Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LYfJTtwMLZNbjp9r74-kOABLU0M.roa
File: LYfJTtwMLZNbjp9r74-kOABLU0M.roa (raw, json)
Hash identifier: F86fuIGXUamwcfiKEXcIzRmSW5VPLnTegDrY63ZI3x4=
Subject key identifier: 2D:87:C9:4E:DC:0C:2D:93:5B:8E:9F:6B:EF:8F:A4:38:00:4B:53:43
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0195A400CAB7DBB93D20E60A43998C195366
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LYfJTtwMLZNbjp9r74-kOABLU0M.roa
Signing time: Mon 17 Mar 2025 12:07:49 +0000
ROA not before: Mon 17 Mar 2025 12:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 5.180.234.0/24 maxlen: 24
45.8.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:00:ca:b7:db:b9:3d:20:e6:0a:43:99:8c:19:53:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 17 12:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d87c94edc0c2d935b8e9f6bef8fa438004b5343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:76:e3:79:e8:1e:2d:f1:97:01:99:25:e5:da:
9e:41:a3:c0:cb:bb:a7:b5:fc:f4:e4:86:42:a4:cd:
5c:eb:7f:7d:15:93:43:20:2f:55:d5:f5:e4:c5:63:
ad:2d:08:a9:74:31:f7:0e:8a:f2:13:24:fd:71:2f:
34:b3:f6:d4:ac:50:01:40:24:ae:01:41:69:46:d8:
20:c1:67:19:70:15:df:10:a6:64:80:a2:2f:5a:27:
ad:49:96:7f:f5:a9:dc:77:a4:e0:fe:6d:1e:47:44:
22:32:be:9f:c0:76:3d:51:ab:a9:6f:16:2d:34:8e:
d2:bc:68:41:d3:5c:92:c5:34:96:28:3e:ea:5c:d8:
6d:12:19:7c:e9:0b:08:27:32:80:0c:2c:42:c3:c9:
9d:d9:3e:bd:23:f8:f2:73:56:d0:b0:43:27:3b:98:
e4:76:de:17:3d:17:b9:4c:d0:a8:e6:ca:9b:d6:db:
5f:54:65:61:e9:ad:09:5d:f0:e8:ef:35:c8:51:e2:
ef:62:ec:cb:a4:a2:e0:73:7d:13:7b:08:19:32:63:
3c:42:83:e2:0a:18:d9:f2:83:b2:ff:c8:7a:0f:be:
a1:7d:f8:20:b6:38:69:93:f6:d8:83:07:b4:87:43:
c4:92:b4:b8:84:36:30:11:47:c9:06:da:4b:57:54:
32:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:87:C9:4E:DC:0C:2D:93:5B:8E:9F:6B:EF:8F:A4:38:00:4B:53:43
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LYfJTtwMLZNbjp9r74-kOABLU0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
45.8.205.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:a6:57:ae:37:01:cb:5f:a5:28:15:17:0d:b5:80:b1:39:60:
de:28:e0:87:a5:87:53:f5:65:58:08:49:66:82:4f:e3:4a:53:
60:a8:dd:c8:0c:bc:9a:f4:a6:c7:57:ae:e4:32:d2:0a:85:bc:
d4:b0:c6:d7:71:44:fa:21:f2:fa:b8:d1:f5:e1:ea:76:0f:54:
d2:99:8a:88:0b:43:33:01:39:b0:3c:28:86:44:d6:30:a9:a7:
cd:20:7d:58:b1:44:fb:6e:7f:d1:3e:25:57:13:9d:b4:84:73:
a8:02:e1:1f:c5:d7:2d:03:dd:5d:ff:c8:e5:d4:c6:42:e3:9b:
00:8c:e3:cd:70:2f:98:d4:dc:df:b9:de:d4:e2:a7:f8:a7:b5:
de:43:ed:75:1c:dd:7e:86:6b:70:05:10:96:7a:8a:1b:1a:4c:
b9:8e:f6:dd:1e:a2:1b:21:e3:00:00:d2:95:59:f3:54:3c:ea:
b1:f1:b0:12:27:4b:2d:e3:a4:66:9d:f0:f7:d5:15:2d:5c:2e:
c4:1f:b9:71:c1:d4:1a:32:e2:97:3b:e9:5d:2b:2c:6a:2b:ee:
57:ca:2a:be:b3:53:ed:4a:94:27:b6:c3:aa:10:f3:78:7a:72:
32:52:10:01:62:94:f1:60:70:3a:02:e9:91:f6:dd:b3:8c:e8:
85:05:3d:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWkAMq327k9IOYKQ5mMGVNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMzE3MTIwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDg3Yzk0ZWRjMGMyZDkzNWI4ZTlmNmJlZjhmYTQzODAwNGI1MzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHbjeegeLfGXAZkl5dqeQaPAy7un
tfz05IZCpM1c6399FZNDIC9V1fXkxWOtLQipdDH3DoryEyT9cS80s/bUrFABQCSu
AUFpRtggwWcZcBXfEKZkgKIvWietSZZ/9ancd6Tg/m0eR0QiMr6fwHY9UaupbxYt
NI7SvGhB01ySxTSWKD7qXNhtEhl86QsIJzKADCxCw8md2T69I/jyc1bQsEMnO5jk
dt4XPRe5TNCo5sqb1ttfVGVh6a0JXfDo7zXIUeLvYuzLpKLgc30TewgZMmM8QoPi
ChjZ8oOy/8h6D76hffggtjhpk/bYgwe0h0PEkrS4hDYwEUfJBtpLV1QyqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC2HyU7cDC2TW46fa++PpDgAS1NDMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTFlmSlR0d01MWk5ianA5cjc0LWtPQUJMVTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbTqAwQA
LQjNMA0GCSqGSIb3DQEBCwUAA4IBAQC9pleuNwHLX6UoFRcNtYCxOWDeKOCHpYdT
9WVYCElmgk/jSlNgqN3IDLya9KbHV67kMtIKhbzUsMbXcUT6IfL6uNH14ep2D1TS
mYqIC0MzATmwPCiGRNYwqafNIH1YsUT7bn/RPiVXE520hHOoAuEfxdctA91d/8jl
1MZC45sAjOPNcC+Y1Nzfud7U4qf4p7XeQ+11HN1+hmtwBRCWeoobGky5jvbdHqIb
IeMAANKVWfNUPOqx8bASJ0st46RmnfD31RUtXC7EH7lxwdQaMuKXO+ldKyxqK+5X
yiq+s1PtSpQntsOqEPN4enIyUhABYpTxYHA6AumR9t2zjOiFBT3Z
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:04:09 2025 by rpki-client