Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/lbrvceKa4Rz1AWKrp3EUvBqHen8.roa
File: lbrvceKa4Rz1AWKrp3EUvBqHen8.roa (raw, json)
Hash identifier: 6Mev5ccmnOHvCLiN97ULzeThBX6eoHe4JOt5gh/d7EA=
Subject key identifier: 95:BA:EF:71:E2:9A:E1:1C:F5:01:62:AB:A7:71:14:BC:1A:87:7A:7F
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018DC0D3CC97BF9A2D0EE14503D6CCF3BEC5
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/lbrvceKa4Rz1AWKrp3EUvBqHen8.roa
Signing time: Mon 19 Feb 2024 10:05:22 +0000
ROA not before: Mon 19 Feb 2024 10:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206119
IP address blocks: 82.206.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:d3:cc:97:bf:9a:2d:0e:e1:45:03:d6:cc:f3:be:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 19 10:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95baef71e29ae11cf50162aba77114bc1a877a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:10:ae:2a:8a:95:69:b5:35:ea:eb:ad:66:b1:
71:db:2d:df:d3:8b:8d:3e:13:ba:79:02:e6:09:48:
de:c8:49:4e:e7:0a:39:1c:59:85:5f:b0:0f:0e:23:
25:93:92:e2:9e:e8:8d:10:12:24:2e:28:4c:05:48:
90:ba:20:7f:3f:fe:b1:8f:17:c2:5f:d3:00:7c:02:
68:cc:99:98:b2:b2:21:b6:ea:52:b9:d1:51:fc:dc:
5e:78:6d:50:a2:27:f4:61:3e:a5:7e:a1:8f:c6:55:
a4:14:4a:a8:41:9b:15:ec:0e:74:50:d5:f0:0a:df:
5b:6f:de:db:32:35:b8:6c:13:d9:ab:c8:2e:70:af:
47:d0:0e:e2:31:7d:47:7f:4a:1d:f7:30:7f:bf:ee:
bc:df:e6:5a:0f:60:2e:75:b8:f8:8e:f1:a6:d1:ce:
09:5e:28:14:bf:3d:5c:e4:92:bd:ed:89:3a:cd:50:
b8:ef:5f:25:1c:1c:aa:03:8d:f8:12:21:c1:8a:87:
f0:7e:4d:9a:68:90:08:6e:3e:73:45:a5:dc:6c:45:
8b:ab:bf:ac:0e:5d:bf:44:43:33:71:7f:27:eb:ae:
d7:1f:60:69:0c:53:ec:7a:a5:07:04:6c:c9:5c:75:
07:26:02:9c:93:05:5e:c4:bb:4d:bd:71:de:88:01:
ef:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BA:EF:71:E2:9A:E1:1C:F5:01:62:AB:A7:71:14:BC:1A:87:7A:7F
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/lbrvceKa4Rz1AWKrp3EUvBqHen8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.72.0/21
Signature Algorithm: sha256WithRSAEncryption
59:f7:9c:16:18:f0:54:5a:c5:ff:01:f7:00:3b:fe:dd:a9:d5:
6f:5d:fa:ce:f5:d1:ce:1e:52:64:8b:a9:6f:fe:91:e8:12:e1:
39:00:c9:5d:8c:17:d1:9a:db:c7:7e:17:de:79:0b:e0:11:e3:
c9:4c:d2:56:eb:87:e1:83:4c:7c:63:1b:cb:c4:bc:20:7b:89:
5f:0d:04:04:dc:63:41:07:ab:3a:ed:3e:ed:f9:74:d6:ac:70:
06:29:9f:d4:ec:c7:4b:ec:08:9e:62:1f:de:b4:90:47:32:e5:
35:0a:f5:ed:44:80:1c:5d:eb:6b:92:94:a7:9d:d4:02:de:7e:
c7:85:4e:be:ff:3f:78:c7:4d:32:bd:dc:d4:3c:6d:f3:fb:cd:
2b:6a:de:34:4a:5c:69:5b:2e:4d:02:22:d4:49:fd:ae:ac:1f:
7e:db:d1:6f:42:01:58:cd:db:0e:f5:20:cd:57:1c:57:d5:05:
4d:c2:13:af:dc:60:f5:9b:ff:c2:7f:0a:7c:a2:2d:07:11:f4:
b1:76:0d:eb:1a:4d:d0:78:d3:0b:b8:2c:9e:d9:ce:06:fe:5c:
77:eb:c1:46:6d:58:ff:cb:63:41:86:c6:63:42:5f:6a:74:80:
05:6e:10:64:ff:d9:32:2a:21:3a:57:fe:2b:dc:9e:35:b6:73:
62:6e:58:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3A08yXv5otDuFFA9bM877FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwMjE5MTAwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJhZWY3MWUyOWFlMTFjZjUwMTYyYWJhNzcxMTRiYzFhODc3YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhCuKoqVabU16uutZrFx2y3f04uN
PhO6eQLmCUjeyElO5wo5HFmFX7APDiMlk5LinuiNEBIkLihMBUiQuiB/P/6xjxfC
X9MAfAJozJmYsrIhtupSudFR/NxeeG1Qoif0YT6lfqGPxlWkFEqoQZsV7A50UNXw
Ct9bb97bMjW4bBPZq8gucK9H0A7iMX1Hf0od9zB/v+683+ZaD2Audbj4jvGm0c4J
XigUvz1c5JK97Yk6zVC4718lHByqA434EiHBiofwfk2aaJAIbj5zRaXcbEWLq7+s
Dl2/REMzcX8n667XH2BpDFPseqUHBGzJXHUHJgKckwVexLtNvXHeiAHvnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJW673HimuEc9QFiq6dxFLwah3p/MB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvbGJydmNlS2E0UnoxQVdLcnAzRVV2QnFIZW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs5IMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ95wWGPBUWsX/AfcAO/7dqdVvXfrO9dHOHlJki6lv
/pHoEuE5AMldjBfRmtvHfhfeeQvgEePJTNJW64fhg0x8YxvLxLwge4lfDQQE3GNB
B6s67T7t+XTWrHAGKZ/U7MdL7AieYh/etJBHMuU1CvXtRIAcXetrkpSnndQC3n7H
hU6+/z94x00yvdzUPG3z+80rat40SlxpWy5NAiLUSf2urB9+29FvQgFYzdsO9SDN
VxxX1QVNwhOv3GD1m//Cfwp8oi0HEfSxdg3rGk3QeNMLuCye2c4G/lx368FGbVj/
y2NBhsZjQl9qdIAFbhBk/9kyKiE6V/4r3J41tnNiblhe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:17 2025 by rpki-client