Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cd27a8-5e21-48ff-9dfe-cf5e1eaa37e1/1/LhErn5-kVWctDuaVAG5CBNfZZ64.roa
File: LhErn5-kVWctDuaVAG5CBNfZZ64.roa (raw, json)
Hash identifier: V4UBIU5MR2z+ymeWHpMe+iaYYAm9XPRosXyE4DKuu1s=
Subject key identifier: 2E:11:2B:9F:9F:A4:55:67:2D:0E:E6:95:00:6E:42:04:D7:D9:67:AE
Certificate issuer: /CN=07e405e9d9b757e8141b4c638d65f5411adb0e2f
Certificate serial: 01856DAF4E004671C58C317596802E4D75B5
Authority key identifier: 07:E4:05:E9:D9:B7:57:E8:14:1B:4C:63:8D:65:F5:41:1A:DB:0E:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-QF6dm3V-gUG0xjjWX1QRrbDi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cd27a8-5e21-48ff-9dfe-cf5e1eaa37e1/1/LhErn5-kVWctDuaVAG5CBNfZZ64.roa
Signing time: Sun 01 Jan 2023 14:14:43 +0000
ROA not before: Sun 01 Jan 2023 14:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 212.18.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:4e:00:46:71:c5:8c:31:75:96:80:2e:4d:75:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e405e9d9b757e8141b4c638d65f5411adb0e2f
Validity
Not Before: Jan 1 14:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e112b9f9fa455672d0ee695006e4204d7d967ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ec:c6:b5:26:bc:49:09:31:86:7b:0f:d4:69:
b3:50:91:0d:ec:b5:db:bd:f5:5b:37:05:c7:0c:c1:
0d:42:ea:69:69:1d:92:8f:4b:f7:13:e2:77:bf:56:
6b:5f:d1:eb:f3:aa:3b:f3:bf:7d:3e:ea:9a:a1:d5:
87:4f:01:37:8e:a4:18:ed:32:2a:17:44:67:9c:1c:
a6:43:c7:06:76:51:46:3d:31:74:f1:f0:19:99:f8:
e6:bf:ba:3e:a1:bd:4b:d6:0d:6b:8a:a3:94:9b:39:
05:37:10:73:61:77:fd:f6:15:92:00:c7:83:20:7a:
89:07:42:a9:24:6b:e8:7b:d4:ef:3c:0b:14:b2:00:
b6:65:cb:cd:0b:89:c3:8c:0e:2a:6e:d9:14:0a:4e:
31:b1:c1:43:e8:5f:2a:67:de:af:a5:bf:74:38:b3:
e0:24:c9:76:50:a8:d8:7e:34:42:ca:28:03:48:f4:
66:a9:91:0a:8f:00:26:00:02:7c:ab:45:f9:d2:c5:
53:0f:64:a6:11:a7:67:1c:62:4b:a9:f9:7b:c4:6e:
35:0a:3f:e4:09:f3:51:f5:b9:88:92:9b:77:1f:32:
96:68:a8:40:6d:37:b0:72:6c:a2:b8:56:2d:64:d8:
11:2a:cb:4b:4f:97:c0:fe:88:6b:21:6e:7b:27:39:
d4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:2B:9F:9F:A4:55:67:2D:0E:E6:95:00:6E:42:04:D7:D9:67:AE
X509v3 Authority Key Identifier:
keyid:07:E4:05:E9:D9:B7:57:E8:14:1B:4C:63:8D:65:F5:41:1A:DB:0E:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-QF6dm3V-gUG0xjjWX1QRrbDi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cd27a8-5e21-48ff-9dfe-cf5e1eaa37e1/1/LhErn5-kVWctDuaVAG5CBNfZZ64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cd27a8-5e21-48ff-9dfe-cf5e1eaa37e1/1/B-QF6dm3V-gUG0xjjWX1QRrbDi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.103.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b2:4e:94:ad:d0:76:fb:1b:f3:64:9c:a6:03:a5:c4:be:04:
bd:48:01:ef:15:5e:5c:3c:08:55:8a:ea:b7:70:c7:27:f3:23:
84:6c:85:c5:2e:3a:86:1d:eb:ab:a1:d4:fd:ed:82:0b:b0:eb:
ae:84:d7:42:8f:25:5e:27:8e:9f:1d:2d:0a:a5:5c:52:3c:44:
40:42:0d:b7:72:cd:84:4b:df:89:69:3b:2b:45:83:b2:e5:3b:
0e:7d:50:d1:57:82:2c:63:61:a8:5a:c5:b7:ba:3d:e9:5e:bc:
6f:56:06:5b:af:4d:8f:b0:5c:86:2d:c8:7c:29:58:7e:d3:69:
b9:9e:37:88:8f:5e:ce:20:8c:03:dc:9c:4d:a5:b5:78:48:92:
10:a7:df:09:41:cb:8a:a0:76:f1:38:78:6b:b1:be:32:d8:ba:
28:f0:cc:27:6e:67:09:4e:d9:74:af:67:f1:71:4b:97:2c:5e:
28:a5:e7:c6:95:3b:d1:31:98:90:4d:f1:f7:0f:c3:34:ab:26:
47:1d:83:c7:6d:26:b9:7a:b6:44:20:79:b7:ae:b5:9e:30:a7:
b6:68:17:87:fc:c6:bb:1e:09:69:c3:8c:1b:0f:80:4f:65:50:
0f:fc:46:ac:39:8d:aa:df:76:4c:b8:1f:52:ad:e5:0d:bf:36:
aa:a9:e8:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtr04ARnHFjDF1loAuTXW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTQwNWU5ZDliNzU3ZTgxNDFiNGM2MzhkNjVmNTQxMWFk
YjBlMmYwHhcNMjMwMTAxMTQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTExMmI5ZjlmYTQ1NTY3MmQwZWU2OTUwMDZlNDIwNGQ3ZDk2N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquzGtSa8SQkxhnsP1GmzUJEN7LXb
vfVbNwXHDMENQuppaR2Sj0v3E+J3v1ZrX9Hr86o78799PuqaodWHTwE3jqQY7TIq
F0RnnBymQ8cGdlFGPTF08fAZmfjmv7o+ob1L1g1riqOUmzkFNxBzYXf99hWSAMeD
IHqJB0KpJGvoe9TvPAsUsgC2ZcvNC4nDjA4qbtkUCk4xscFD6F8qZ96vpb90OLPg
JMl2UKjYfjRCyigDSPRmqZEKjwAmAAJ8q0X50sVTD2SmEadnHGJLqfl7xG41Cj/k
CfNR9bmIkpt3HzKWaKhAbTewcmyiuFYtZNgRKstLT5fA/ohrIW57JznUAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4RK5+fpFVnLQ7mlQBuQgTX2WeuMB8GA1UdIwQY
MBaAFAfkBenZt1foFBtMY41l9UEa2w4vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1RRjZkbTNWLWdVRzB4ampXWDFRUnJiRGk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jZDI3YTgtNWUyMS00OGZmLTlkZmUt
Y2Y1ZTFlYWEzN2UxLzEvTGhFcm41LWtWV2N0RHVhVkFHNUNCTmZaWjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jZDI3YTgtNWUyMS00OGZmLTlkZmUtY2Y1ZTFlYWEzN2Ux
LzEvQi1RRjZkbTNWLWdVRzB4ampXWDFRUnJiRGk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BJnMA0G
CSqGSIb3DQEBCwUAA4IBAQAOsk6UrdB2+xvzZJymA6XEvgS9SAHvFV5cPAhViuq3
cMcn8yOEbIXFLjqGHeurodT97YILsOuuhNdCjyVeJ46fHS0KpVxSPERAQg23cs2E
S9+JaTsrRYOy5TsOfVDRV4IsY2GoWsW3uj3pXrxvVgZbr02PsFyGLch8KVh+02m5
njeIj17OIIwD3JxNpbV4SJIQp98JQcuKoHbxOHhrsb4y2Loo8MwnbmcJTtl0r2fx
cUuXLF4opefGlTvRMZiQTfH3D8M0qyZHHYPHbSa5erZEIHm3rrWeMKe2aBeH/Ma7
Hglpw4wbD4BPZVAP/EasOY2q33ZMuB9SreUNvzaqqehM
-----END CERTIFICATE-----
Generated at Thu Nov 9 10:31:53 2023 by rpki-client on console-ams.rpki-client.org