Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/LqWLNGVJsU-kzNBxdOwF4m0lyts.roa
File: LqWLNGVJsU-kzNBxdOwF4m0lyts.roa (raw, json)
Hash identifier: DD+c/d/Cg0WeRUVZEKBFaG4dOQ8f/bIbqxZflz1mmxg=
Subject key identifier: 2E:A5:8B:34:65:49:B1:4F:A4:CC:D0:71:74:EC:05:E2:6D:25:CA:DB
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01900AED2EBF6A76AD56B7E9B109F2811F0A
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/LqWLNGVJsU-kzNBxdOwF4m0lyts.roa
Signing time: Wed 12 Jun 2024 05:30:34 +0000
ROA not before: Wed 12 Jun 2024 05:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 45.13.179.0/24 maxlen: 24
45.145.17.0/24 maxlen: 24
80.91.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0a:ed:2e:bf:6a:76:ad:56:b7:e9:b1:09:f2:81:1f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jun 12 05:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ea58b346549b14fa4ccd07174ec05e26d25cadb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ad:71:67:14:d3:51:a3:43:12:19:37:9f:9b:
57:9d:19:ef:bd:58:07:5d:e1:a1:ac:a3:5d:e6:83:
36:5a:80:c2:1c:e8:15:47:a8:54:bd:cb:c4:ee:1b:
02:4f:29:05:68:b7:ab:87:12:f2:37:de:6f:3f:91:
3f:dc:1f:e6:8b:bb:c6:be:62:a6:d1:0f:3d:19:d4:
6f:15:9a:05:81:d9:ba:2f:75:a4:01:43:5a:62:25:
7e:a0:e9:55:a7:d4:03:3d:73:1a:8b:e5:98:90:e3:
d1:d5:33:19:a4:43:a9:bb:13:2c:00:50:7f:b7:26:
24:29:65:2d:7c:43:8a:44:37:c7:6c:25:33:de:c4:
a5:67:62:ac:e5:33:83:d4:f9:79:f5:3f:48:4b:54:
77:1d:76:48:79:21:ae:12:ea:54:72:af:2e:86:d2:
94:17:25:98:b2:a1:0c:f0:8d:fd:a0:f5:5a:c7:56:
34:ed:a0:1f:82:4e:8c:3b:27:9c:e6:e6:ad:44:b9:
97:6c:2e:85:50:ea:1d:7f:d2:e8:9c:95:72:18:d3:
5f:fd:9c:17:e7:3f:a1:f9:cd:81:f8:40:d7:5b:99:
57:c3:83:65:ef:e6:d7:49:6a:c6:1c:02:73:b9:43:
ff:23:59:3d:d2:f1:27:a5:ea:2d:c1:da:b5:aa:ba:
a4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A5:8B:34:65:49:B1:4F:A4:CC:D0:71:74:EC:05:E2:6D:25:CA:DB
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/LqWLNGVJsU-kzNBxdOwF4m0lyts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.179.0/24
45.145.17.0/24
80.91.221.0/24
Signature Algorithm: sha256WithRSAEncryption
92:0e:0e:bc:34:3e:bd:94:f2:a8:54:e8:0b:41:05:0c:8a:3f:
43:ee:da:44:5b:46:13:2a:5b:06:d0:88:4b:b2:f5:1d:d7:34:
9e:66:cf:26:d6:76:31:02:9e:7c:15:89:79:05:16:3a:37:39:
cf:f4:ae:b6:e8:a9:15:f5:73:ef:db:b3:90:56:f8:bc:f2:ce:
35:e3:3b:ad:b4:b3:09:a0:1e:b7:47:36:1a:9c:5e:fc:7e:6d:
6b:19:3c:66:16:a6:8e:8d:fa:33:e1:e2:37:3f:02:75:c9:45:
8b:7d:27:fb:10:cc:a5:3c:bc:7d:32:9e:73:3c:27:72:25:c4:
6b:27:5a:ce:bf:44:1d:ce:85:6f:3a:ad:49:45:26:d1:f2:ac:
56:93:43:b0:92:62:d5:f8:a4:c9:0f:55:91:17:87:d4:30:47:
79:e3:46:36:33:4f:38:b3:50:61:b4:bf:93:b9:7a:52:4e:0e:
81:1c:66:6f:1a:06:a8:06:87:9f:96:32:a0:4c:2d:f8:6f:2e:
46:8f:35:3c:af:64:d8:72:1e:10:35:50:f3:31:60:7e:c7:8e:
35:c4:c5:1d:0a:70:a0:83:28:1a:30:73:33:91:55:d1:b5:f2:
9a:39:d8:f7:9b:c8:04:89:96:e5:fc:24:71:a0:d9:1d:3a:d1:
1a:02:37:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAK7S6/anatVrfpsQnygR8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNjEyMDUzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWE1OGIzNDY1NDliMTRmYTRjY2QwNzE3NGVjMDVlMjZkMjVjYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3q1xZxTTUaNDEhk3n5tXnRnvvVgH
XeGhrKNd5oM2WoDCHOgVR6hUvcvE7hsCTykFaLerhxLyN95vP5E/3B/mi7vGvmKm
0Q89GdRvFZoFgdm6L3WkAUNaYiV+oOlVp9QDPXMai+WYkOPR1TMZpEOpuxMsAFB/
tyYkKWUtfEOKRDfHbCUz3sSlZ2Ks5TOD1Pl59T9IS1R3HXZIeSGuEupUcq8uhtKU
FyWYsqEM8I39oPVax1Y07aAfgk6MOyec5uatRLmXbC6FUOodf9LonJVyGNNf/ZwX
5z+h+c2B+EDXW5lXw4Nl7+bXSWrGHAJzuUP/I1k90vEnpeotwdq1qrqkzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC6lizRlSbFPpMzQcXTsBeJtJcrbMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvTHFXTE5HVkpzVS1rek5CeGRPd0Y0bTBseXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ2zAwQA
LZERAwQAUFvdMA0GCSqGSIb3DQEBCwUAA4IBAQCSDg68ND69lPKoVOgLQQUMij9D
7tpEW0YTKlsG0IhLsvUd1zSeZs8m1nYxAp58FYl5BRY6NznP9K626KkV9XPv27OQ
Vvi88s414zuttLMJoB63RzYanF78fm1rGTxmFqaOjfoz4eI3PwJ1yUWLfSf7EMyl
PLx9Mp5zPCdyJcRrJ1rOv0QdzoVvOq1JRSbR8qxWk0OwkmLV+KTJD1WRF4fUMEd5
40Y2M084s1BhtL+TuXpSTg6BHGZvGgaoBoefljKgTC34by5GjzU8r2TYch4QNVDz
MWB+x441xMUdCnCggygaMHMzkVXRtfKaOdj3m8gEiZbl/CRxoNkdOtEaAjeP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:40 2025 by rpki-client