Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/LYJwh6ElqgRcMmDkROXUMdfnX08.roa
File: LYJwh6ElqgRcMmDkROXUMdfnX08.roa (raw, json)
Hash identifier: 5CCy01/m/JVFdloiBPHwYEjVH4315VNuXsXpZ6kYkuc=
Subject key identifier: 2D:82:70:87:A1:25:AA:04:5C:32:60:E4:44:E5:D4:31:D7:E7:5F:4F
Certificate issuer: /CN=fcb6b17bd2e5f14bd375a0c0e69dfc77d9702f4a
Certificate serial: 019425FD9387FCEB67A2F0CBE1D17671F9F9
Authority key identifier: FC:B6:B1:7B:D2:E5:F1:4B:D3:75:A0:C0:E6:9D:FC:77:D9:70:2F:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/LYJwh6ElqgRcMmDkROXUMdfnX08.roa
Signing time: Thu 02 Jan 2025 07:49:22 +0000
ROA not before: Thu 02 Jan 2025 07:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197740
IP address blocks: 185.246.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:93:87:fc:eb:67:a2:f0:cb:e1:d1:76:71:f9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcb6b17bd2e5f14bd375a0c0e69dfc77d9702f4a
Validity
Not Before: Jan 2 07:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d827087a125aa045c3260e444e5d431d7e75f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:98:0d:fe:53:c3:ae:30:5b:13:8e:55:24:86:
d9:7e:16:eb:42:78:5b:b3:0c:62:bc:74:b9:76:33:
a6:ed:76:99:32:09:2a:b2:51:a8:ce:1d:d3:17:a3:
b9:cd:6f:fb:d7:19:95:47:4b:93:0c:49:12:fc:05:
60:2d:54:89:76:26:8d:3c:92:4b:7d:1e:b7:0c:97:
81:9a:e4:6a:2b:d9:86:f1:4b:2d:f0:25:a7:54:0d:
a3:97:4c:08:23:a7:97:e3:6c:c1:0c:e2:3e:82:c6:
46:56:ca:3d:ce:2d:75:65:bd:aa:b8:9c:55:7a:45:
b5:8a:70:e2:d0:4a:87:9b:6c:51:16:6a:e2:58:bb:
4a:a5:e5:35:09:d6:c9:ba:dc:c8:b2:40:21:74:e3:
82:3c:28:77:e9:b3:f1:ea:28:ff:36:d5:93:34:81:
91:b7:77:77:d4:85:96:36:8b:66:f8:b7:b2:b7:02:
6e:d7:3e:c3:41:7c:43:6b:7f:dc:6d:a8:2d:10:b8:
13:04:be:1f:8f:3d:ad:fb:72:af:9d:e8:64:db:c6:
76:53:4a:3b:76:57:32:06:ef:5c:ec:76:4d:89:42:
fa:a5:89:35:94:4d:4f:70:a2:b2:05:51:1a:4d:07:
ad:87:46:8c:bf:8e:d2:35:a8:a0:43:fc:8c:0a:f3:
6d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:82:70:87:A1:25:AA:04:5C:32:60:E4:44:E5:D4:31:D7:E7:5F:4F
X509v3 Authority Key Identifier:
keyid:FC:B6:B1:7B:D2:E5:F1:4B:D3:75:A0:C0:E6:9D:FC:77:D9:70:2F:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/LYJwh6ElqgRcMmDkROXUMdfnX08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:0a:5c:47:26:05:69:8b:5a:36:03:84:11:6b:53:e2:8a:69:
7e:3b:2a:6f:4f:85:ea:b5:90:04:b1:04:b7:24:d2:73:3d:1e:
c5:93:ca:a1:c9:a6:b7:c7:3d:ec:23:63:ab:a1:8d:6f:39:91:
a2:9a:64:de:de:23:f2:1f:c9:18:5c:06:4c:2c:5a:18:3a:da:
0c:a7:61:75:ac:05:4c:5b:33:66:45:74:f8:a5:ad:6f:fa:a0:
30:96:c2:fc:db:7e:91:6e:ee:fa:a0:08:81:15:4e:b0:1d:db:
ed:06:f6:41:7c:2b:d4:bb:c3:a9:db:e0:45:0d:47:d6:49:6c:
48:11:f6:6a:98:82:a5:ea:c5:fc:18:c4:a4:0d:d3:5f:fa:be:
ca:df:80:75:01:d4:a8:f7:fd:79:fe:cd:a7:6c:05:37:6f:bb:
1c:db:47:7e:06:51:67:e1:10:50:a3:a5:77:a0:f8:20:86:cd:
ed:66:67:c0:a8:dd:f5:2f:c4:f1:2b:52:91:73:e5:e7:95:61:
25:df:c9:01:37:31:4a:f1:b5:55:58:b3:99:86:85:58:28:2e:
59:9b:e3:62:72:b8:60:72:d0:a4:45:a9:28:2c:a3:07:5c:09:
1a:ac:c1:b0:9f:d6:2f:53:2e:4f:9e:cb:d1:2d:96:cf:f3:35:
96:c0:58:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/ZOH/OtnovDL4dF2cfn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYjZiMTdiZDJlNWYxNGJkMzc1YTBjMGU2OWRmYzc3ZDk3
MDJmNGEwHhcNMjUwMTAyMDc0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDgyNzA4N2ExMjVhYTA0NWMzMjYwZTQ0NGU1ZDQzMWQ3ZTc1ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpgN/lPDrjBbE45VJIbZfhbrQnhb
swxivHS5djOm7XaZMgkqslGozh3TF6O5zW/71xmVR0uTDEkS/AVgLVSJdiaNPJJL
fR63DJeBmuRqK9mG8Ust8CWnVA2jl0wII6eX42zBDOI+gsZGVso9zi11Zb2quJxV
ekW1inDi0EqHm2xRFmriWLtKpeU1CdbJutzIskAhdOOCPCh36bPx6ij/NtWTNIGR
t3d31IWWNotm+LeytwJu1z7DQXxDa3/cbagtELgTBL4fjz2t+3Kvnehk28Z2U0o7
dlcyBu9c7HZNiUL6pYk1lE1PcKKyBVEaTQeth0aMv47SNaigQ/yMCvNtDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2CcIehJaoEXDJg5ETl1DHX519PMB8GA1UdIwQY
MBaAFPy2sXvS5fFL03WgwOad/HfZcC9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0xheGU5TGw4VXZUZGFEQTVwMzhkOWx3TDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMWE0MjEtYmRiZi00M2UwLThhZWIt
MmM0OGNiMjk4NjQ2LzEvTFlKd2g2RWxxZ1JjTW1Ea1JPWFVNZGZuWDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMWE0MjEtYmRiZi00M2UwLThhZWItMmM0OGNiMjk4NjQ2
LzEvX0xheGU5TGw4VXZUZGFEQTVwMzhkOWx3TDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufbHMA0G
CSqGSIb3DQEBCwUAA4IBAQB6ClxHJgVpi1o2A4QRa1Piiml+OypvT4XqtZAEsQS3
JNJzPR7Fk8qhyaa3xz3sI2OroY1vOZGimmTe3iPyH8kYXAZMLFoYOtoMp2F1rAVM
WzNmRXT4pa1v+qAwlsL8236Rbu76oAiBFU6wHdvtBvZBfCvUu8Op2+BFDUfWSWxI
EfZqmIKl6sX8GMSkDdNf+r7K34B1AdSo9/15/s2nbAU3b7sc20d+BlFn4RBQo6V3
oPgghs3tZmfAqN31L8TxK1KRc+XnlWEl38kBNzFK8bVVWLOZhoVYKC5Zm+Nicrhg
ctCkRakoLKMHXAkarMGwn9YvUy5PnsvRLZbP8zWWwFis
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:23:38 2025 by rpki-client