Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/lzlK41JQdrC3BzutFzinXaQwgTI.roa
File: lzlK41JQdrC3BzutFzinXaQwgTI.roa (raw, json)
Hash identifier: rW30YIBySW9XT5Gur57+peTfdydQoKgfK8aumZY63vE=
Subject key identifier: 97:39:4A:E3:52:50:76:B0:B7:07:3B:AD:17:38:A7:5D:A4:30:81:32
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 0194258F1A0012364C807D5AE01A0CF8D0EB
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/lzlK41JQdrC3BzutFzinXaQwgTI.roa
Signing time: Thu 02 Jan 2025 05:48:42 +0000
ROA not before: Thu 02 Jan 2025 05:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24922
IP address blocks: 193.140.216.0/21 maxlen: 21
193.140.224.0/20 maxlen: 20
194.27.160.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:1a:00:12:36:4c:80:7d:5a:e0:1a:0c:f8:d0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 2 05:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97394ae3525076b0b7073bad1738a75da4308132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:d1:95:0f:4d:d2:d0:85:4f:82:14:c6:d0:
69:a0:54:ae:6d:ff:20:c1:a3:3e:6d:26:6f:16:4e:
a9:14:af:5c:27:7a:51:29:da:2c:29:18:5d:54:2e:
74:c0:68:e0:ef:d7:ee:5e:0c:42:84:19:04:99:67:
da:9f:eb:f2:dc:6a:88:b4:b4:1c:d4:97:25:63:f6:
95:cc:39:f3:36:9c:e1:1b:b4:d2:14:70:e8:ee:6d:
67:f1:bf:99:0b:bc:fc:7d:42:f1:84:40:5f:bd:22:
0a:fc:b6:19:ba:ce:0b:b4:5f:8b:aa:f3:f3:d5:94:
3a:80:76:ba:13:19:1f:25:1f:12:f4:d4:23:24:d7:
b6:b4:f8:b1:49:1c:26:ae:c5:2f:eb:be:55:08:40:
f7:5d:64:f7:67:50:27:34:ec:18:b5:16:10:71:f7:
09:74:83:1e:31:8d:00:22:4e:9f:7f:e6:d4:8c:d1:
c2:c4:d0:6f:48:41:c0:74:38:5e:d5:f9:62:48:64:
c7:b2:aa:46:f9:cb:e1:d3:cf:7a:6d:e7:db:87:f6:
2e:4c:80:6a:ee:ce:bc:b6:91:91:ed:df:f1:eb:73:
24:85:2e:42:63:49:a8:c3:81:25:b3:46:f6:ea:0e:
8d:c7:71:57:d7:0d:ce:12:7d:ae:77:21:f3:47:12:
ff:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:39:4A:E3:52:50:76:B0:B7:07:3B:AD:17:38:A7:5D:A4:30:81:32
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/lzlK41JQdrC3BzutFzinXaQwgTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.216.0-193.140.239.255
194.27.160.0/21
Signature Algorithm: sha256WithRSAEncryption
18:21:44:fa:4e:20:e2:93:f1:16:38:d9:60:f8:25:33:73:d2:
74:99:2a:0b:c2:23:ad:b6:e6:65:81:c4:8a:76:34:59:8e:3e:
71:fb:8b:cf:20:29:b1:95:be:aa:a0:ed:60:84:98:8d:3a:0a:
ff:64:6a:6f:8a:09:48:24:ae:f2:d5:cd:5d:73:a4:5d:0c:2c:
3b:6d:f3:36:24:50:f9:97:11:90:44:dd:20:cd:a7:32:a8:e9:
f8:8b:d9:5b:4e:f4:a8:d5:d8:8b:1b:fd:74:fc:8b:09:79:86:
99:a5:79:88:af:05:9c:5a:4b:cf:85:e6:9f:a7:3f:c9:4b:9d:
43:64:b2:5c:53:61:64:6a:48:95:f8:d0:8c:6d:96:93:71:bc:
a8:33:c0:6b:49:1c:bf:36:6e:42:42:2d:73:82:7a:d2:98:3a:
30:35:5f:48:ce:73:b8:6c:e0:39:c8:ac:37:a2:2a:6a:09:1b:
40:cf:fc:b4:dc:f4:b3:51:cc:05:5b:57:64:1d:8d:4c:3e:f8:
4d:9b:bd:52:10:eb:ed:85:59:d8:ca:63:49:2a:ec:d8:37:19:
1d:d4:64:f3:e5:df:3b:65:c8:df:b6:fa:c6:52:fc:95:42:d5:
4d:ff:a7:78:97:ce:56:ff:b1:ab:8a:58:86:55:42:34:54:0c:
ca:9d:4b:72
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQljxoAEjZMgH1a4BoM+NDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjUwMTAyMDU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM5NGFlMzUyNTA3NmIwYjcwNzNiYWQxNzM4YTc1ZGE0MzA4MTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIfRlQ9N0tCFT4IUxtBpoFSubf8g
waM+bSZvFk6pFK9cJ3pRKdosKRhdVC50wGjg79fuXgxChBkEmWfan+vy3GqItLQc
1JclY/aVzDnzNpzhG7TSFHDo7m1n8b+ZC7z8fULxhEBfvSIK/LYZus4LtF+LqvPz
1ZQ6gHa6ExkfJR8S9NQjJNe2tPixSRwmrsUv675VCED3XWT3Z1AnNOwYtRYQcfcJ
dIMeMY0AIk6ff+bUjNHCxNBvSEHAdDhe1fliSGTHsqpG+cvh0896befbh/YuTIBq
7s68tpGR7d/x63MkhS5CY0mow4Els0b26g6Nx3FX1w3OEn2udyHzRxL/OQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJc5SuNSUHawtwc7rRc4p12kMIEyMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvbHpsSzQxSlFkckMzQnp1dEZ6aW5YYVF3Z1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPBjNgD
BATBjOADBAPCG6AwDQYJKoZIhvcNAQELBQADggEBABghRPpOIOKT8RY42WD4JTNz
0nSZKgvCI6225mWBxIp2NFmOPnH7i88gKbGVvqqg7WCEmI06Cv9kam+KCUgkrvLV
zV1zpF0MLDtt8zYkUPmXEZBE3SDNpzKo6fiL2VtO9KjV2Isb/XT8iwl5hpmleYiv
BZxaS8+F5p+nP8lLnUNkslxTYWRqSJX40IxtlpNxvKgzwGtJHL82bkJCLXOCetKY
OjA1X0jOc7hs4DnIrDeiKmoJG0DP/LTc9LNRzAVbV2QdjUw++E2bvVIQ6+2FWdjK
Y0kq7Ng3GR3UZPPl3ztlyN+2+sZS/JVC1U3/p3iXzlb/sauKWIZVQjRUDMqdS3I=
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:17:08 2025 by rpki-client