Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/lwbUXgR2bwKsbKhJna_m2B1laUM.roa
File: lwbUXgR2bwKsbKhJna_m2B1laUM.roa (raw, json)
Hash identifier: k4FoAw0jXl7iOo8UR+puVtgOMeJ2Tq/Lu6MB+b6wd/Y=
Subject key identifier: 97:06:D4:5E:04:76:6F:02:AC:6C:A8:49:9D:AF:E6:D8:1D:65:69:43
Certificate issuer: /CN=af23585bfcdd061ca946e2d9ea8b97e45b9c31d6
Certificate serial: 018570C2B6FC018F91A2EE0E003D598EF38A
Authority key identifier: AF:23:58:5B:FC:DD:06:1C:A9:46:E2:D9:EA:8B:97:E4:5B:9C:31:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/lwbUXgR2bwKsbKhJna_m2B1laUM.roa
Signing time: Mon 02 Jan 2023 04:34:47 +0000
ROA not before: Mon 02 Jan 2023 04:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20634
IP address blocks: 185.213.56.0/22 maxlen: 22
2a0b:83c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:b6:fc:01:8f:91:a2:ee:0e:00:3d:59:8e:f3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af23585bfcdd061ca946e2d9ea8b97e45b9c31d6
Validity
Not Before: Jan 2 04:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9706d45e04766f02ac6ca8499dafe6d81d656943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:30:52:88:9f:99:60:2d:5a:5a:5f:2d:7b:a4:
38:aa:86:31:c5:f6:e9:15:28:ae:c3:67:df:ec:39:
38:86:66:33:47:19:f3:98:a8:12:6d:8b:9b:6f:e4:
8e:52:ec:d9:31:22:e9:e3:83:35:77:d9:e3:03:5a:
55:4f:f2:87:61:94:9f:d9:07:0d:1e:6c:e3:f3:6c:
59:0b:6d:1d:14:40:e4:2a:cf:eb:00:23:73:fd:cd:
55:16:e6:e1:6c:2f:a0:22:93:85:66:bc:44:8e:41:
bf:39:fe:19:98:66:17:d2:65:ea:ed:c1:3a:87:fd:
d3:cb:e1:ca:e9:b2:4d:d2:17:57:6f:55:3d:b6:1a:
cd:43:67:94:35:1d:36:3c:c9:6e:3d:3a:86:84:fa:
a9:73:01:78:ad:25:f1:4d:16:a5:84:39:a1:ff:29:
1b:ec:c0:80:b2:aa:ac:60:20:b3:c0:a6:18:0e:d2:
b3:d3:7f:2c:66:c1:55:e1:c7:09:d8:af:53:3f:bc:
ff:a3:d5:6b:a5:97:05:4b:13:b9:67:02:27:be:8d:
5e:0d:c7:3f:eb:ab:77:a7:9d:90:86:b6:69:37:30:
70:bc:ec:77:fc:da:f0:17:69:28:31:d8:06:d3:a8:
07:d0:d2:57:23:e6:91:a1:9b:e6:2a:59:29:02:cd:
97:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:06:D4:5E:04:76:6F:02:AC:6C:A8:49:9D:AF:E6:D8:1D:65:69:43
X509v3 Authority Key Identifier:
keyid:AF:23:58:5B:FC:DD:06:1C:A9:46:E2:D9:EA:8B:97:E4:5B:9C:31:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryNYW_zdBhypRuLZ6ouX5FucMdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/lwbUXgR2bwKsbKhJna_m2B1laUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1f36d5-3080-4a0e-9d63-79344da3a2e6/1/ryNYW_zdBhypRuLZ6ouX5FucMdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.56.0/22
IPv6:
2a0b:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:49:93:08:b5:b4:da:c6:27:af:93:81:bb:57:6f:b9:03:75:
82:c2:38:20:d0:94:11:8d:0a:bd:7e:44:b3:ef:ce:9e:22:71:
e6:87:4d:8b:19:53:90:71:9f:25:29:3c:89:b9:e1:1e:33:67:
22:58:77:a6:04:aa:f3:08:b6:6d:d9:ac:9f:36:72:4e:1b:2b:
b5:06:b4:97:77:cd:f1:97:9f:cc:9f:04:31:b9:31:19:34:64:
43:8e:ba:c0:6a:c3:fd:ce:9c:09:d7:1d:cb:82:08:d1:96:7a:
1b:cd:71:4b:d2:7c:fd:cb:c4:2f:26:53:93:82:f3:d8:4d:bf:
f4:7e:e2:df:1e:1b:86:77:c9:50:cd:72:e0:da:2f:3c:bc:1b:
ca:3f:9b:2d:37:49:5a:ee:3e:a5:10:44:4e:9c:2f:59:08:f3:
ca:84:38:70:81:35:c5:31:3a:fb:27:c7:a3:6a:69:cc:74:fa:
73:87:a8:1d:0c:64:4a:f0:59:c8:a1:16:9d:34:d0:2e:fa:9d:
86:de:00:7b:f0:53:9d:68:78:03:db:f1:1b:8c:f0:71:03:71:
c6:08:db:fc:dd:45:a2:dc:25:a7:04:c3:33:8d:bb:ad:57:7e:
ef:7c:43:7b:1d:5a:98:2a:24:2b:9f:6c:96:07:9c:d3:40:49:
db:66:3c:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwwrb8AY+Rou4OAD1ZjvOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjM1ODViZmNkZDA2MWNhOTQ2ZTJkOWVhOGI5N2U0NWI5
YzMxZDYwHhcNMjMwMTAyMDQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA2ZDQ1ZTA0NzY2ZjAyYWM2Y2E4NDk5ZGFmZTZkODFkNjU2OTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjBSiJ+ZYC1aWl8te6Q4qoYxxfbp
FSiuw2ff7Dk4hmYzRxnzmKgSbYubb+SOUuzZMSLp44M1d9njA1pVT/KHYZSf2QcN
Hmzj82xZC20dFEDkKs/rACNz/c1VFubhbC+gIpOFZrxEjkG/Of4ZmGYX0mXq7cE6
h/3Ty+HK6bJN0hdXb1U9thrNQ2eUNR02PMluPTqGhPqpcwF4rSXxTRalhDmh/ykb
7MCAsqqsYCCzwKYYDtKz038sZsFV4ccJ2K9TP7z/o9VrpZcFSxO5ZwInvo1eDcc/
66t3p52QhrZpNzBwvOx3/NrwF2koMdgG06gH0NJXI+aRoZvmKlkpAs2X2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJcG1F4Edm8CrGyoSZ2v5tgdZWlDMB8GA1UdIwQY
MBaAFK8jWFv83QYcqUbi2eqLl+RbnDHWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZjM2ZDUtMzA4MC00YTBlLTlkNjMt
NzkzNDRkYTNhMmU2LzEvbHdiVVhnUjJid0tzYktoSm5hX20yQjFsYVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZjM2ZDUtMzA4MC00YTBlLTlkNjMtNzkzNDRkYTNhMmU2
LzEvcnlOWVdfemRCaHlwUnVMWjZvdVg1RnVjTWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudU4MA0E
AgACMAcDBQMqC4PAMA0GCSqGSIb3DQEBCwUAA4IBAQAFSZMItbTaxievk4G7V2+5
A3WCwjgg0JQRjQq9fkSz786eInHmh02LGVOQcZ8lKTyJueEeM2ciWHemBKrzCLZt
2ayfNnJOGyu1BrSXd83xl5/MnwQxuTEZNGRDjrrAasP9zpwJ1x3LggjRlnobzXFL
0nz9y8QvJlOTgvPYTb/0fuLfHhuGd8lQzXLg2i88vBvKP5stN0la7j6lEEROnC9Z
CPPKhDhwgTXFMTr7J8ejamnMdPpzh6gdDGRK8FnIoRadNNAu+p2G3gB78FOdaHgD
2/EbjPBxA3HGCNv83UWi3CWnBMMzjbutV37vfEN7HVqYKiQrn2yWB5zTQEnbZjyy
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:14 2025 by rpki-client