Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/Lr0nKbirlPmBX-3lvJsCJOROKJM.roa
File: Lr0nKbirlPmBX-3lvJsCJOROKJM.roa (raw, json)
Hash identifier: TqdXd4s2N+H906Qbg6lObKToYZQaynILZEigcrAh59E=
Subject key identifier: 2E:BD:27:29:B8:AB:94:F9:81:5F:ED:E5:BC:9B:02:24:E4:4E:28:93
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 019424448D42DA1D560C7AE1838A6ED078C4
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/Lr0nKbirlPmBX-3lvJsCJOROKJM.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49715
IP address blocks: 94.240.8.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8d:42:da:1d:56:0c:7a:e1:83:8a:6e:d0:78:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ebd2729b8ab94f9815fede5bc9b0224e44e2893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cf:16:79:9a:08:39:ff:14:de:92:e0:cd:7f:
80:b9:75:f4:74:25:5c:e6:cf:df:23:01:c9:a1:fb:
8c:19:74:68:a4:d8:0f:c1:ee:69:f8:46:88:c6:e7:
ae:7c:10:c3:da:c5:a6:65:9c:76:98:89:d8:94:c5:
1d:ad:13:82:b6:89:e7:78:5d:53:f8:34:93:3d:42:
9d:75:c1:f2:df:b9:5c:32:f6:2c:ec:81:d9:29:d3:
1f:e4:08:b4:05:1b:95:20:68:c9:9d:27:45:09:22:
13:a5:99:7d:67:35:8f:3c:f6:76:c0:32:10:53:7c:
ae:62:ca:c4:f7:6a:12:35:bd:ac:47:41:22:72:77:
a0:bf:60:9c:88:22:d1:29:5e:65:39:66:fb:b1:82:
f0:69:4f:bc:d1:2f:d7:ea:07:44:8a:f6:4f:ef:ba:
83:e4:47:ca:f2:a6:98:05:eb:1d:37:5d:6f:71:6f:
d5:01:46:50:da:1f:3e:6b:eb:d0:5f:3f:4c:9b:db:
db:70:57:53:d4:fc:01:53:be:b1:24:bd:44:3f:2a:
73:45:65:ac:8c:3c:18:e1:76:41:79:ed:53:70:ee:
87:65:6d:2a:56:73:a9:08:e9:27:1f:44:f4:c9:8e:
b7:2b:bf:49:da:8c:be:e3:0f:d5:ba:cd:cb:3e:a2:
0f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:BD:27:29:B8:AB:94:F9:81:5F:ED:E5:BC:9B:02:24:E4:4E:28:93
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/Lr0nKbirlPmBX-3lvJsCJOROKJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.8.0/22
Signature Algorithm: sha256WithRSAEncryption
17:ef:00:27:40:ac:7a:8c:39:9e:60:28:d7:41:a3:bc:af:b8:
f6:a4:41:71:35:c0:06:cf:7e:f9:6b:25:33:2d:73:7e:f0:27:
6f:f7:40:3c:8b:8e:ca:c8:7e:03:02:89:5e:9d:74:01:96:38:
b1:e8:6b:31:da:e6:12:b2:73:bc:e5:b0:43:78:9a:1e:1e:13:
25:ae:1b:8e:af:69:d9:35:c2:ac:16:88:c7:b5:c2:93:e8:ff:
d2:6b:43:90:4b:ef:ae:f0:c8:5d:92:9c:f7:8e:e4:24:0e:ba:
a7:33:cb:0a:46:38:d6:39:0e:ab:82:8b:a7:5f:ac:93:43:7b:
7a:7f:f5:7d:08:f3:21:c0:c1:67:0a:41:0d:08:10:2a:f4:bc:
fc:fd:70:45:56:19:8b:67:e5:69:a5:9e:30:06:d7:97:be:c4:
19:a2:40:f8:50:5d:7f:a6:92:f4:2e:81:4e:38:ae:da:57:4a:
84:53:ed:28:b3:69:6f:b6:c2:3f:f7:33:eb:17:d9:ce:7d:e6:
ee:30:7d:73:a5:57:1b:4a:da:91:ac:ab:10:b6:fa:d1:0b:68:
e5:22:1b:c1:72:31:e7:0f:8c:8a:d9:c2:65:98:29:0a:51:d1:
5d:42:7e:90:fc:7a:c1:15:3c:b0:c7:f6:f3:16:f6:3c:3e:e8:
37:31:b0:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRI1C2h1WDHrhg4pu0HjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWJkMjcyOWI4YWI5NGY5ODE1ZmVkZTViYzliMDIyNGU0NGUyODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc8WeZoIOf8U3pLgzX+AuXX0dCVc
5s/fIwHJofuMGXRopNgPwe5p+EaIxueufBDD2sWmZZx2mInYlMUdrROCtonneF1T
+DSTPUKddcHy37lcMvYs7IHZKdMf5Ai0BRuVIGjJnSdFCSITpZl9ZzWPPPZ2wDIQ
U3yuYsrE92oSNb2sR0Eicnegv2CciCLRKV5lOWb7sYLwaU+80S/X6gdEivZP77qD
5EfK8qaYBesdN11vcW/VAUZQ2h8+a+vQXz9Mm9vbcFdT1PwBU76xJL1EPypzRWWs
jDwY4XZBee1TcO6HZW0qVnOpCOknH0T0yY63K79J2oy+4w/Vus3LPqIPawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC69Jym4q5T5gV/t5bybAiTkTiiTMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvTHIwbktiaXJsUG1CWC0zbHZKc0NKT1JPS0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvAIMA0G
CSqGSIb3DQEBCwUAA4IBAQAX7wAnQKx6jDmeYCjXQaO8r7j2pEFxNcAGz375ayUz
LXN+8Cdv90A8i47KyH4DAolenXQBljix6Gsx2uYSsnO85bBDeJoeHhMlrhuOr2nZ
NcKsFojHtcKT6P/Sa0OQS++u8Mhdkpz3juQkDrqnM8sKRjjWOQ6rgounX6yTQ3t6
f/V9CPMhwMFnCkENCBAq9Lz8/XBFVhmLZ+VppZ4wBteXvsQZokD4UF1/ppL0LoFO
OK7aV0qEU+0os2lvtsI/9zPrF9nOfebuMH1zpVcbStqRrKsQtvrRC2jlIhvBcjHn
D4yK2cJlmCkKUdFdQn6Q/HrBFTywx/bzFvY8Pug3MbB1
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:22 2025 by rpki-client