Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/LKpTou4dK0FkHLB5dvm_R64KPEw.roa
File: LKpTou4dK0FkHLB5dvm_R64KPEw.roa (raw, json)
Hash identifier: urbU3y2ds+0JSYTqJtT39EBbRZJBb1O1+kBFO2Ha188=
Subject key identifier: 2C:AA:53:A2:EE:1D:2B:41:64:1C:B0:79:76:F9:BF:47:AE:0A:3C:4C
Certificate issuer: /CN=9b1ea15c21b7d55dea4bdc861b1c0afc9e437031
Certificate serial: 01828E7EA94A7BE36A28F281C1440B03511D
Authority key identifier: 9B:1E:A1:5C:21:B7:D5:5D:EA:4B:DC:86:1B:1C:0A:FC:9E:43:70:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mx6hXCG31V3qS9yGGxwK_J5DcDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/LKpTou4dK0FkHLB5dvm_R64KPEw.roa
Signing time: Thu 11 Aug 2022 20:00:41 +0000
ROA not before: Thu 11 Aug 2022 20:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 188.208.103.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:7e:a9:4a:7b:e3:6a:28:f2:81:c1:44:0b:03:51:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b1ea15c21b7d55dea4bdc861b1c0afc9e437031
Validity
Not Before: Aug 11 20:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2caa53a2ee1d2b41641cb07976f9bf47ae0a3c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:58:01:62:fa:b2:18:22:97:be:f5:9f:6b:14:
22:91:98:45:4a:88:bf:11:a3:64:43:cd:78:1d:ef:
31:ae:b7:86:f5:d0:da:b6:2f:5d:ca:6a:7c:ac:07:
76:52:a9:66:e2:ab:09:cc:0d:25:95:f8:a3:3b:b7:
79:52:7f:ff:5d:50:04:9c:7e:be:3a:5b:3e:2a:23:
53:1a:2f:31:04:c8:dc:07:d3:1f:de:f8:42:01:0a:
7a:be:2a:1b:66:ab:48:bd:3b:d2:71:04:c4:92:29:
8d:cd:25:c8:f2:98:ee:37:ea:69:a4:d1:5d:c3:ee:
cf:43:b9:4d:5f:02:b4:a9:ac:df:e0:77:9f:eb:30:
69:56:05:0f:7a:7d:52:79:e2:1b:83:01:d3:fc:a5:
68:41:0a:be:b7:31:cb:7a:a4:3a:e6:79:04:38:7d:
79:13:4e:19:df:ee:91:a1:2e:a9:19:28:e1:14:d1:
c4:5a:7c:79:65:a7:a8:74:ff:f5:cd:66:aa:7e:70:
17:81:f6:d4:b2:52:e8:3a:69:28:a8:de:d9:da:be:
7d:74:3a:0f:11:ca:a8:3b:20:a5:8b:72:76:77:ae:
ad:93:76:1a:b6:e3:a3:23:71:ae:f7:65:2e:54:cd:
ee:b9:1b:79:59:58:d5:cf:1a:ca:59:6e:e9:e3:eb:
52:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AA:53:A2:EE:1D:2B:41:64:1C:B0:79:76:F9:BF:47:AE:0A:3C:4C
X509v3 Authority Key Identifier:
keyid:9B:1E:A1:5C:21:B7:D5:5D:EA:4B:DC:86:1B:1C:0A:FC:9E:43:70:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mx6hXCG31V3qS9yGGxwK_J5DcDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/LKpTou4dK0FkHLB5dvm_R64KPEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/mx6hXCG31V3qS9yGGxwK_J5DcDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
188.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
90:9b:40:5d:60:85:b4:40:d8:d7:37:b7:b7:99:e7:2a:71:ec:
23:95:8c:b4:61:25:b2:78:cb:ae:8b:28:50:b1:68:2a:8d:5e:
24:34:71:79:98:5f:66:b2:76:7e:3e:de:10:fb:ed:3c:a1:d3:
4c:d9:7a:e3:92:2d:e9:17:a7:a2:f8:69:05:da:f0:70:e4:30:
a6:c9:16:71:81:aa:40:8c:14:a9:f0:b8:b9:2a:f2:a8:8e:c1:
cf:8e:dc:e9:4b:91:28:9c:11:30:84:c1:bc:ce:e9:90:30:a5:
31:60:eb:cb:27:d4:93:f8:fe:cd:96:80:e8:9c:9c:9b:81:2b:
8f:fd:3f:a3:6d:eb:04:74:8f:74:ee:e2:88:c2:55:7a:52:c4:
4d:9c:85:4b:91:c0:aa:75:c0:70:fe:5d:8a:93:e4:2d:33:17:
85:1e:fa:91:82:ad:3a:96:27:ee:e2:93:f9:0d:3f:2a:48:f5:
ff:7f:66:e7:5b:de:77:42:39:b0:08:6f:0d:b4:38:c2:11:e6:
87:78:da:70:13:90:04:0b:26:cd:0d:89:29:38:88:c7:ab:a7:
26:94:a4:e7:26:41:18:0c:7e:2d:a5:aa:e7:2e:a7:55:03:4c:
c1:bb:7b:86:47:d8:a0:11:9c:a0:1a:2e:a1:5c:09:f7:8e:fd:
83:84:40:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKOfqlKe+NqKPKBwUQLA1EdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMWVhMTVjMjFiN2Q1NWRlYTRiZGM4NjFiMWMwYWZjOWU0
MzcwMzEwHhcNMjIwODExMjAwMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2FhNTNhMmVlMWQyYjQxNjQxY2IwNzk3NmY5YmY0N2FlMGEzYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFgBYvqyGCKXvvWfaxQikZhFSoi/
EaNkQ814He8xrreG9dDati9dymp8rAd2Uqlm4qsJzA0llfijO7d5Un//XVAEnH6+
Ols+KiNTGi8xBMjcB9Mf3vhCAQp6viobZqtIvTvScQTEkimNzSXI8pjuN+pppNFd
w+7PQ7lNXwK0qazf4Hef6zBpVgUPen1SeeIbgwHT/KVoQQq+tzHLeqQ65nkEOH15
E04Z3+6RoS6pGSjhFNHEWnx5ZaeodP/1zWaqfnAXgfbUslLoOmkoqN7Z2r59dDoP
EcqoOyCli3J2d66tk3YatuOjI3Gu92UuVM3uuRt5WVjVzxrKWW7p4+tSlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCyqU6LuHStBZByweXb5v0euCjxMMB8GA1UdIwQY
MBaAFJseoVwht9Vd6kvchhscCvyeQ3AxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXg2aFhDRzMxVjNxUzl5R0d4d0tfSjVEY0RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWUwMWYtZTk3Ni00ODAzLTk2MWUt
OTRjZjIyZGVlNWZlLzEvTEtwVG91NGRLMEZrSExCNWR2bV9SNjRLUEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85ZWUwMWYtZTk3Ni00ODAzLTk2MWUtOTRjZjIyZGVlNWZl
LzEvbXg2aFhDRzMxVjNxUzl5R0d4d0tfSjVEY0RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPsCYAwQA
vNBnMA0GCSqGSIb3DQEBCwUAA4IBAQCQm0BdYIW0QNjXN7e3mecqcewjlYy0YSWy
eMuuiyhQsWgqjV4kNHF5mF9msnZ+Pt4Q++08odNM2Xrjki3pF6ei+GkF2vBw5DCm
yRZxgapAjBSp8Li5KvKojsHPjtzpS5EonBEwhMG8zumQMKUxYOvLJ9ST+P7NloDo
nJybgSuP/T+jbesEdI907uKIwlV6UsRNnIVLkcCqdcBw/l2Kk+QtMxeFHvqRgq06
lifu4pP5DT8qSPX/f2bnW953QjmwCG8NtDjCEeaHeNpwE5AECybNDYkpOIjHq6cm
lKTnJkEYDH4tparnLqdVA0zBu3uGR9igEZygGi6hXAn3jv2DhEBM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:42 2025 by rpki-client