Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lPM-0rr_a9XeaNNtA14ZSg8nM9w.roa
File: lPM-0rr_a9XeaNNtA14ZSg8nM9w.roa (raw, json)
Hash identifier: innv5d0eT2fp/wISOVU/BaBvrmlDKJP9pOJj0m6583k=
Subject key identifier: 94:F3:3E:D2:BA:FF:6B:D5:DE:68:D3:6D:03:5E:19:4A:0F:27:33:DC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE215AEE9CB592EDFED490D51496CC57A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lPM-0rr_a9XeaNNtA14ZSg8nM9w.roa
Signing time: Sun 25 Feb 2024 21:04:48 +0000
ROA not before: Sun 25 Feb 2024 21:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e215:3a93/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e2:15:ae:e9:cb:59:2e:df:ed:49:0d:51:49:6c:c5:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 21:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94f33ed2baff6bd5de68d36d035e194a0f2733dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:c8:2a:1f:82:18:7d:28:fc:53:a2:6b:01:
7d:dd:80:cf:9b:b2:51:7e:4e:4c:3a:28:19:89:38:
a7:22:f0:40:bf:5f:d6:de:35:81:ab:2f:83:a0:c1:
d6:f6:2a:a9:2d:bc:83:b3:9d:6b:68:c1:d0:06:0d:
74:5b:84:56:6c:d3:15:6e:9b:10:fa:9c:46:47:6f:
2d:c8:bb:f8:60:4a:f3:50:10:a0:72:4c:f5:22:f6:
8f:5b:17:bd:39:7d:d8:64:19:7a:23:a2:51:c2:59:
b5:40:d1:ce:13:75:00:e8:3c:f9:5f:a6:90:2c:9a:
b6:d9:39:cd:22:87:88:55:dc:4b:4a:34:15:2e:e1:
25:9f:16:ee:1a:ac:21:4d:38:79:30:20:70:57:6f:
39:3f:58:70:52:80:0a:a6:d9:de:a3:78:c1:06:00:
8b:02:24:46:4b:1a:ec:6f:8e:d4:92:80:5b:44:fa:
f5:aa:e6:c1:0a:10:79:58:b7:bc:6c:7a:9e:3a:a2:
b7:6a:e3:09:fb:63:0c:c5:eb:fe:89:14:8f:f2:50:
d4:6f:7c:f5:8f:7e:3c:36:eb:85:0e:ca:30:91:5a:
0c:cf:fe:0e:1f:e2:c3:b8:2d:f4:d7:96:82:cb:02:
08:9d:9c:2a:39:3f:d0:21:93:05:f3:ee:25:1d:d4:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F3:3E:D2:BA:FF:6B:D5:DE:68:D3:6D:03:5E:19:4A:0F:27:33:DC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lPM-0rr_a9XeaNNtA14ZSg8nM9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:f8:54:9d:e4:73:32:fe:ba:f6:5d:2c:82:1e:0b:be:6a:d3:
ac:fe:93:87:43:e3:b1:ba:ee:0b:f5:14:61:73:0f:97:7c:7d:
1f:73:d3:6c:00:a9:6c:1d:17:92:62:cf:57:e2:92:5b:f5:e8:
be:f1:38:5d:bc:d3:f8:92:45:f8:46:6f:65:48:1e:0c:52:b3:
1b:45:9e:a8:c6:d6:82:7d:7e:78:f7:98:e0:cb:a4:d0:03:e5:
ff:12:9d:8b:0f:07:82:5b:57:6c:1d:73:30:08:94:0d:40:1d:
53:b1:92:2d:8e:8f:ca:23:96:6a:01:5f:cf:67:7d:33:e4:8b:
35:ff:d7:1a:b0:6c:0f:4b:1a:9b:a0:10:17:27:d1:8d:46:ef:
ca:2f:99:ff:56:c8:05:59:a4:88:6c:12:77:c8:62:70:bc:ca:
6d:69:25:7c:5f:cb:6f:02:dd:61:3c:98:a3:6c:25:3a:25:a6:
74:fd:e8:34:23:63:0b:24:e6:dc:95:24:d5:17:a4:81:0b:7e:
56:a1:67:73:e1:5f:0a:87:91:c7:86:37:11:a7:8a:17:82:a6:
c4:bd:aa:cd:91:e5:d8:1f:8f:12:f0:f4:8e:94:e1:55:2e:99:
7e:db:4c:10:f1:60:50:ca:20:c6:f2:0d:72:ad:5e:39:35:f5:
6c:fc:a2:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3iFa7py1ku3+1JDVFJbMV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MjEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGYzM2VkMmJhZmY2YmQ1ZGU2OGQzNmQwMzVlMTk0YTBmMjczM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSTIKh+CGH0o/FOiawF93YDPm7JR
fk5MOigZiTinIvBAv1/W3jWBqy+DoMHW9iqpLbyDs51raMHQBg10W4RWbNMVbpsQ
+pxGR28tyLv4YErzUBCgckz1IvaPWxe9OX3YZBl6I6JRwlm1QNHOE3UA6Dz5X6aQ
LJq22TnNIoeIVdxLSjQVLuElnxbuGqwhTTh5MCBwV285P1hwUoAKptneo3jBBgCL
AiRGSxrsb47UkoBbRPr1qubBChB5WLe8bHqeOqK3auMJ+2MMxev+iRSP8lDUb3z1
j348NuuFDsowkVoMz/4OH+LDuC3015aCywIInZwqOT/QIZMF8+4lHdRFrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJTzPtK6/2vV3mjTbQNeGUoPJzPcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbFBNLTBycl9hOVhlYU5OdEExNFpTZzhuTTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAD4VJ3kczL+uvZdLIIe
C75q06z+k4dD47G67gv1FGFzD5d8fR9z02wAqWwdF5Jiz1fiklv16L7xOF280/iS
RfhGb2VIHgxSsxtFnqjG1oJ9fnj3mODLpNAD5f8SnYsPB4JbV2wdczAIlA1AHVOx
ki2Oj8ojlmoBX89nfTPkizX/1xqwbA9LGpugEBcn0Y1G78ovmf9WyAVZpIhsEnfI
YnC8ym1pJXxfy28C3WE8mKNsJTolpnT96DQjYwsk5tyVJNUXpIELflahZ3PhXwqH
kceGNxGniheCpsS9qs2R5dgfjxLw9I6U4VUumX7bTBDxYFDKIMbyDXKtXjk19Wz8
opQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:45 2025 by rpki-client