Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/LMLHHOF93hK4OUpbUUvvwD0c0kY.roa
File: LMLHHOF93hK4OUpbUUvvwD0c0kY.roa (raw, json)
Hash identifier: 02jA2t2eBDun8+LsbWX6msyQRXMN/G2Ajm0JM11hXxw=
Subject key identifier: 2C:C2:C7:1C:E1:7D:DE:12:B8:39:4A:5B:51:4B:EF:C0:3D:1C:D2:46
Certificate issuer: /CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Certificate serial: 01942445464EC24AFD8EF4048C059C9956D5
Authority key identifier: 7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/LMLHHOF93hK4OUpbUUvvwD0c0kY.roa
Signing time: Wed 01 Jan 2025 23:48:27 +0000
ROA not before: Wed 01 Jan 2025 23:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47709
IP address blocks: 89.249.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:46:4e:c2:4a:fd:8e:f4:04:8c:05:9c:99:56:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Validity
Not Before: Jan 1 23:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cc2c71ce17dde12b8394a5b514befc03d1cd246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d3:91:a7:58:d2:73:cb:95:8a:e6:cf:cb:f8:
ea:97:57:2f:d8:94:4b:04:85:ce:73:13:04:a5:4c:
42:99:d6:27:26:f7:54:00:66:48:94:6b:a8:49:03:
e9:9f:f4:e3:02:da:15:2d:e8:3d:ba:dc:a6:ca:ff:
94:b4:7c:4d:d3:b6:a5:12:92:ac:05:ce:7a:d7:65:
b1:9d:da:3e:30:ad:16:6a:aa:1a:69:d9:ec:03:96:
64:33:9a:03:7e:1b:72:4b:86:ef:da:6e:e0:9a:aa:
d5:0e:c5:f2:3f:14:1c:1a:ac:be:14:1f:d2:1b:86:
47:88:84:33:be:1e:6e:71:42:2a:a1:ab:3a:f7:00:
bf:bd:02:e3:6f:db:51:12:b0:88:5f:23:8b:a9:2d:
66:b0:85:00:6a:33:99:6e:dc:c4:48:5d:3e:90:c0:
9c:f4:9e:6e:7b:d7:a3:23:73:92:56:f8:db:af:5c:
1e:5a:f4:ad:d1:e8:14:19:a7:24:66:ec:b8:04:93:
d1:e2:06:66:af:83:de:1c:56:d9:1c:a6:f3:f8:a1:
d2:06:2c:5f:5b:f7:4d:ab:12:8e:20:91:e3:66:00:
84:46:63:b6:cd:de:a2:15:92:a3:b7:1e:36:f7:2b:
62:31:c7:a0:e5:1c:09:7d:22:d6:bc:93:6f:66:9b:
41:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C2:C7:1C:E1:7D:DE:12:B8:39:4A:5B:51:4B:EF:C0:3D:1C:D2:46
X509v3 Authority Key Identifier:
keyid:7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/LMLHHOF93hK4OUpbUUvvwD0c0kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.239.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c1:51:a2:88:e0:96:02:c2:fc:b7:74:e2:97:42:02:41:55:
4e:a7:6d:3a:b9:f3:05:2c:78:77:f4:58:2b:60:94:54:ca:d5:
1e:c7:17:c3:a2:aa:57:8e:ca:93:01:ad:46:eb:9d:71:ea:96:
04:e8:bc:8c:30:f2:78:de:38:d3:23:42:d1:b3:cd:81:7e:aa:
5d:0b:cb:0a:32:0b:1d:06:03:5a:6a:f7:06:d0:87:e5:a6:5d:
96:39:ea:a0:95:6e:64:ed:75:a3:cc:db:66:0e:0c:b4:ce:5b:
e3:dd:f7:42:23:1f:e0:2c:e3:b0:00:e0:02:2f:74:b1:a9:1d:
29:2b:bd:1a:32:32:9b:0a:83:cc:1e:a4:5d:00:e4:5d:0c:b8:
54:88:6c:33:51:1c:0c:1d:69:6a:e6:f7:06:3c:c4:16:47:50:
89:24:02:7d:23:10:da:5a:e8:31:25:15:c9:2e:01:45:3b:a1:
5b:51:72:3d:f1:56:04:93:b1:12:18:b4:ef:39:fa:ca:28:38:
2f:d2:24:7e:c5:a7:cc:d7:ee:3f:dd:07:5e:c3:16:e9:23:8b:
5d:b1:0e:89:1b:9b:30:45:36:31:be:be:a1:d3:72:53:88:47:
ac:33:4c:61:ad:38:16:2d:e9:4b:cf:75:fc:bf:38:6e:60:47:
73:7f:78:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRUZOwkr9jvQEjAWcmVbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDU5OTdlZDA3NWMyMjk4YjQ2MTIyNWUxMDYwZjU3N2Ix
ZDdkNGQwHhcNMjUwMTAxMjM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2MyYzcxY2UxN2RkZTEyYjgzOTRhNWI1MTRiZWZjMDNkMWNkMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNORp1jSc8uViubPy/jql1cv2JRL
BIXOcxMEpUxCmdYnJvdUAGZIlGuoSQPpn/TjAtoVLeg9utymyv+UtHxN07alEpKs
Bc5612Wxndo+MK0WaqoaadnsA5ZkM5oDfhtyS4bv2m7gmqrVDsXyPxQcGqy+FB/S
G4ZHiIQzvh5ucUIqoas69wC/vQLjb9tRErCIXyOLqS1msIUAajOZbtzESF0+kMCc
9J5ue9ejI3OSVvjbr1weWvSt0egUGackZuy4BJPR4gZmr4PeHFbZHKbz+KHSBixf
W/dNqxKOIJHjZgCERmO2zd6iFZKjtx429ytiMceg5RwJfSLWvJNvZptBSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCzCxxzhfd4SuDlKW1FL78A9HNJGMB8GA1UdIwQY
MBaAFHvVmX7QdcIpi0YSJeEGD1d7HX1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUt
NWFjN2YwNjYyMzBiLzEvTE1MSEhPRjkzaEs0T1VwYlVVdnZ3RDBjMGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUtNWFjN2YwNjYyMzBi
LzEvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnvMA0G
CSqGSIb3DQEBCwUAA4IBAQA/wVGiiOCWAsL8t3Til0ICQVVOp206ufMFLHh39Fgr
YJRUytUexxfDoqpXjsqTAa1G651x6pYE6LyMMPJ43jjTI0LRs82BfqpdC8sKMgsd
BgNaavcG0Iflpl2WOeqglW5k7XWjzNtmDgy0zlvj3fdCIx/gLOOwAOACL3SxqR0p
K70aMjKbCoPMHqRdAORdDLhUiGwzURwMHWlq5vcGPMQWR1CJJAJ9IxDaWugxJRXJ
LgFFO6FbUXI98VYEk7ESGLTvOfrKKDgv0iR+xafM1+4/3QdewxbpI4tdsQ6JG5sw
RTYxvr6h03JTiEesM0xhrTgWLelLz3X8vzhuYEdzf3iK
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:59:21 2025 by rpki-client