Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/lSHgAQ7eecbywgc-CqSNLl1N7vw.roa
File: lSHgAQ7eecbywgc-CqSNLl1N7vw.roa (raw, json)
Hash identifier: 266w2m/tOrhLHcVCAyUsk57aJT3yXE1SeLD/jEfFIiM=
Subject key identifier: 95:21:E0:01:0E:DE:79:C6:F2:C2:07:3E:0A:A4:8D:2E:5D:4D:EE:FC
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 019422FAEAEDE10D93328AAD89A0426A4516
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/lSHgAQ7eecbywgc-CqSNLl1N7vw.roa
Signing time: Wed 01 Jan 2025 17:47:37 +0000
ROA not before: Wed 01 Jan 2025 17:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 2a01:ecc0:40::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:ea:ed:e1:0d:93:32:8a:ad:89:a0:42:6a:45:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Jan 1 17:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9521e0010ede79c6f2c2073e0aa48d2e5d4deefc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:f6:e4:b4:9a:d3:bf:4a:7e:03:7c:ae:8d:
29:a0:87:ad:ea:bc:49:6c:cd:05:70:cb:c2:21:34:
da:f4:ea:75:c1:37:ee:d0:f7:55:f3:d7:77:ce:64:
27:91:11:65:ae:58:82:14:15:2e:93:a3:cd:be:d2:
28:dd:91:ac:13:3a:25:18:4d:5f:93:61:ae:96:3a:
a5:33:55:51:77:d3:44:f1:bc:9d:39:40:91:4c:e7:
29:49:a6:56:87:c8:1a:ff:74:33:b7:59:26:39:48:
92:15:5e:02:cc:1d:46:64:0a:57:17:ea:62:de:e1:
25:55:48:80:41:0d:6f:90:6a:9d:3f:10:e6:2a:48:
e9:fa:a5:bf:7d:22:81:e0:dc:0a:21:6b:0e:bf:31:
6f:5f:01:10:1a:d0:2d:67:fc:cc:c4:c7:89:bf:9d:
82:22:cf:48:73:76:8c:09:5a:94:73:fa:6b:59:c0:
55:1d:92:90:e4:d1:71:4f:1b:03:51:75:50:60:b0:
83:ce:36:48:eb:cc:dc:59:87:75:9e:5a:e2:7f:56:
f9:f1:38:8a:df:bd:3d:30:0c:f0:8d:30:54:f0:e8:
93:49:63:4f:8d:a1:8c:d9:2d:52:31:b0:8c:5e:f1:
51:88:1f:85:1e:cd:4a:b9:18:bc:46:06:da:0d:c6:
ec:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:21:E0:01:0E:DE:79:C6:F2:C2:07:3E:0A:A4:8D:2E:5D:4D:EE:FC
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/lSHgAQ7eecbywgc-CqSNLl1N7vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:40::/42
Signature Algorithm: sha256WithRSAEncryption
b5:f8:b4:e9:fc:8d:59:77:3c:00:76:65:2c:0f:d4:39:62:7c:
96:e8:84:d7:70:59:0a:79:e5:cc:9a:4d:96:74:c6:f2:91:d1:
cb:06:cc:a3:38:a0:0c:e2:ee:a3:90:56:b5:23:09:5d:df:b9:
27:b5:07:6d:3b:e2:7a:9b:c8:0e:0a:b5:40:f5:44:99:43:e9:
c2:17:2c:a2:30:db:53:c3:7f:19:5e:67:e6:be:85:53:18:e0:
80:d5:a2:5a:02:0b:03:7b:39:66:44:7b:f4:f0:57:17:99:1e:
e0:b0:c4:d1:95:3e:f4:cd:25:58:d5:77:11:15:9f:e8:f2:36:
63:b2:14:3b:32:20:2a:dc:e1:0a:d5:f6:5d:e9:a2:1d:a5:de:
cd:5d:a1:ac:cd:07:ac:bb:a8:9c:70:dd:63:e4:3b:27:8b:11:
4c:e2:56:67:68:23:ab:5b:20:93:39:27:85:a0:b9:02:de:b3:
90:56:b2:d0:cb:47:44:06:fd:4b:20:41:a4:97:65:e1:c1:0e:
f5:91:ed:87:4b:02:8f:54:b2:47:45:24:30:47:6c:91:a5:56:
a3:f1:bf:12:31:bd:76:93:bc:28:a0:45:0e:ea:af:b4:fe:35:
cf:bd:73:fb:6e:fd:87:3f:f5:2d:a8:91:0a:96:cc:64:6f:52:
13:4b:bb:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+urt4Q2TMoqtiaBCakUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUwMTAxMTc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIxZTAwMTBlZGU3OWM2ZjJjMjA3M2UwYWE0OGQyZTVkNGRlZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulz25LSa079KfgN8ro0poIet6rxJ
bM0FcMvCITTa9Op1wTfu0PdV89d3zmQnkRFlrliCFBUuk6PNvtIo3ZGsEzolGE1f
k2GuljqlM1VRd9NE8bydOUCRTOcpSaZWh8ga/3Qzt1kmOUiSFV4CzB1GZApXF+pi
3uElVUiAQQ1vkGqdPxDmKkjp+qW/fSKB4NwKIWsOvzFvXwEQGtAtZ/zMxMeJv52C
Is9Ic3aMCVqUc/prWcBVHZKQ5NFxTxsDUXVQYLCDzjZI68zcWYd1nlrif1b58TiK
3709MAzwjTBU8OiTSWNPjaGM2S1SMbCMXvFRiB+FHs1KuRi8RgbaDcbsmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJUh4AEO3nnG8sIHPgqkjS5dTe78MB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvbFNIZ0FRN2VlY2J5d2djLUNxU05MbDFON3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgHswABA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1+LTp/I1ZdzwAdmUsD9Q5YnyW6ITXcFkKeeXM
mk2WdMbykdHLBsyjOKAM4u6jkFa1Iwld37kntQdtO+J6m8gOCrVA9USZQ+nCFyyi
MNtTw38ZXmfmvoVTGOCA1aJaAgsDezlmRHv08FcXmR7gsMTRlT70zSVY1XcRFZ/o
8jZjshQ7MiAq3OEK1fZd6aIdpd7NXaGszQesu6iccN1j5DsnixFM4lZnaCOrWyCT
OSeFoLkC3rOQVrLQy0dEBv1LIEGkl2XhwQ71ke2HSwKPVLJHRSQwR2yRpVaj8b8S
Mb12k7wooEUO6q+0/jXPvXP7bv2HP/UtqJEKlsxkb1ITS7ur
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:53:16 2025 by rpki-client