Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/LS10qJyaRDsm6Bs31oDk6PmgVNU.roa
File: LS10qJyaRDsm6Bs31oDk6PmgVNU.roa (raw, json)
Hash identifier: RM4vt5ep/vO9ay8durizq+gnq7VpNBtBC9BHsw621mU=
Subject key identifier: 2D:2D:74:A8:9C:9A:44:3B:26:E8:1B:37:D6:80:E4:E8:F9:A0:54:D5
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019537F16B2CCDC158C4847083FBF1D88448
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/LS10qJyaRDsm6Bs31oDk6PmgVNU.roa
Signing time: Mon 24 Feb 2025 12:32:03 +0000
ROA not before: Mon 24 Feb 2025 12:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 217.177.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:f1:6b:2c:cd:c1:58:c4:84:70:83:fb:f1:d8:84:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 24 12:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d2d74a89c9a443b26e81b37d680e4e8f9a054d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:78:c5:7f:be:0b:47:9c:c5:4e:f2:c3:db:
0d:57:4c:a1:91:a4:2a:c3:ba:bf:39:5d:72:ff:da:
b6:e3:4d:32:6f:13:f7:51:72:f1:7d:57:3e:72:65:
8c:4a:09:dd:05:75:d4:49:13:89:d6:2c:a0:50:e0:
92:bc:81:05:70:9a:e5:2e:83:e0:74:f1:27:5d:1a:
9f:32:c6:df:b2:aa:26:64:08:7c:65:e4:e1:1b:8e:
5c:43:56:b4:7e:96:db:e2:00:10:ef:5f:d4:0a:a4:
23:a6:cf:68:2c:77:1e:60:da:88:4e:1d:ff:18:18:
38:2a:77:32:b2:cc:b1:a2:e2:94:ee:95:86:0e:a3:
c9:22:4b:b5:65:55:0d:48:4f:39:0c:6c:04:1a:a4:
8a:ef:e9:e9:32:14:1f:38:a5:2f:25:2d:40:1c:b4:
cd:e3:10:1e:48:a2:c6:05:2a:86:33:4c:cf:c0:2f:
54:5d:39:9a:f6:06:b1:92:ed:06:90:41:bc:c1:4b:
60:2f:95:ea:42:f8:b5:f7:aa:2b:9b:fc:8d:0f:5f:
47:b6:46:ef:0c:8e:dd:38:b6:65:07:76:90:af:05:
a2:2c:d0:8f:a8:d2:e3:3a:67:19:1e:a0:c4:77:63:
da:44:6e:38:db:b6:e1:f8:cf:48:8f:58:46:85:2d:
ab:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2D:74:A8:9C:9A:44:3B:26:E8:1B:37:D6:80:E4:E8:F9:A0:54:D5
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/LS10qJyaRDsm6Bs31oDk6PmgVNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.35.0/24
Signature Algorithm: sha256WithRSAEncryption
79:8e:79:dd:ee:ff:5f:ad:0f:db:67:93:cc:61:00:e1:fa:76:
3e:b4:92:00:1f:62:63:0f:87:2b:c8:ff:f1:5f:20:ea:3e:b0:
59:74:ee:98:6a:9e:20:e6:f9:9c:1c:60:ab:86:65:8a:0c:ba:
71:62:8a:42:8c:9c:bb:55:76:4f:77:a2:1f:28:fb:74:8a:84:
b9:3d:ed:a5:db:90:c2:68:66:69:e1:fe:42:87:1f:1f:e4:01:
59:17:17:7f:ab:4f:d4:c4:50:5e:a8:d0:f9:a8:d7:a3:64:ee:
5b:b7:e8:8b:0c:a5:44:d6:be:17:d8:20:58:cb:82:b0:3d:0a:
91:7e:61:ab:f7:67:aa:78:0b:94:92:37:1f:c2:38:1e:58:6c:
d2:8d:4a:4d:b0:1f:76:33:bc:a8:19:b3:b7:e0:dc:4f:47:de:
8c:9e:1f:81:84:7f:cb:1e:86:89:4c:77:44:92:fe:a8:3a:6c:
f7:2b:5b:2f:ad:98:ea:b9:52:a3:28:a9:55:82:90:a8:1c:2f:
b4:40:c5:46:a6:41:db:7b:e9:8e:b3:bd:1c:12:3c:48:f8:b9:
9d:63:ef:78:50:14:28:35:43:c5:bc:3c:2d:df:1f:eb:bf:17:
39:65:71:28:fb:dc:a4:0e:49:b3:91:52:64:f3:f5:71:54:b4:
0c:e3:6e:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU38WsszcFYxIRwg/vx2IRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjI0MTIzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJkNzRhODljOWE0NDNiMjZlODFiMzdkNjgwZTRlOGY5YTA1NGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynp4xX++C0ecxU7yw9sNV0yhkaQq
w7q/OV1y/9q2400ybxP3UXLxfVc+cmWMSgndBXXUSROJ1iygUOCSvIEFcJrlLoPg
dPEnXRqfMsbfsqomZAh8ZeThG45cQ1a0fpbb4gAQ71/UCqQjps9oLHceYNqITh3/
GBg4KncyssyxouKU7pWGDqPJIku1ZVUNSE85DGwEGqSK7+npMhQfOKUvJS1AHLTN
4xAeSKLGBSqGM0zPwC9UXTma9gaxku0GkEG8wUtgL5XqQvi196orm/yND19Htkbv
DI7dOLZlB3aQrwWiLNCPqNLjOmcZHqDEd2PaRG4427bh+M9Ij1hGhS2rpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0tdKicmkQ7JugbN9aA5Oj5oFTVMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvTFMxMHFKeWFSRHNtNkJzMzFvRGs2UG1nVk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2bEjMA0G
CSqGSIb3DQEBCwUAA4IBAQB5jnnd7v9frQ/bZ5PMYQDh+nY+tJIAH2JjD4cryP/x
XyDqPrBZdO6Yap4g5vmcHGCrhmWKDLpxYopCjJy7VXZPd6IfKPt0ioS5Pe2l25DC
aGZp4f5Chx8f5AFZFxd/q0/UxFBeqND5qNejZO5bt+iLDKVE1r4X2CBYy4KwPQqR
fmGr92eqeAuUkjcfwjgeWGzSjUpNsB92M7yoGbO34NxPR96Mnh+BhH/LHoaJTHdE
kv6oOmz3K1svrZjquVKjKKlVgpCoHC+0QMVGpkHbe+mOs70cEjxI+LmdY+94UBQo
NUPFvDwt3x/rvxc5ZXEo+9ykDkmzkVJk8/VxVLQM427H
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:46:48 2025 by rpki-client