Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/li2-8H_Ktf-N6wAfesIHRPAJ0Js.roa
File: li2-8H_Ktf-N6wAfesIHRPAJ0Js.roa (raw, json)
Hash identifier: kAw3P0p1miJKbLOdPSm6occvsp6jKzBvhZYl0CpPQ8w=
Subject key identifier: 96:2D:BE:F0:7F:CA:B5:FF:8D:EB:00:1F:7A:C2:07:44:F0:09:D0:9B
Certificate issuer: /CN=a48d78ad89bb6fe68af2bdb11689c42cdb0fa7f3
Certificate serial: 06A79279
Authority key identifier: A4:8D:78:AD:89:BB:6F:E6:8A:F2:BD:B1:16:89:C4:2C:DB:0F:A7:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pI14rYm7b-aK8r2xFonELNsPp_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/li2-8H_Ktf-N6wAfesIHRPAJ0Js.roa
Signing time: Sat 01 Jan 2022 05:55:33 +0000
ROA not before: Sat 01 Jan 2022 05:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207923
IP address blocks: 45.158.100.0/22 maxlen: 24
2a0f:4c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111645305 (0x6a79279)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a48d78ad89bb6fe68af2bdb11689c42cdb0fa7f3
Validity
Not Before: Jan 1 05:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=962dbef07fcab5ff8deb001f7ac20744f009d09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:42:88:da:3c:ab:04:c5:e9:ed:55:e7:2e:87:
85:11:da:c8:4f:0c:28:26:e0:a1:76:94:0e:41:7c:
2f:97:42:67:28:1a:71:2a:04:29:a9:0f:56:5e:18:
6a:67:63:1d:27:74:41:1c:41:3c:a0:0b:96:e5:43:
ee:19:8b:d2:23:8e:81:35:cf:62:4a:5f:7e:ed:11:
5c:e2:96:e5:1b:48:87:36:25:31:6f:df:82:45:6a:
e3:d3:7f:5a:90:66:f4:d7:5d:ee:4c:7b:bf:69:e1:
14:3d:ac:5e:84:af:33:40:f1:cd:8d:02:ab:45:72:
ee:04:3b:16:ff:c8:cf:df:23:cb:ec:08:b0:b6:ff:
e5:09:23:4e:52:59:dd:21:37:53:4a:e1:c5:6a:ee:
98:de:1a:e3:d0:17:a4:28:86:b8:0e:76:62:58:ed:
e5:44:59:18:e6:9b:ab:86:e6:7c:4c:6e:1a:55:0d:
a6:54:69:f5:16:47:b3:1d:0f:28:05:3b:55:db:de:
84:98:32:b8:c9:a7:fc:a2:49:1f:c8:af:53:e8:c0:
c1:c4:1e:cf:9a:bd:ef:0f:c0:cc:49:e0:60:2f:d2:
7d:7a:64:41:23:6a:54:e7:2c:96:de:db:b8:8a:d3:
d1:78:17:93:4e:43:dd:ce:e6:9f:e4:2a:3c:41:67:
77:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2D:BE:F0:7F:CA:B5:FF:8D:EB:00:1F:7A:C2:07:44:F0:09:D0:9B
X509v3 Authority Key Identifier:
keyid:A4:8D:78:AD:89:BB:6F:E6:8A:F2:BD:B1:16:89:C4:2C:DB:0F:A7:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pI14rYm7b-aK8r2xFonELNsPp_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/li2-8H_Ktf-N6wAfesIHRPAJ0Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/pI14rYm7b-aK8r2xFonELNsPp_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.100.0/22
IPv6:
2a0f:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
1c:ca:e7:44:4f:d7:d6:cc:a9:1d:a2:68:88:99:4f:7e:26:6f:
5f:f8:84:63:34:80:34:b6:eb:e1:03:96:09:94:db:96:56:71:
fb:ed:c9:57:f0:29:25:c0:50:20:8f:8c:e6:73:11:10:8e:ea:
e5:90:77:cd:32:ce:6f:cc:6f:a8:ef:28:1c:be:db:ff:ff:ea:
29:ff:01:e0:6f:4e:ee:b1:82:0d:d9:55:2c:c1:c4:5a:c0:5a:
28:d9:81:6c:e3:3a:e7:89:ce:4d:95:5f:79:d1:6c:a7:cd:3a:
c9:a7:d0:1a:ac:6e:83:a6:bd:18:05:ca:eb:ad:75:43:2b:39:
4b:e8:8e:0c:fe:b3:64:a7:fd:9f:ee:62:c6:6b:73:2e:87:fa:
6e:8a:b6:4e:c2:81:5c:a4:e2:62:fa:67:d7:c5:44:3e:d1:c5:
ff:53:2d:d6:96:24:5a:d9:b4:44:0d:b5:d2:42:f6:f1:e4:e6:
1c:e4:04:d8:1f:f9:bd:23:3a:b4:5c:8f:87:8c:08:1e:17:e6:
3a:48:25:7a:e0:79:8e:ff:7a:b5:4d:b0:ab:0a:33:96:9b:1e:
5d:21:fc:b0:19:91:98:8a:e9:ff:67:d0:d5:17:b9:63:ce:f2:
59:c8:c0:56:63:fe:a7:74:db:56:db:ff:7a:b6:50:3c:d2:75:
22:85:34:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBqeSeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDhkNzhhZDg5YmI2ZmU2OGFmMmJkYjExNjg5YzQyY2RiMGZhN2YzMB4XDTIyMDEw
MTA1NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYyZGJlZjA3ZmNh
YjVmZjhkZWIwMDFmN2FjMjA3NDRmMDA5ZDA5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRCiNo8qwTF6e1V5y6HhRHayE8MKCbgoXaUDkF8L5dCZyga
cSoEKakPVl4YamdjHSd0QRxBPKALluVD7hmL0iOOgTXPYkpffu0RXOKW5RtIhzYl
MW/fgkVq49N/WpBm9Ndd7kx7v2nhFD2sXoSvM0DxzY0Cq0Vy7gQ7Fv/Iz98jy+wI
sLb/5QkjTlJZ3SE3U0rhxWrumN4a49AXpCiGuA52Yljt5URZGOabq4bmfExuGlUN
plRp9RZHsx0PKAU7VdvehJgyuMmn/KJJH8ivU+jAwcQez5q97w/AzEngYC/SfXpk
QSNqVOcslt7buIrT0XgXk05D3c7mn+QqPEFnd/UCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSWLb7wf8q1/43rAB96wgdE8AnQmzAfBgNVHSMEGDAWgBSkjXitibtv5ory
vbEWicQs2w+n8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BJMTRyWW03Yi1hSzhyMnhGb25FTE5zUHBfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvNmJjOWYxLTVmZGMtNDMxZi1iYWFjLTcyYTRlMTZjMTlmMC8x
L2xpMi04SF9LdGYtTjZ3QWZlc0lIUlBBSjBKcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
NmJjOWYxLTVmZGMtNDMxZi1iYWFjLTcyYTRlMTZjMTlmMC8xL3BJMTRyWW03Yi1h
SzhyMnhGb25FTE5zUHBfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2eZDANBAIAAjAHAwUDKg9MQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHMrnRE/X1sypHaJoiJlPfiZvX/iEYzSANLbr4QOW
CZTbllZx++3JV/ApJcBQII+M5nMREI7q5ZB3zTLOb8xvqO8oHL7b///qKf8B4G9O
7rGCDdlVLMHEWsBaKNmBbOM654nOTZVfedFsp806yafQGqxug6a9GAXK6611Qys5
S+iODP6zZKf9n+5ixmtzLof6boq2TsKBXKTiYvpn18VEPtHF/1Mt1pYkWtm0RA21
0kL28eTmHOQE2B/5vSM6tFyPh4wIHhfmOkgleuB5jv96tU2wqwozlpseXSH8sBmR
mIrp/2fQ1Re5Y87yWcjAVmP+p3TbVtv/erZQPNJ1IoU06A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:24 2025 by rpki-client