Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/LhIZCG0I4IKSxdWXaX-dtbDd8UI.roa
File: LhIZCG0I4IKSxdWXaX-dtbDd8UI.roa (raw, json)
Hash identifier: qApodQ+83Qcw6qBJUq7qwp+C7m/b5WrqYerlrdkSo0A=
Subject key identifier: 2E:12:19:08:6D:08:E0:82:92:C5:D5:97:69:7F:9D:B5:B0:DD:F1:42
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 01937CD23084AD1153750D46BA671C0FE9EF
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/LhIZCG0I4IKSxdWXaX-dtbDd8UI.roa
Signing time: Sat 30 Nov 2024 11:26:09 +0000
ROA not before: Sat 30 Nov 2024 11:26:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202512
IP address blocks: 2a0e:1cc0:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7c:d2:30:84:ad:11:53:75:0d:46:ba:67:1c:0f:e9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Nov 30 11:26:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e1219086d08e08292c5d597697f9db5b0ddf142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:f7:df:fb:0f:75:58:7b:78:cd:c6:ee:89:
c0:4a:88:4e:97:ef:59:28:e6:76:b8:76:19:34:92:
7b:74:01:4d:dc:38:8d:91:35:70:96:ec:f5:37:4a:
66:d8:87:eb:d7:19:77:d1:7c:5c:f5:88:9a:b2:ad:
11:b0:1f:4d:89:6a:5e:63:3d:ca:65:b8:3c:bc:9a:
9d:e2:23:d5:ca:9d:ea:ef:88:ef:ca:eb:8e:5e:c5:
1a:b6:fb:dc:58:e2:48:d1:37:ce:50:94:40:9f:78:
f3:13:66:93:1a:9c:24:1f:65:5d:05:8a:77:7c:a7:
47:10:66:5b:dc:93:10:81:bf:52:2e:dc:21:b9:25:
3f:83:a8:59:fa:c3:39:2e:86:c5:fb:02:0e:a6:57:
9c:ec:d0:13:7a:b5:78:70:69:6a:6e:e5:26:6f:ea:
29:3a:2a:45:d9:94:20:2f:28:5f:a9:00:c1:87:8a:
3a:49:b6:01:f6:29:b6:1a:9c:d3:8f:08:6b:56:2e:
f8:42:28:e5:b3:08:3f:37:3b:4b:8a:5e:ca:fb:6a:
ac:76:30:2a:9a:85:ab:ac:8d:a9:4b:12:8f:57:6e:
f2:e8:94:56:ce:46:64:55:c2:6a:7b:af:0c:ce:36:
a7:70:5d:04:5f:22:2e:85:bc:d5:3d:77:14:24:1a:
50:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:12:19:08:6D:08:E0:82:92:C5:D5:97:69:7F:9D:B5:B0:DD:F1:42
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/LhIZCG0I4IKSxdWXaX-dtbDd8UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
07:ad:6c:e4:9f:e5:5d:d6:76:76:27:61:6a:f5:7c:10:56:08:
cd:7a:79:71:f7:89:c1:5b:38:2d:ba:49:f3:b3:8b:38:43:0b:
0c:ce:3c:ee:e5:67:87:ae:c9:0b:43:fc:1f:e1:ed:2a:a5:2a:
a2:34:9c:97:b1:ba:f8:a3:96:e2:b7:e2:70:b3:c3:e4:e0:43:
81:b9:0a:d8:af:0f:35:e8:c6:93:81:e0:e1:fa:76:6d:ae:d9:
ce:0d:90:e8:7c:bf:0c:9f:a3:7f:a4:bd:ff:d7:a0:fe:ec:a8:
13:f4:4a:d4:7e:b3:64:9e:c2:5e:40:f5:c3:ca:3a:8d:55:bd:
f3:df:d7:50:70:6f:35:98:7c:ea:8e:67:7e:d9:fd:e1:b7:b5:
b6:ee:64:19:1d:ff:bb:81:ce:e2:3a:a6:b5:7c:f9:25:7f:03:
fe:ea:9b:5d:93:ed:5f:d5:13:43:1e:3e:96:15:22:96:f4:6b:
90:7b:e6:bc:0c:da:a7:3b:76:05:91:ef:d5:17:e3:54:92:80:
5e:77:e4:a2:79:88:6c:ad:76:91:9d:3f:53:52:4b:03:d9:6d:
e4:68:a8:6f:bf:f0:da:26:f7:67:74:9f:f4:76:58:a4:50:35:
93:a4:d5:5d:9c:51:a7:88:ab:74:86:01:eb:83:08:31:e4:93:
ad:dc:6e:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZN80jCErRFTdQ1GumccD+nvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjQxMTMwMTEyNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTEyMTkwODZkMDhlMDgyOTJjNWQ1OTc2OTdmOWRiNWIwZGRmMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dP33/sPdVh7eM3G7onASohOl+9Z
KOZ2uHYZNJJ7dAFN3DiNkTVwluz1N0pm2Ifr1xl30Xxc9Yiasq0RsB9NiWpeYz3K
Zbg8vJqd4iPVyp3q74jvyuuOXsUatvvcWOJI0TfOUJRAn3jzE2aTGpwkH2VdBYp3
fKdHEGZb3JMQgb9SLtwhuSU/g6hZ+sM5LobF+wIOplec7NATerV4cGlqbuUmb+op
OipF2ZQgLyhfqQDBh4o6SbYB9im2GpzTjwhrVi74Qijlswg/NztLil7K+2qsdjAq
moWrrI2pSxKPV27y6JRWzkZkVcJqe68MzjancF0EXyIuhbzVPXcUJBpQhQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC4SGQhtCOCCksXVl2l/nbWw3fFCMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvTGhJWkNHMEk0SUtTeGRXWGFYLWR0YkRkOFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cwLAL
MA0GCSqGSIb3DQEBCwUAA4IBAQAHrWzkn+Vd1nZ2J2Fq9XwQVgjNenlx94nBWzgt
uknzs4s4QwsMzjzu5WeHrskLQ/wf4e0qpSqiNJyXsbr4o5bit+Jws8Pk4EOBuQrY
rw816MaTgeDh+nZtrtnODZDofL8Mn6N/pL3/16D+7KgT9ErUfrNknsJeQPXDyjqN
Vb3z39dQcG81mHzqjmd+2f3ht7W27mQZHf+7gc7iOqa1fPklfwP+6ptdk+1f1RND
Hj6WFSKW9GuQe+a8DNqnO3YFke/VF+NUkoBed+SieYhsrXaRnT9TUksD2W3kaKhv
v/DaJvdndJ/0dlikUDWTpNVdnFGniKt0hgHrgwgx5JOt3G6K
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:35 2025 by rpki-client