Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/LN3ZiB7unTeuvtm2ryfGmpPxaas.roa
File: LN3ZiB7unTeuvtm2ryfGmpPxaas.roa (raw, json)
Hash identifier: vka2cOD7yLGSOnIOFvElr3oQd83mm+OKJg0TXNQ90b8=
Subject key identifier: 2C:DD:D9:88:1E:EE:9D:37:AE:BE:D9:B6:AF:27:C6:9A:93:F1:69:AB
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018570FB9036D72FF7FF13AFA115124FB931
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/LN3ZiB7unTeuvtm2ryfGmpPxaas.roa
Signing time: Mon 02 Jan 2023 05:36:52 +0000
ROA not before: Mon 02 Jan 2023 05:36:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 45.131.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:90:36:d7:2f:f7:ff:13:af:a1:15:12:4f:b9:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 2 05:36:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cddd9881eee9d37aebed9b6af27c69a93f169ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:7f:f5:81:39:ee:1d:56:7b:78:e4:c0:6d:
09:48:20:86:76:3f:6e:88:ed:93:0c:e7:cb:91:3a:
52:c6:2b:50:30:95:e3:2f:36:44:3c:a1:27:0b:72:
14:3b:7c:bb:f6:f5:ec:18:6d:38:61:3b:7b:4b:7b:
50:54:5e:8f:d4:5b:37:08:24:56:e6:76:d6:71:94:
e9:e4:70:2f:65:8c:78:a1:da:76:4e:1f:7e:4d:ba:
43:38:bc:f3:3e:2d:36:66:8c:20:74:2e:a1:f7:7f:
f2:0e:45:21:bb:95:66:3d:56:57:15:f5:55:09:b7:
0a:b2:44:4f:1d:09:87:99:6d:3d:4d:4d:78:98:12:
b8:6a:3a:28:c2:d6:1a:5b:91:b7:09:69:0c:ad:67:
a1:d4:85:cd:0d:f6:b3:ac:f2:0d:ca:42:d2:c7:b5:
ef:cf:a3:57:b0:07:a1:ec:2f:8d:13:22:fb:f4:cb:
e6:a2:4e:b4:14:32:b2:27:98:b0:e5:e6:48:0c:2c:
55:5d:38:25:f0:63:f0:38:5d:59:16:d9:66:bf:0b:
5b:a1:06:a7:ee:9e:f9:8b:87:5a:54:7d:52:34:9a:
9f:a4:a7:41:57:cc:2a:e9:6e:0a:f0:1d:5c:0d:4b:
01:da:87:5a:66:9d:ce:06:14:e0:fc:d3:23:cb:94:
05:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DD:D9:88:1E:EE:9D:37:AE:BE:D9:B6:AF:27:C6:9A:93:F1:69:AB
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/LN3ZiB7unTeuvtm2ryfGmpPxaas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.106.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:2f:74:12:e5:55:29:de:c2:d4:ec:f5:27:33:2c:c4:0f:6a:
cd:a8:4a:1c:7e:01:48:a4:e0:53:cc:6e:93:30:01:13:47:43:
29:2c:3b:48:9f:fe:53:2a:1d:22:e7:7e:85:dd:06:16:44:90:
f0:e3:d5:ee:e7:c3:a8:91:bd:fe:c1:ac:af:c1:9e:27:62:4c:
23:7d:09:52:06:e1:2c:a0:a2:b4:5a:27:42:0e:7d:cc:a3:c9:
cc:ae:97:a2:d3:87:d6:8b:ed:ab:20:c1:22:a0:ad:de:58:05:
de:d5:1b:f9:f9:8b:3f:8d:f9:e4:79:01:1a:e8:73:0b:2b:5a:
b8:ac:8f:54:74:80:d3:30:8a:46:22:a7:71:a3:e5:7e:7b:c4:
25:b8:81:67:d7:61:15:84:06:01:af:f9:68:56:0f:f1:de:88:
4e:38:17:97:48:5b:25:f8:fc:9e:80:e9:ac:08:b2:a0:22:cf:
1e:2d:7c:4a:9e:3a:a9:18:a6:ee:30:d2:98:16:c7:66:ff:7c:
8d:cf:ae:23:b3:a5:bf:ec:b5:75:ba:c5:56:c5:38:71:59:5e:
e2:8d:50:8d:b5:f7:68:62:24:29:fa:ee:e8:c9:3d:20:b0:c9:
25:11:b2:a6:0e:7a:50:b6:0f:0d:56:94:aa:18:24:13:99:12:
43:6c:99:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+5A21y/3/xOvoRUST7kxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwMTAyMDUzNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2RkZDk4ODFlZWU5ZDM3YWViZWQ5YjZhZjI3YzY5YTkzZjE2OWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnth/9YE57h1We3jkwG0JSCCGdj9u
iO2TDOfLkTpSxitQMJXjLzZEPKEnC3IUO3y79vXsGG04YTt7S3tQVF6P1Fs3CCRW
5nbWcZTp5HAvZYx4odp2Th9+TbpDOLzzPi02ZowgdC6h93/yDkUhu5VmPVZXFfVV
CbcKskRPHQmHmW09TU14mBK4ajoowtYaW5G3CWkMrWeh1IXNDfazrPINykLSx7Xv
z6NXsAeh7C+NEyL79Mvmok60FDKyJ5iw5eZIDCxVXTgl8GPwOF1ZFtlmvwtboQan
7p75i4daVH1SNJqfpKdBV8wq6W4K8B1cDUsB2odaZp3OBhTg/NMjy5QF/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCzd2Yge7p03rr7Ztq8nxpqT8WmrMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvTE4zWmlCN3VuVGV1dnRtMnJ5ZkdtcFB4YWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYNqMA0G
CSqGSIb3DQEBCwUAA4IBAQCyL3QS5VUp3sLU7PUnMyzED2rNqEocfgFIpOBTzG6T
MAETR0MpLDtIn/5TKh0i536F3QYWRJDw49Xu58Ookb3+wayvwZ4nYkwjfQlSBuEs
oKK0WidCDn3Mo8nMrpei04fWi+2rIMEioK3eWAXe1Rv5+Ys/jfnkeQEa6HMLK1q4
rI9UdIDTMIpGIqdxo+V+e8QluIFn12EVhAYBr/loVg/x3ohOOBeXSFsl+PyegOms
CLKgIs8eLXxKnjqpGKbuMNKYFsdm/3yNz64js6W/7LV1usVWxThxWV7ijVCNtfdo
YiQp+u7oyT0gsMklEbKmDnpQtg8NVpSqGCQTmRJDbJm1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:53 2025 by rpki-client