Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/LLqhraFGljr3dBcTXJLh0FLdTF0.roa
File: LLqhraFGljr3dBcTXJLh0FLdTF0.roa (raw, json)
Hash identifier: timE18mbEFY/4/DUQrmimJKPLG95hIcJs7Vx1yhbTTo=
Subject key identifier: 2C:BA:A1:AD:A1:46:96:3A:F7:74:17:13:5C:92:E1:D0:52:DD:4C:5D
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018E7A75B9A2079CFD9B6AC540ED35111E63
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/LLqhraFGljr3dBcTXJLh0FLdTF0.roa
Signing time: Tue 26 Mar 2024 11:11:59 +0000
ROA not before: Tue 26 Mar 2024 11:11:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.113.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:75:b9:a2:07:9c:fd:9b:6a:c5:40:ed:35:11:1e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Mar 26 11:11:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cbaa1ada146963af77417135c92e1d052dd4c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:dc:38:cb:8c:8c:5b:d9:09:69:4b:57:37:9a:
06:8c:f8:91:0a:89:10:3f:36:15:02:0c:f4:77:d9:
49:4c:98:ed:97:25:f8:c0:ef:16:16:d6:a7:89:b8:
b2:41:eb:8d:60:1c:7a:7f:d2:e5:bc:da:f0:89:71:
90:de:2b:f5:9f:f6:5e:69:ef:ed:46:4a:1e:e2:f9:
c6:f0:53:bc:12:0f:dd:cc:78:f9:1b:ca:d5:f0:dc:
85:dc:9d:32:90:b6:f6:07:e8:6a:4c:97:82:73:c3:
c8:50:cc:a2:33:1f:bf:f2:1b:67:ef:7d:f0:c3:8f:
6e:8c:f4:86:fe:33:97:b9:52:9e:bf:6e:e1:68:f7:
61:d2:64:59:1a:94:30:96:ba:07:ea:a2:e9:a4:96:
b3:23:d2:bc:0e:a9:af:90:9b:95:e7:dc:8b:60:27:
f6:f1:23:cf:33:a7:f4:79:54:69:cc:18:43:96:91:
e9:c8:e8:29:fe:08:8b:13:e3:42:4a:e4:3a:d2:13:
89:78:8c:55:e5:02:51:a4:54:73:95:ac:a7:5d:8d:
32:73:ac:eb:b0:da:98:4b:bd:87:9b:86:71:44:6e:
68:c5:79:ef:7b:3c:ba:91:f0:43:d6:8f:10:14:5f:
4c:54:69:c9:b7:3a:a0:12:ac:b7:af:3e:98:48:26:
ff:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BA:A1:AD:A1:46:96:3A:F7:74:17:13:5C:92:E1:D0:52:DD:4C:5D
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/LLqhraFGljr3dBcTXJLh0FLdTF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.66.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:69:6c:9e:b4:49:9e:2a:50:8d:e4:b7:79:0e:2a:49:bb:75:
8d:e5:8b:52:74:04:48:cb:21:0d:0d:e6:69:82:8f:32:9b:b8:
d8:a0:0a:83:92:99:59:43:bc:4e:8a:42:62:50:01:a6:fc:12:
b3:b5:5e:a4:36:51:24:f3:7d:91:09:df:52:4b:b8:e0:f2:cc:
98:25:58:90:4a:25:25:22:10:fa:3f:9f:03:00:50:0c:f0:12:
c3:db:9f:c8:2e:29:eb:6d:73:7f:a2:78:80:47:86:79:73:15:
fd:78:c6:75:66:70:73:6e:0e:0c:bd:dc:85:7e:9c:f0:b6:2b:
c8:2f:10:27:3c:9d:48:bc:77:4c:aa:c4:7e:ef:b4:09:98:14:
1e:84:7a:f3:3f:f3:c9:c4:8b:43:45:d7:12:a0:30:c4:95:25:
65:cb:a1:4d:48:87:4e:83:c0:78:f2:fd:21:0b:fd:96:ee:9e:
49:35:be:42:c3:e4:9a:75:f6:8e:e5:4d:ad:2c:ab:ab:8e:a1:
c0:16:ff:ee:14:40:97:c4:ef:cd:d0:4d:45:54:fd:31:fa:10:
a3:7d:66:2e:2a:04:1e:6b:5a:a2:b6:ab:c1:19:0f:14:6f:da:
40:15:7a:ef:f7:bf:3d:39:9d:9e:5a:41:72:0e:3c:1e:ea:54:
ce:cc:b1:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY56dbmiB5z9m2rFQO01ER5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwMzI2MTExMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2JhYTFhZGExNDY5NjNhZjc3NDE3MTM1YzkyZTFkMDUyZGQ0YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdw4y4yMW9kJaUtXN5oGjPiRCokQ
PzYVAgz0d9lJTJjtlyX4wO8WFtanibiyQeuNYBx6f9LlvNrwiXGQ3iv1n/Zeae/t
Rkoe4vnG8FO8Eg/dzHj5G8rV8NyF3J0ykLb2B+hqTJeCc8PIUMyiMx+/8htn733w
w49ujPSG/jOXuVKev27haPdh0mRZGpQwlroH6qLppJazI9K8DqmvkJuV59yLYCf2
8SPPM6f0eVRpzBhDlpHpyOgp/giLE+NCSuQ60hOJeIxV5QJRpFRzlaynXY0yc6zr
sNqYS72Hm4ZxRG5oxXnvezy6kfBD1o8QFF9MVGnJtzqgEqy3rz6YSCb/rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCy6oa2hRpY693QXE1yS4dBS3UxdMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvTExxaHJhRkdsanIzZEJjVFhKTGgwRkxkVEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXFCMA0G
CSqGSIb3DQEBCwUAA4IBAQCLaWyetEmeKlCN5Ld5DipJu3WN5YtSdARIyyENDeZp
go8ym7jYoAqDkplZQ7xOikJiUAGm/BKztV6kNlEk832RCd9SS7jg8syYJViQSiUl
IhD6P58DAFAM8BLD25/ILinrbXN/oniAR4Z5cxX9eMZ1ZnBzbg4MvdyFfpzwtivI
LxAnPJ1IvHdMqsR+77QJmBQehHrzP/PJxItDRdcSoDDElSVly6FNSIdOg8B48v0h
C/2W7p5JNb5Cw+SadfaO5U2tLKurjqHAFv/uFECXxO/N0E1FVP0x+hCjfWYuKgQe
a1qitqvBGQ8Ub9pAFXrv9789OZ2eWkFyDjwe6lTOzLH0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:29 2025 by rpki-client