Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/LFMXcJ3OWByQXVfJAqZ7_ocSupA.roa
File: LFMXcJ3OWByQXVfJAqZ7_ocSupA.roa (raw, json)
Hash identifier: Up4ZD4PUB4O4YaDGDS3M7+WCfTXGSLwStZaxdawLRGY=
Subject key identifier: 2C:53:17:70:9D:CE:58:1C:90:5D:57:C9:02:A6:7B:FE:87:12:BA:90
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BC6D390E3A0033E19DBC25A44E503
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/LFMXcJ3OWByQXVfJAqZ7_ocSupA.roa
Signing time: Thu 02 Jan 2025 09:49:45 +0000
ROA not before: Thu 02 Jan 2025 09:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39879
IP address blocks: 212.183.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c6:d3:90:e3:a0:03:3e:19:db:c2:5a:44:e5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c5317709dce581c905d57c902a67bfe8712ba90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ae:b0:f9:a3:09:53:af:4e:ef:c0:7d:c3:a1:
b7:38:4e:0a:d6:6e:b3:19:c9:b5:b7:4d:92:53:f6:
f0:c9:99:9c:3e:8b:40:80:8e:bb:76:eb:dc:74:84:
87:f7:9d:81:3d:25:e9:1e:9d:be:a0:08:32:0b:e8:
d4:6f:9b:02:3c:b0:b9:02:3a:69:40:7d:64:c2:37:
63:11:4f:a3:8a:72:75:fe:87:ce:e0:50:60:64:5b:
85:83:cc:ef:07:6b:3c:a3:ae:c4:85:e1:b9:a6:38:
55:0f:78:17:b8:98:bf:a0:d6:bf:a3:12:49:70:1e:
a9:e7:20:b4:ed:ff:c7:40:91:1b:e9:ba:8f:14:ad:
1a:c8:90:aa:66:b4:b2:fa:49:bf:34:23:db:b1:31:
b9:f8:78:f2:40:36:23:24:4d:54:cf:9f:6f:6d:4a:
10:ad:40:1e:c1:84:95:75:f7:b3:c2:e8:4d:cd:c8:
ba:77:df:70:33:4d:6d:3b:f1:fd:0e:9c:1a:3c:e5:
f1:50:e1:d1:52:9c:b3:04:a7:5c:46:89:94:44:39:
a6:1a:08:24:7a:42:f8:d8:90:0e:ff:88:ba:c3:a1:
c0:44:d6:7b:9a:76:50:15:8a:ac:93:ec:29:4a:f8:
c6:d1:0f:6e:09:27:44:a4:44:58:59:29:24:11:7b:
ee:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:53:17:70:9D:CE:58:1C:90:5D:57:C9:02:A6:7B:FE:87:12:BA:90
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/LFMXcJ3OWByQXVfJAqZ7_ocSupA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.183.22.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:68:50:43:a8:62:b6:13:d5:08:8b:92:3f:48:e7:b1:36:91:
52:f9:43:d0:d3:a3:6f:8c:cb:58:56:8b:df:52:78:91:ff:23:
f4:ab:0d:27:bc:b2:19:43:5b:24:5d:79:4b:51:0b:f2:fc:24:
e8:d7:8c:6a:3f:2f:cb:77:35:64:86:47:eb:ae:97:bd:b6:7d:
f7:0e:36:05:b7:2e:31:46:29:22:fb:2c:6d:6f:0e:71:97:6c:
47:21:3a:21:5f:1b:76:0e:83:11:bb:fa:8c:93:64:55:f7:0f:
b3:16:90:56:3a:2c:42:f3:f2:24:49:3b:12:e0:35:c8:ca:83:
ed:40:c3:0d:b1:21:a2:62:ac:22:07:90:2a:4f:d6:94:41:85:
63:3c:0e:22:7e:ae:be:d4:6c:17:c2:bd:40:83:e2:67:25:30:
34:31:8a:e0:8c:6c:be:1d:0e:0b:0f:14:7a:d5:98:e6:30:d3:
94:9a:8c:aa:5a:2d:69:8c:51:f2:b4:70:82:fc:78:28:1f:d0:
b2:5f:9d:10:d9:1e:eb:40:6f:34:aa:bc:4b:43:91:c0:94:64:
96:d0:81:f1:5a:1a:9a:4c:22:e8:24:ef:ba:75:0e:c2:2a:97:
fe:c9:2f:b0:ce:c5:9d:a2:c3:a1:55:8a:b7:d4:d0:f2:e7:48:
47:80:8d:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8bTkOOgAz4Z28JaROUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzUzMTc3MDlkY2U1ODFjOTA1ZDU3YzkwMmE2N2JmZTg3MTJiYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzK6w+aMJU69O78B9w6G3OE4K1m6z
Gcm1t02SU/bwyZmcPotAgI67duvcdISH952BPSXpHp2+oAgyC+jUb5sCPLC5Ajpp
QH1kwjdjEU+jinJ1/ofO4FBgZFuFg8zvB2s8o67EheG5pjhVD3gXuJi/oNa/oxJJ
cB6p5yC07f/HQJEb6bqPFK0ayJCqZrSy+km/NCPbsTG5+HjyQDYjJE1Uz59vbUoQ
rUAewYSVdfezwuhNzci6d99wM01tO/H9DpwaPOXxUOHRUpyzBKdcRomURDmmGggk
ekL42JAO/4i6w6HARNZ7mnZQFYqsk+wpSvjG0Q9uCSdEpERYWSkkEXvuZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxTF3CdzlgckF1XyQKme/6HErqQMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvTEZNWGNKM09XQnlRWFZmSkFxWjdfb2NTdXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1LcWMA0G
CSqGSIb3DQEBCwUAA4IBAQCfaFBDqGK2E9UIi5I/SOexNpFS+UPQ06NvjMtYVovf
UniR/yP0qw0nvLIZQ1skXXlLUQvy/CTo14xqPy/LdzVkhkfrrpe9tn33DjYFty4x
Riki+yxtbw5xl2xHITohXxt2DoMRu/qMk2RV9w+zFpBWOixC8/IkSTsS4DXIyoPt
QMMNsSGiYqwiB5AqT9aUQYVjPA4ifq6+1GwXwr1Ag+JnJTA0MYrgjGy+HQ4LDxR6
1ZjmMNOUmoyqWi1pjFHytHCC/HgoH9CyX50Q2R7rQG80qrxLQ5HAlGSW0IHxWhqa
TCLoJO+6dQ7CKpf+yS+wzsWdosOhVYq31NDy50hHgI2Z
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:10 2025 by rpki-client