c6:
6f:c3:4b:48:09:73:da:f7:70:49:68:fc:6c:6f:b2:80:27:6a:
01:79:62:81:b9:02:ce:7c:2b:bc:a4:15:85:bc:04:1f:97:cc:
11:14:ff:73:01:ed:d8:c2:34:78:cd:14:0b:38:15:18:98:39:
67:65:77:d0:db:d3:61:77:f1:91:c9:e8:49:67:71:58:20:86:
9e:fa:ec:0c:21:dc:22:e6:8c:41:2b:a8:80:3c:d7:39:1f:6a:
08:24:63:ca:a8:5b:50:cf:80:ab:6e:b6:a3:a5:9f:f1:dd:6d:
a0:8b:e3:9b:8f:c4:9b:f0:94:82:af:d7:0c:a0:b9:f2:6c:1d:
2e:98:bf:46:47:6d:ec:02:38:82:04:bf:4d:72:e3:1c:37:60:
ec:41:9c:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZwW7UZDb2y2gEhOYojCOi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjA0NDlkNDQ1NWNmNzg5YzY0ZWE2M2NiZjQ4ZmMzYmIy
Yzc2NmEwHhcNMjMwMjIwMTk0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDRhMzI0YjhiNzEzZjRjMWUwNWU5Y2E0NDA2YTQ2OWE0MjgyNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMtSUGro+dksLQpKsbnPfkoqovgY
AD3M530XYd4h1MDwuiWc2WmVHHV7kJldug5Oe/FNvuIPuna8/EUZememEVKXPufy
UmxgLjUfaWG3+8MLuUJ8F4GTvCaRy9p9LJzjo+WVxr3DX77RhS1eVeAWcNFb1tiJ
YOiyzBz72tNf+fTAdLmO0H+QP3yIunXcgFSsa+wopscjMU8Ju42AVDDpCFp7/MZI
4ErA4HD7Mi2OJDRgYDy35sFfeJJIGlnnDY+kkbI8X9oKp3dHkHLYhgKcQwhdpbsm
/HHXhbHPGlAST12Mlo+MqNI2vXBZOitx/fQdG201p2yqXrFrE0VpSMhRAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRKMkuLcT9MHgXpykQGpGmkKCdMMB8GA1UdIwQY
MBaAFLUgRJ1EVc94nGTqY8v0j8O7LHZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODIt
YTE0ZDg1Zjk5NWNiLzEvbEVveVM0dHhQMHdlQmVuS1JBYWthYVFvSjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODItYTE0ZDg1Zjk5NWNi
LzEvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDWSMA0G
CSqGSIb3DQEBCwUAA4IBAQBHEn3mE8HZr+jFKoeBA7t2mj8SSaF7BmPQ1/ZMdgXD
mEx/aJ9winsyuePnicnplJ2MqgHKR71+tiWBDTS88/aNR74C+gWzsh2TD+dsGu5x
H8IwaNhFPvFu+A74rT3aRWdZpIEVErqjj3UUIsZvw0tICXPa93BJaPxsb7KAJ2oB
eWKBuQLOfCu8pBWFvAQfl8wRFP9zAe3YwjR4zRQLOBUYmDlnZXfQ29Nhd/GRyehJ
Z3FYIIae+uwMIdwi5oxBK6iAPNc5H2oIJGPKqFtQz4CrbrajpZ/x3W2gi+Obj8Sb
8JSCr9cMoLnybB0umL9GR23sAjiCBL9NcuMcN2DsQZzY
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:19 2025 by rpki-client