Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/lgYAmalnI_oZ83Tb8Ti6V7XhBfY.roa
File: lgYAmalnI_oZ83Tb8Ti6V7XhBfY.roa (raw, json)
Hash identifier: YLa6sQcNQovVshTKMi/YyM+kT0ku2zE49MLaSErXUoA=
Subject key identifier: 96:06:00:99:A9:67:23:FA:19:F3:74:DB:F1:38:BA:57:B5:E1:05:F6
Certificate issuer: /CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Certificate serial: 0184D88BC3FBE7ADA522A168FA8F7EDC4B70
Authority key identifier: 0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/lgYAmalnI_oZ83Tb8Ti6V7XhBfY.roa
Signing time: Sat 03 Dec 2022 15:12:28 +0000
ROA not before: Sat 03 Dec 2022 15:12:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 89.248.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:8b:c3:fb:e7:ad:a5:22:a1:68:fa:8f:7e:dc:4b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Validity
Not Before: Dec 3 15:12:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96060099a96723fa19f374dbf138ba57b5e105f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9a:84:b8:80:98:93:0e:a5:95:47:5b:08:c1:
23:16:4a:ad:9c:f7:02:22:9b:16:c1:47:5e:e1:8e:
7e:5e:1b:07:22:5b:33:8c:f8:a7:13:4f:13:ae:63:
54:88:2c:ae:65:4f:7d:0b:c0:ff:60:a6:51:70:68:
e9:b6:d1:76:35:c7:77:00:cd:e2:1b:f9:bc:a4:64:
61:a3:f8:46:21:fe:7b:f6:80:47:a9:68:bb:dd:25:
a0:c0:f5:78:35:d7:3e:05:29:dd:eb:49:70:65:ef:
59:e4:42:32:2f:44:1e:82:fa:ea:1d:02:53:12:c0:
87:07:d4:36:1e:b9:25:1e:51:05:82:ce:8d:fc:75:
8e:24:a8:9b:49:75:f1:2b:7a:0d:71:fe:a0:a4:44:
b6:85:15:5a:9a:9c:c7:f2:af:3b:2e:d3:4e:59:79:
40:f6:10:b2:94:bd:13:b0:d6:b1:a0:c1:64:c5:74:
0a:e6:20:89:62:e7:d1:6a:fe:b0:83:aa:40:d4:23:
64:f2:0b:ca:31:08:ea:a0:99:1b:30:a5:76:f6:fe:
ae:73:41:e4:3f:ba:4b:fa:11:c7:59:0a:24:9a:1d:
3b:39:16:e0:5c:bb:6e:62:cb:d7:44:ab:30:be:8c:
c5:85:80:ef:6c:1d:c7:32:87:ea:48:c9:17:f7:f7:
0c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:06:00:99:A9:67:23:FA:19:F3:74:DB:F1:38:BA:57:B5:E1:05:F6
X509v3 Authority Key Identifier:
keyid:0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/lgYAmalnI_oZ83Tb8Ti6V7XhBfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/Ds2ZqhcBdjpaHtm7430swJMpybo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.71.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:a8:2e:4d:b9:eb:be:79:b1:1f:9b:de:57:1f:c9:67:33:31:
6d:00:77:0b:40:4f:1f:ff:24:3f:c7:7a:26:f7:a2:49:a6:0a:
d1:af:c7:b5:9d:56:87:7e:22:26:8d:55:26:4b:cc:b2:00:73:
b4:72:b2:aa:af:e3:27:26:22:00:01:1f:13:5f:f5:4f:c2:9f:
94:70:3f:87:70:35:c6:4d:f4:34:ec:36:d5:64:44:23:87:1a:
4b:7c:ab:1c:dd:87:66:f6:17:c7:1b:49:10:67:17:25:fb:a0:
d1:77:8e:6f:a5:11:bf:47:30:b4:03:75:c3:d5:2b:64:b4:e5:
d0:3a:ed:3f:8d:d7:b1:14:00:dc:fb:b1:70:a0:38:3a:fe:e6:
99:e3:88:6b:ee:40:86:09:53:c1:15:de:33:4e:34:0f:23:5f:
9a:59:13:14:22:fb:94:00:19:37:8c:36:50:68:0f:7b:4b:63:
77:30:51:ab:52:27:15:86:47:e6:79:25:e9:58:2e:e0:c8:c0:
26:6e:1b:f0:d8:ff:a7:9f:ed:1b:30:2d:9a:af:c6:3f:88:58:
ed:00:90:65:dc:0c:fe:bf:4a:06:63:01:6d:de:bf:13:34:08:
ec:66:3a:a9:2a:ff:b1:70:3e:94:e3:2a:58:50:e3:42:af:59:
e8:ed:33:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTYi8P7562lIqFo+o9+3EtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlY2Q5OWFhMTcwMTc2M2E1YTFlZDliYmUzN2QyY2MwOTMy
OWM5YmEwHhcNMjIxMjAzMTUxMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA2MDA5OWE5NjcyM2ZhMTlmMzc0ZGJmMTM4YmE1N2I1ZTEwNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5qEuICYkw6llUdbCMEjFkqtnPcC
IpsWwUde4Y5+XhsHIlszjPinE08TrmNUiCyuZU99C8D/YKZRcGjpttF2Ncd3AM3i
G/m8pGRho/hGIf579oBHqWi73SWgwPV4Ndc+BSnd60lwZe9Z5EIyL0QegvrqHQJT
EsCHB9Q2HrklHlEFgs6N/HWOJKibSXXxK3oNcf6gpES2hRVampzH8q87LtNOWXlA
9hCylL0TsNaxoMFkxXQK5iCJYufRav6wg6pA1CNk8gvKMQjqoJkbMKV29v6uc0Hk
P7pL+hHHWQokmh07ORbgXLtuYsvXRKswvozFhYDvbB3HMofqSMkX9/cMAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYGAJmpZyP6GfN02/E4ule14QX2MB8GA1UdIwQY
MBaAFA7NmaoXAXY6Wh7Zu+N9LMCTKcm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHMyWnFoY0JkanBhSHRtNzQzMHN3Sk1weWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lMWJkMmYtNjE5Ny00NDY1LWEzNjgt
YTdkZWE1NzI3YzJjLzEvbGdZQW1hbG5JX29aODNUYjhUaTZWN1hoQmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lMWJkMmYtNjE5Ny00NDY1LWEzNjgtYTdkZWE1NzI3YzJj
LzEvRHMyWnFoY0JkanBhSHRtNzQzMHN3Sk1weWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfhHMA0G
CSqGSIb3DQEBCwUAA4IBAQChqC5Nueu+ebEfm95XH8lnMzFtAHcLQE8f/yQ/x3om
96JJpgrRr8e1nVaHfiImjVUmS8yyAHO0crKqr+MnJiIAAR8TX/VPwp+UcD+HcDXG
TfQ07DbVZEQjhxpLfKsc3Ydm9hfHG0kQZxcl+6DRd45vpRG/RzC0A3XD1StktOXQ
Ou0/jdexFADc+7FwoDg6/uaZ44hr7kCGCVPBFd4zTjQPI1+aWRMUIvuUABk3jDZQ
aA97S2N3MFGrUicVhkfmeSXpWC7gyMAmbhvw2P+nn+0bMC2ar8Y/iFjtAJBl3Az+
v0oGYwFt3r8TNAjsZjqpKv+xcD6U4ypYUONCr1no7TP3
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:55 2025 by rpki-client