Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/lLOh6luqTBaLKuTZsKHpgvacIKo.roa
File: lLOh6luqTBaLKuTZsKHpgvacIKo.roa (raw, json)
Hash identifier: FnwAvD4mCWsVQIEAvPejFhFzmC8kaFOk2uZReTeDf58=
Subject key identifier: 94:B3:A1:EA:5B:AA:4C:16:8B:2A:E4:D9:B0:A1:E9:82:F6:9C:20:AA
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 0194258F1A9FA0DC7541C90F518B296A03A1
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/lLOh6luqTBaLKuTZsKHpgvacIKo.roa
Signing time: Thu 02 Jan 2025 05:48:43 +0000
ROA not before: Thu 02 Jan 2025 05:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34478
IP address blocks: 193.140.71.0/24 maxlen: 24
194.27.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:1a:9f:a0:dc:75:41:c9:0f:51:8b:29:6a:03:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 2 05:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94b3a1ea5baa4c168b2ae4d9b0a1e982f69c20aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0a:9f:4a:5c:0e:a8:f8:b7:a2:82:33:0b:9e:
bb:84:09:5e:77:b7:44:47:19:8f:b8:b9:e2:d8:9c:
47:30:ad:06:8a:e6:b4:a0:73:58:c7:02:01:f4:62:
0f:be:77:98:bb:00:ca:b7:50:e3:98:04:48:63:26:
a1:26:e0:ec:78:96:34:19:52:7f:89:8c:e6:16:17:
1b:f9:fe:5b:67:00:71:05:ee:c3:27:d7:93:4f:31:
ed:af:4d:c8:1b:6a:62:2c:cc:60:b6:35:54:8a:25:
7a:00:ab:42:c8:33:a8:99:57:07:68:64:6c:f6:d9:
8e:b0:4d:30:54:8f:bc:d5:ce:93:74:e2:33:a4:ea:
7a:15:07:84:05:13:67:2e:ba:96:fa:93:f5:d7:95:
c9:e2:48:c5:6e:af:f0:f9:a5:43:ca:3b:b2:f9:d4:
54:8f:9c:dc:54:e1:05:49:ab:2c:75:f6:7e:3d:e2:
c0:e3:84:2e:72:7d:67:88:7a:3d:01:db:3c:cc:37:
17:a0:75:2d:1e:34:3c:e1:19:95:2a:0f:7d:12:b7:
f9:cb:42:02:1e:07:78:ca:28:f7:d1:43:ec:c7:7e:
0d:e3:63:99:1b:d4:2d:60:ec:1d:e3:7b:ab:c9:d7:
35:87:f0:c8:85:9a:ce:7a:b1:e8:8a:c6:b8:3d:b8:
b0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B3:A1:EA:5B:AA:4C:16:8B:2A:E4:D9:B0:A1:E9:82:F6:9C:20:AA
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/lLOh6luqTBaLKuTZsKHpgvacIKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.71.0/24
194.27.148.0/24
Signature Algorithm: sha256WithRSAEncryption
81:4d:bf:8b:bb:58:81:b8:2f:1d:2a:f3:d7:09:05:c8:c4:e6:
67:b5:3a:c3:ad:34:99:bc:46:31:50:26:11:e4:d9:55:73:48:
39:43:11:59:ed:de:c1:9f:52:e4:4f:59:51:12:28:d2:ab:20:
15:92:46:1f:87:68:c7:24:4f:37:c5:96:78:a3:5b:2c:d0:dd:
48:56:af:e2:a1:4d:48:af:cf:72:65:26:d2:9c:c4:e5:3b:6e:
c8:4c:07:df:92:5d:9b:28:0c:10:15:a6:98:f0:50:0e:ba:ba:
0d:02:8c:86:ef:c7:1d:e7:73:d7:0c:09:49:08:44:d7:20:ed:
b5:86:f6:14:9a:d8:c8:8a:dc:22:f7:5d:d9:ab:05:76:a2:3d:
4a:1b:c3:06:46:e8:9c:2c:26:ef:b3:e0:00:a8:14:1d:44:f2:
9a:b3:27:ab:a0:e4:7d:7c:23:d7:cb:94:20:e2:37:f9:6c:5e:
69:7e:8f:85:f3:a4:1c:3a:ab:cf:ae:48:26:4d:3b:7e:ae:ae:
b4:e2:40:6a:f2:ff:68:73:7f:39:3c:25:a1:4a:13:ef:54:e6:
4a:aa:5c:98:76:ce:2b:23:c3:25:7b:00:1d:c1:d0:98:c3:22:
26:b1:d5:e6:8d:72:dd:f1:0f:ff:c4:a5:e1:a8:ad:c0:4d:b4:
62:4d:56:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljxqfoNx1QckPUYspagOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjUwMTAyMDU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGIzYTFlYTViYWE0YzE2OGIyYWU0ZDliMGExZTk4MmY2OWMyMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgqfSlwOqPi3ooIzC567hAled7dE
RxmPuLni2JxHMK0Giua0oHNYxwIB9GIPvneYuwDKt1DjmARIYyahJuDseJY0GVJ/
iYzmFhcb+f5bZwBxBe7DJ9eTTzHtr03IG2piLMxgtjVUiiV6AKtCyDOomVcHaGRs
9tmOsE0wVI+81c6TdOIzpOp6FQeEBRNnLrqW+pP115XJ4kjFbq/w+aVDyjuy+dRU
j5zcVOEFSassdfZ+PeLA44Qucn1niHo9Ads8zDcXoHUtHjQ84RmVKg99Erf5y0IC
Hgd4yij30UPsx34N42OZG9QtYOwd43urydc1h/DIhZrOerHoisa4PbiwEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJSzoepbqkwWiyrk2bCh6YL2nCCqMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvbExPaDZsdXFUQmFMS3VUWnNLSHBndmFjSUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwYxHAwQA
whuUMA0GCSqGSIb3DQEBCwUAA4IBAQCBTb+Lu1iBuC8dKvPXCQXIxOZntTrDrTSZ
vEYxUCYR5NlVc0g5QxFZ7d7Bn1LkT1lREijSqyAVkkYfh2jHJE83xZZ4o1ss0N1I
Vq/ioU1Ir89yZSbSnMTlO27ITAffkl2bKAwQFaaY8FAOuroNAoyG78cd53PXDAlJ
CETXIO21hvYUmtjIitwi913ZqwV2oj1KG8MGRuicLCbvs+AAqBQdRPKasyeroOR9
fCPXy5Qg4jf5bF5pfo+F86QcOqvPrkgmTTt+rq604kBq8v9oc385PCWhShPvVOZK
qlyYds4rI8MlewAdwdCYwyImsdXmjXLd8Q//xKXhqK3ATbRiTVby
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:44:31 2025 by rpki-client