Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/lWp3x-nAp1ltUyTY-wLe1MHQZJs.roa
File: lWp3x-nAp1ltUyTY-wLe1MHQZJs.roa (raw, json)
Hash identifier: jVHFoPfHJdGgiz8gSH623I+xyr61sRDm+d/jh0+2OWs=
Subject key identifier: 95:6A:77:C7:E9:C0:A7:59:6D:53:24:D8:FB:02:DE:D4:C1:D0:64:9B
Certificate issuer: /CN=e4bdd6b1ebfc95899a58333dc94cf82a19a6b3be
Certificate serial: 01857042AB647AC2755F7A34B9EE64B78B06
Authority key identifier: E4:BD:D6:B1:EB:FC:95:89:9A:58:33:3D:C9:4C:F8:2A:19:A6:B3:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/lWp3x-nAp1ltUyTY-wLe1MHQZJs.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47381
IP address blocks: 195.5.177.0/24 maxlen: 24
5.159.232.0/21 maxlen: 24
80.77.112.0/20 maxlen: 24
188.227.224.0/21 maxlen: 24
2001:950::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:ab:64:7a:c2:75:5f:7a:34:b9:ee:64:b7:8b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4bdd6b1ebfc95899a58333dc94cf82a19a6b3be
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956a77c7e9c0a7596d5324d8fb02ded4c1d0649b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f7:bd:b9:d1:b8:49:fd:88:76:a0:27:55:34:
36:67:5d:28:28:41:1b:20:74:f5:3a:d3:19:33:67:
8a:a0:7d:4d:6f:80:1f:94:f5:a7:1f:de:74:cf:6a:
c2:8f:0b:38:b7:58:85:db:0d:8a:b8:63:44:3a:87:
10:74:54:bc:bf:2e:a8:53:5c:25:84:af:e7:9a:b2:
af:6a:e6:be:2a:d0:a6:bc:04:a2:d9:87:06:6b:d7:
8e:f3:cc:3f:70:0e:90:f8:f9:35:f5:69:0e:02:fc:
66:11:4d:87:d6:18:8b:25:cf:01:e6:ba:96:c4:05:
41:a7:15:c8:b9:ba:bc:d2:da:09:06:35:c0:4f:c0:
70:a4:04:a0:3b:64:8e:17:94:27:ff:85:21:f7:c6:
bf:1f:a5:58:54:db:f5:8e:70:3e:03:ba:c4:d7:c7:
04:84:5e:ff:42:59:ed:e9:14:d5:79:b8:df:35:6d:
f9:02:19:3c:c0:81:59:44:82:d6:b0:02:cf:e5:18:
63:98:f9:06:8c:4f:5a:6b:3b:c7:a8:66:d4:b1:81:
af:71:ba:92:f1:ca:cc:cc:8c:cd:67:c6:cc:20:c3:
8f:2f:f5:54:69:7f:6f:53:3a:22:6a:99:ff:34:98:
3b:e0:bd:54:3d:7e:97:42:0d:a4:7a:a2:ad:96:da:
3f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6A:77:C7:E9:C0:A7:59:6D:53:24:D8:FB:02:DE:D4:C1:D0:64:9B
X509v3 Authority Key Identifier:
keyid:E4:BD:D6:B1:EB:FC:95:89:9A:58:33:3D:C9:4C:F8:2A:19:A6:B3:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/lWp3x-nAp1ltUyTY-wLe1MHQZJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/5L3Wsev8lYmaWDM9yUz4Khmms74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.232.0/21
80.77.112.0/20
188.227.224.0/21
195.5.177.0/24
IPv6:
2001:950::/32
Signature Algorithm: sha256WithRSAEncryption
b7:51:87:ca:34:8f:5b:7e:a4:b7:f2:1a:31:34:4a:a5:0a:38:
b0:72:45:a2:26:d1:83:f7:b2:8b:99:89:22:25:c0:dc:05:4d:
f2:7c:b9:0e:49:ca:d0:62:a2:c2:1c:21:6c:22:2f:ff:79:e5:
17:8d:ad:5b:0d:03:29:b4:06:bf:1c:a4:08:b8:2a:f5:63:bf:
89:82:be:df:d0:59:53:ec:ee:b9:32:02:f4:16:b3:fa:7b:25:
7d:1f:5c:77:c5:c9:48:22:ff:3f:e9:88:a9:b6:22:d9:4d:84:
75:dd:04:ee:c7:54:62:2b:bf:de:59:52:0f:41:ae:12:ec:e5:
77:0f:95:28:9c:8b:6d:55:05:be:d0:74:d0:d7:6b:52:85:ba:
c4:eb:e5:93:6f:b7:70:9a:a7:12:51:c5:af:78:71:45:ab:f9:
60:0a:ce:fd:20:c7:b8:14:93:bf:ed:6c:9b:61:0a:9f:04:b5:
21:37:e5:e3:cc:b1:88:6a:13:67:db:80:8c:c2:c9:6c:a0:37:
99:6e:6e:73:42:22:ad:bf:11:b7:d3:e5:6a:e7:b5:e7:b8:f9:
95:6c:a4:d5:f8:78:82:43:c5:65:0f:15:25:d4:c5:82:84:bd:
f5:94:ca:1f:23:24:3d:a2:11:b0:ad:bf:87:0b:49:35:29:b3:
b7:26:42:74
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwQqtkesJ1X3o0ue5kt4sGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmRkNmIxZWJmYzk1ODk5YTU4MzMzZGM5NGNmODJhMTlh
NmIzYmUwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZhNzdjN2U5YzBhNzU5NmQ1MzI0ZDhmYjAyZGVkNGMxZDA2NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfe9udG4Sf2IdqAnVTQ2Z10oKEEb
IHT1OtMZM2eKoH1Nb4AflPWnH950z2rCjws4t1iF2w2KuGNEOocQdFS8vy6oU1wl
hK/nmrKvaua+KtCmvASi2YcGa9eO88w/cA6Q+Pk19WkOAvxmEU2H1hiLJc8B5rqW
xAVBpxXIubq80toJBjXAT8BwpASgO2SOF5Qn/4Uh98a/H6VYVNv1jnA+A7rE18cE
hF7/Qlnt6RTVebjfNW35Ahk8wIFZRILWsALP5RhjmPkGjE9aazvHqGbUsYGvcbqS
8crMzIzNZ8bMIMOPL/VUaX9vUzoiapn/NJg74L1UPX6XQg2keqKtlto/2wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJVqd8fpwKdZbVMk2PsC3tTB0GSbMB8GA1UdIwQY
MBaAFOS91rHr/JWJmlgzPclM+CoZprO+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUwzV3NldjhsWW1hV0RNOXlVejRLaG1tczc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yYThmODgtYjA1ZC00MjkxLTkzZDQt
MDdmN2Q1MTk1YzJjLzEvbFdwM3gtbkFwMWx0VXlUWS13TGUxTUhRWkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yYThmODgtYjA1ZC00MjkxLTkzZDQtMDdmN2Q1MTk1YzJj
LzEvNUwzV3NldjhsWW1hV0RNOXlVejRLaG1tczc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZ/oAwQE
UE1wAwQDvOPgAwQAwwWxMA0EAgACMAcDBQAgAQlQMA0GCSqGSIb3DQEBCwUAA4IB
AQC3UYfKNI9bfqS38hoxNEqlCjiwckWiJtGD97KLmYkiJcDcBU3yfLkOScrQYqLC
HCFsIi//eeUXja1bDQMptAa/HKQIuCr1Y7+Jgr7f0FlT7O65MgL0FrP6eyV9H1x3
xclIIv8/6YiptiLZTYR13QTux1RiK7/eWVIPQa4S7OV3D5UonIttVQW+0HTQ12tS
hbrE6+WTb7dwmqcSUcWveHFFq/lgCs79IMe4FJO/7WybYQqfBLUhN+XjzLGIahNn
24CMwslsoDeZbm5zQiKtvxG30+Vq57XnuPmVbKTV+HiCQ8VlDxUl1MWChL31lMof
IyQ9ohGwrb+HC0k1KbO3JkJ0
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:00:27 2025 by rpki-client