Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lPSO_3c_4xm_7YnE3UrMCDeMQR8.roa
File: lPSO_3c_4xm_7YnE3UrMCDeMQR8.roa (raw, json)
Hash identifier: ZRy7wsHxZwxZlHkHv4/j+0IYpokA2L3Y4XFyuD9XkY8=
Subject key identifier: 94:F4:8E:FF:77:3F:E3:19:BF:ED:89:C4:DD:4A:CC:08:37:8C:41:1F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019433956FFC288A3805E1082517987DA6F8
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lPSO_3c_4xm_7YnE3UrMCDeMQR8.roa
Signing time: Sat 04 Jan 2025 23:10:18 +0000
ROA not before: Sat 04 Jan 2025 23:10:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:33:95:6f:fc:28:8a:38:05:e1:08:25:17:98:7d:a6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 4 23:10:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f48eff773fe319bfed89c4dd4acc08378c411f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4e:47:c4:49:d6:11:3b:28:c8:37:66:77:d8:
2b:cf:0e:f7:0c:d0:7d:b6:69:8d:e1:1e:83:9a:c1:
90:ba:0a:4e:0a:b0:10:97:60:54:49:5e:1d:21:ac:
11:40:04:19:8a:42:f4:aa:08:a5:ff:32:13:91:f5:
2c:e8:16:89:8f:d5:e3:81:e1:b7:03:fe:19:88:d7:
c7:00:41:2f:3c:83:6d:a5:2d:13:34:05:ae:17:ab:
be:3e:9e:5b:3f:82:f1:70:c9:bf:c9:35:d9:99:bd:
c7:c8:54:70:37:eb:78:f0:11:77:3e:76:25:c1:e5:
b9:04:37:0d:95:eb:23:43:17:66:f4:61:b8:72:bf:
ca:56:1f:90:55:f7:01:e3:02:f8:9d:c5:cb:e4:cc:
9f:ac:87:7c:f3:60:51:3c:28:9c:75:04:88:a3:15:
69:e5:d6:0a:cd:d8:dc:de:e1:a0:59:ee:cc:e7:a7:
5c:ec:5b:c6:2a:19:d4:ef:c9:24:bf:4d:3a:dd:f5:
11:c5:fe:87:8e:23:cf:8b:2b:07:89:4c:ed:88:2f:
fa:a9:78:ab:18:86:b3:2b:64:59:ea:a5:2b:35:34:
3c:9a:f8:26:51:5a:d6:5c:a6:50:b2:e6:74:d5:2d:
9e:4c:ce:44:1d:f5:2d:62:9b:98:56:c2:3d:3c:8b:
33:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F4:8E:FF:77:3F:E3:19:BF:ED:89:C4:DD:4A:CC:08:37:8C:41:1F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/lPSO_3c_4xm_7YnE3UrMCDeMQR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
98:18:01:f0:66:27:40:fd:49:3d:54:a9:e3:90:d2:1f:e7:78:
83:b1:0e:f7:f5:4c:01:d2:3b:04:dc:5e:ba:76:78:ab:ef:8b:
dc:86:98:b8:41:fc:37:19:21:30:52:e8:bd:3c:1f:b0:fa:c1:
4d:2b:53:89:34:06:6f:ba:11:08:1c:25:98:c7:84:3b:ff:f3:
32:15:b2:71:bd:8b:1c:b1:b0:ad:b6:c1:0c:65:bb:94:07:40:
f7:76:f2:1a:4c:f6:38:c7:76:87:5d:fd:7b:96:24:8f:80:c5:
5e:c4:09:a0:e7:47:38:d7:a5:46:e0:85:ed:c7:16:02:79:d0:
a8:b6:d6:86:54:3c:06:c0:2a:70:0a:d1:8c:e4:f3:41:25:fd:
f8:64:e2:e5:de:d8:06:ed:5e:b2:ff:10:2b:d0:a3:7c:57:93:
09:2a:4e:df:0a:b2:35:ca:0e:db:ff:15:f0:49:8d:31:a4:c3:
c9:17:16:38:ae:79:35:91:51:82:c1:84:43:9c:a2:b4:01:73:
86:64:6f:a9:00:a0:83:05:68:39:d8:02:e5:75:93:b4:9a:38:
52:96:2d:25:bf:da:0c:e2:c0:42:3e:3f:58:14:d4:90:30:2d:
d0:46:bd:c4:8d:0c:9e:c0:7b:35:0f:91:d4:7d:c2:73:4b:d6:
9b:82:8f:69
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQzlW/8KIo4BeEIJReYfab4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA0MjMxMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY0OGVmZjc3M2ZlMzE5YmZlZDg5YzRkZDRhY2MwODM3OGM0MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi05HxEnWETsoyDdmd9grzw73DNB9
tmmN4R6DmsGQugpOCrAQl2BUSV4dIawRQAQZikL0qgil/zITkfUs6BaJj9XjgeG3
A/4ZiNfHAEEvPINtpS0TNAWuF6u+Pp5bP4LxcMm/yTXZmb3HyFRwN+t48BF3PnYl
weW5BDcNlesjQxdm9GG4cr/KVh+QVfcB4wL4ncXL5MyfrId882BRPCicdQSIoxVp
5dYKzdjc3uGgWe7M56dc7FvGKhnU78kkv0063fURxf6HjiPPiysHiUztiC/6qXir
GIazK2RZ6qUrNTQ8mvgmUVrWXKZQsuZ01S2eTM5EHfUtYpuYVsI9PIszbQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJT0jv93P+MZv+2JxN1KzAg3jEEfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbFBTT18zY180eG1fN1luRTNVck1DRGVNUVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAmBgB8GYnQP1JPVSp45DSH+d4
g7EO9/VMAdI7BNxeunZ4q++L3IaYuEH8NxkhMFLovTwfsPrBTStTiTQGb7oRCBwl
mMeEO//zMhWycb2LHLGwrbbBDGW7lAdA93byGkz2OMd2h139e5Ykj4DFXsQJoOdH
ONelRuCF7ccWAnnQqLbWhlQ8BsAqcArRjOTzQSX9+GTi5d7YBu1esv8QK9CjfFeT
CSpO3wqyNcoO2/8V8EmNMaTDyRcWOK55NZFRgsGEQ5yitAFzhmRvqQCggwVoOdgC
5XWTtJo4UpYtJb/aDOLAQj4/WBTUkDAt0Ea9xI0MnsB7NQ+R1H3Cc0vWm4KPaQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:12:01 2025 by rpki-client