Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/lDWyFXs9JgGOhDKJmAMUd3zIK5w.roa
File: lDWyFXs9JgGOhDKJmAMUd3zIK5w.roa (raw, json)
Hash identifier: 2q/dpzMOt8Z4VXz7M3w9S5I7SSYKdZBx6BiCTtjP4qg=
Subject key identifier: 94:35:B2:15:7B:3D:26:01:8E:84:32:89:98:03:14:77:7C:C8:2B:9C
Certificate issuer: /CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Certificate serial: 0194266BE17AD3109798A50BFF572CA2295B
Authority key identifier: 9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/lDWyFXs9JgGOhDKJmAMUd3zIK5w.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44712
IP address blocks: 151.249.104.0/21 maxlen: 24
2a01:a8c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e1:7a:d3:10:97:98:a5:0b:ff:57:2c:a2:29:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9faf0bf93fc4381fff7e7aa86b4076c033242ffa
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9435b2157b3d26018e843289980314777cc82b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:d6:ee:10:64:b2:25:31:ed:fa:d0:5c:6e:
17:54:0d:a8:47:ba:14:39:b7:7c:b4:d1:ae:43:3a:
02:bd:23:64:c7:b0:91:1b:c0:d9:3a:c5:d5:70:b5:
b2:32:ff:c9:e6:1a:96:fb:c0:e1:36:0e:01:e9:43:
97:85:4c:86:4f:00:4a:15:5c:9c:87:61:30:d3:39:
97:0c:a6:4c:eb:3b:b5:5a:f5:21:d2:26:e6:2e:69:
24:9e:b3:93:81:7b:a2:95:08:90:e0:39:2a:e6:e3:
2d:dc:ba:09:84:82:5c:17:5d:76:e3:2a:6d:34:22:
00:b5:e9:19:a6:97:ad:ed:e0:65:44:ad:36:a5:a7:
bd:dc:44:d0:aa:22:8b:ed:5b:bd:7f:70:c9:cb:91:
8f:ca:05:ac:db:5f:52:e9:d7:25:d5:ec:4e:ff:bf:
47:d3:30:10:0c:89:82:55:3c:e3:86:d2:45:e3:28:
63:11:29:cf:1e:2e:91:8d:45:f0:3e:22:c2:9e:f5:
67:05:88:64:51:40:54:6a:a8:ac:87:81:f5:23:75:
25:20:0b:91:65:e3:0a:df:8f:b0:42:b2:9b:dc:a1:
5a:c7:77:d3:54:79:1a:1d:44:97:02:3a:d4:31:62:
be:78:ae:fd:8b:c6:2f:11:ce:7c:44:27:68:55:32:
64:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:35:B2:15:7B:3D:26:01:8E:84:32:89:98:03:14:77:7C:C8:2B:9C
X509v3 Authority Key Identifier:
keyid:9F:AF:0B:F9:3F:C4:38:1F:FF:7E:7A:A8:6B:40:76:C0:33:24:2F:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n68L-T_EOB__fnqoa0B2wDMkL_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/lDWyFXs9JgGOhDKJmAMUd3zIK5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a4ff33-b290-4307-afc8-f520a7d71ef5/1/n68L-T_EOB__fnqoa0B2wDMkL_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.104.0/21
IPv6:
2a01:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:9b:e7:d3:a2:c0:ee:83:d0:7f:0d:1f:18:7e:74:6c:b6:0d:
86:97:eb:75:1b:00:2e:08:ef:ed:70:a6:5d:e3:74:77:76:01:
5c:18:58:1a:86:8d:87:70:6b:af:de:63:05:d1:f9:2f:3e:f2:
29:5d:90:35:67:d8:ef:6b:f0:7b:10:14:b8:a7:2a:1b:42:d9:
28:ae:26:f6:9f:ab:23:a0:8d:4b:74:7c:ef:1f:f2:91:4c:85:
5d:45:65:7e:44:f2:be:6f:37:7b:9d:b0:e0:2a:89:2f:a5:74:
72:67:74:9c:7b:11:5c:cd:9c:d8:93:dd:39:ce:d3:9f:82:08:
f6:ab:d7:6e:38:dd:53:34:2a:e8:4b:2d:8d:89:58:04:e4:60:
48:2e:8e:87:27:c0:4c:2f:4f:53:e0:d7:73:89:b3:13:d1:25:
49:84:dc:c6:55:c0:cf:d6:31:d5:1f:72:75:04:31:e6:ce:e8:
9c:f2:1d:50:95:23:ea:b9:18:2f:40:56:2d:c8:cf:bd:f2:bd:
89:43:ca:76:28:f4:ad:06:49:3d:64:5b:49:e7:d2:aa:75:dc:
c7:3d:e0:67:8d:09:3e:8c:e7:ff:bf:d8:2e:a0:f9:61:95:22:
62:93:5e:7d:8b:2e:d6:a6:f6:19:aa:f2:97:ae:82:ee:06:cd:
51:18:36:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma+F60xCXmKUL/1csoilbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWYwYmY5M2ZjNDM4MWZmZjdlN2FhODZiNDA3NmMwMzMy
NDJmZmEwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM1YjIxNTdiM2QyNjAxOGU4NDMyODk5ODAzMTQ3NzdjYzgyYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSzW7hBksiUx7frQXG4XVA2oR7oU
Obd8tNGuQzoCvSNkx7CRG8DZOsXVcLWyMv/J5hqW+8DhNg4B6UOXhUyGTwBKFVyc
h2Ew0zmXDKZM6zu1WvUh0ibmLmkknrOTgXuilQiQ4Dkq5uMt3LoJhIJcF1124ypt
NCIAtekZppet7eBlRK02pae93ETQqiKL7Vu9f3DJy5GPygWs219S6dcl1exO/79H
0zAQDImCVTzjhtJF4yhjESnPHi6RjUXwPiLCnvVnBYhkUUBUaqish4H1I3UlIAuR
ZeMK34+wQrKb3KFax3fTVHkaHUSXAjrUMWK+eK79i8YvEc58RCdoVTJk5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJQ1shV7PSYBjoQyiZgDFHd8yCucMB8GA1UdIwQY
MBaAFJ+vC/k/xDgf/356qGtAdsAzJC/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgt
ZjUyMGE3ZDcxZWY1LzEvbERXeUZYczlKZ0dPaERLSm1BTVVkM3pJSzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNGZmMzMtYjI5MC00MzA3LWFmYzgtZjUyMGE3ZDcxZWY1
LzEvbjY4TC1UX0VPQl9fZm5xb2EwQjJ3RE1rTF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDl/loMA0E
AgACMAcDBQMqAajAMA0GCSqGSIb3DQEBCwUAA4IBAQAtm+fTosDug9B/DR8YfnRs
tg2Gl+t1GwAuCO/tcKZd43R3dgFcGFgaho2HcGuv3mMF0fkvPvIpXZA1Z9jva/B7
EBS4pyobQtkorib2n6sjoI1LdHzvH/KRTIVdRWV+RPK+bzd7nbDgKokvpXRyZ3Sc
exFczZzYk905ztOfggj2q9duON1TNCroSy2NiVgE5GBILo6HJ8BML09T4NdzibMT
0SVJhNzGVcDP1jHVH3J1BDHmzuic8h1QlSPquRgvQFYtyM+98r2JQ8p2KPStBkk9
ZFtJ59KqddzHPeBnjQk+jOf/v9guoPlhlSJik159iy7WpvYZqvKXroLuBs1RGDZH
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:11:13 2025 by rpki-client