Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/0f4168-7deb-4544-ac81-485d832a5f82/1/lu4CXeH14G3mXj5GUScERmL7f5w.roa
File: lu4CXeH14G3mXj5GUScERmL7f5w.roa (raw, json)
Hash identifier: Fj3VqCkbbeRzHiRO9XV7VObWNnGtqHjEeVw/Accb4zw=
Subject key identifier: 96:EE:02:5D:E1:F5:E0:6D:E6:5E:3E:46:51:27:04:46:62:FB:7F:9C
Certificate issuer: /CN=4101e106a9ca7b14a67ab40277836a18c2f710be
Certificate serial: 018CF5DFE872FE28AEA35B1E7A3649BD44CF
Authority key identifier: 41:01:E1:06:A9:CA:7B:14:A6:7A:B4:02:77:83:6A:18:C2:F7:10:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQHhBqnKexSmerQCd4NqGML3EL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/0f4168-7deb-4544-ac81-485d832a5f82/1/lu4CXeH14G3mXj5GUScERmL7f5w.roa
Signing time: Thu 11 Jan 2024 00:15:41 +0000
ROA not before: Thu 11 Jan 2024 00:15:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204316
IP address blocks: 176.118.162.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:df:e8:72:fe:28:ae:a3:5b:1e:7a:36:49:bd:44:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4101e106a9ca7b14a67ab40277836a18c2f710be
Validity
Not Before: Jan 11 00:15:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96ee025de1f5e06de65e3e465127044662fb7f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bd:43:a8:34:b5:d3:f0:a2:3b:f6:3a:76:40:
1d:71:13:cf:6c:b6:89:e5:ca:26:01:4d:31:55:37:
c1:cd:32:d3:00:1d:40:bf:81:a1:8e:51:5d:c7:75:
f2:69:80:f7:9f:81:3d:e1:8d:0a:df:f2:72:b0:cf:
a6:53:ed:21:92:3c:b0:26:97:c7:a2:9c:bb:c5:0e:
a0:b5:fb:25:e2:10:df:d3:8d:87:98:c9:2f:f6:65:
49:a2:60:d3:03:85:20:c1:0f:f5:dc:ca:5d:60:43:
e0:0c:6c:4d:06:41:00:59:c9:69:6d:55:67:50:35:
f3:66:b9:70:11:89:ab:47:84:e6:47:9e:e0:3e:26:
a6:80:e9:48:06:aa:14:5d:67:72:9a:95:6f:79:82:
4a:cf:dc:82:a4:dd:96:52:f1:f8:62:4e:88:9f:f2:
50:85:df:6a:a0:d7:fe:8b:79:7e:56:2f:72:a9:35:
ef:17:36:a2:6e:1e:3d:c5:b1:f9:4e:a7:a1:b7:22:
10:a8:fa:a0:19:ed:99:ae:d7:5d:53:99:a3:84:bb:
70:f1:47:fd:f3:86:2f:1f:34:c9:82:74:00:e3:18:
4a:a6:c1:be:5f:23:33:bf:b6:55:af:58:5f:53:d0:
af:1e:34:fd:83:e6:a9:14:97:de:38:e2:00:9a:3e:
14:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:EE:02:5D:E1:F5:E0:6D:E6:5E:3E:46:51:27:04:46:62:FB:7F:9C
X509v3 Authority Key Identifier:
keyid:41:01:E1:06:A9:CA:7B:14:A6:7A:B4:02:77:83:6A:18:C2:F7:10:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQHhBqnKexSmerQCd4NqGML3EL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/0f4168-7deb-4544-ac81-485d832a5f82/1/lu4CXeH14G3mXj5GUScERmL7f5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/0f4168-7deb-4544-ac81-485d832a5f82/1/QQHhBqnKexSmerQCd4NqGML3EL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.162.0/23
Signature Algorithm: sha256WithRSAEncryption
59:e5:4d:46:0f:3f:69:4a:d3:da:92:3d:f8:1e:28:4d:fa:b2:
78:5f:72:01:3f:33:8a:b9:12:d0:e0:47:e8:76:9a:0e:49:77:
10:e6:46:53:79:ef:b8:3f:d2:ba:67:2b:a5:b9:39:73:41:37:
83:47:bc:e3:60:b8:6b:d5:b5:88:62:48:b8:22:41:4e:c2:c9:
1d:9b:1d:01:b5:02:62:c7:9f:b4:09:a0:2a:3f:97:15:49:12:
6b:78:1b:6f:ac:1f:fc:33:b3:4b:f4:25:0a:a2:e6:9e:d9:35:
b1:13:56:2d:1c:7a:dc:0d:c6:7e:2a:26:9b:bc:42:3b:32:b2:
fa:8e:cb:af:29:5a:b5:d9:fc:5d:98:60:d9:ea:9c:58:2e:b9:
6c:c4:63:6b:9a:58:5f:a1:dd:0e:e8:1e:d2:95:69:a8:a8:c4:
82:ee:dc:dd:74:70:5b:d1:4c:5f:10:73:81:8b:71:44:eb:ca:
29:c3:9a:bd:9a:f1:a6:cf:c7:88:25:42:92:0e:37:6e:23:7c:
3b:4e:72:ad:d2:4e:8a:f7:cb:bc:24:05:f2:d4:34:cf:e0:d7:
24:df:e8:33:50:1c:35:3d:58:26:f6:be:4b:03:7c:e3:d2:38:
ba:90:9c:3e:28:02:92:79:21:d3:7d:ec:2b:84:d0:10:57:32:
39:b6:e0:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz13+hy/iiuo1seejZJvUTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDFlMTA2YTljYTdiMTRhNjdhYjQwMjc3ODM2YTE4YzJm
NzEwYmUwHhcNMjQwMTExMDAxNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmVlMDI1ZGUxZjVlMDZkZTY1ZTNlNDY1MTI3MDQ0NjYyZmI3ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL1DqDS10/CiO/Y6dkAdcRPPbLaJ
5comAU0xVTfBzTLTAB1Av4GhjlFdx3XyaYD3n4E94Y0K3/JysM+mU+0hkjywJpfH
opy7xQ6gtfsl4hDf042HmMkv9mVJomDTA4UgwQ/13MpdYEPgDGxNBkEAWclpbVVn
UDXzZrlwEYmrR4TmR57gPiamgOlIBqoUXWdympVveYJKz9yCpN2WUvH4Yk6In/JQ
hd9qoNf+i3l+Vi9yqTXvFzaibh49xbH5TqehtyIQqPqgGe2ZrtddU5mjhLtw8Uf9
84YvHzTJgnQA4xhKpsG+XyMzv7ZVr1hfU9CvHjT9g+apFJfeOOIAmj4UGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbuAl3h9eBt5l4+RlEnBEZi+3+cMB8GA1UdIwQY
MBaAFEEB4QapynsUpnq0AneDahjC9xC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFIaEJxbktleFNtZXJRQ2Q0TnFHTUwzRUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wZjQxNjgtN2RlYi00NTQ0LWFjODEt
NDg1ZDgzMmE1ZjgyLzEvbHU0Q1hlSDE0RzNtWGo1R1VTY0VSbUw3ZjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wZjQxNjgtN2RlYi00NTQ0LWFjODEtNDg1ZDgzMmE1Zjgy
LzEvUVFIaEJxbktleFNtZXJRQ2Q0TnFHTUwzRUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHaiMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ5U1GDz9pStPakj34HihN+rJ4X3IBPzOKuRLQ4Efo
dpoOSXcQ5kZTee+4P9K6ZyuluTlzQTeDR7zjYLhr1bWIYki4IkFOwskdmx0BtQJi
x5+0CaAqP5cVSRJreBtvrB/8M7NL9CUKouae2TWxE1YtHHrcDcZ+KiabvEI7MrL6
jsuvKVq12fxdmGDZ6pxYLrlsxGNrmlhfod0O6B7SlWmoqMSC7tzddHBb0UxfEHOB
i3FE68opw5q9mvGmz8eIJUKSDjduI3w7TnKt0k6K98u8JAXy1DTP4Nck3+gzUBw1
PVgm9r5LA3zj0ji6kJw+KAKSeSHTfewrhNAQVzI5tuCo
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:22 2025 by rpki-client