Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/430218-7fc7-41f5-be43-1b4a117bb394/1/LSdRu0ACx0qmPHS1hspwEH6hwWs.roa
File: LSdRu0ACx0qmPHS1hspwEH6hwWs.roa (raw, json)
Hash identifier: d++ijdQKUNJzBEnJT7pxpUx5JaaAT31B4iYmspfMyTc=
Subject key identifier: 2D:27:51:BB:40:02:C7:4A:A6:3C:74:B5:86:CA:70:10:7E:A1:C1:6B
Certificate issuer: /CN=fd909273841b50a81ebd21f5ca0110fceee1ff3d
Certificate serial: 018CC94E4D9C97DCB806489CE004C1C43DD0
Authority key identifier: FD:90:92:73:84:1B:50:A8:1E:BD:21:F5:CA:01:10:FC:EE:E1:FF:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ZCSc4QbUKgevSH1ygEQ_O7h_z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/430218-7fc7-41f5-be43-1b4a117bb394/1/LSdRu0ACx0qmPHS1hspwEH6hwWs.roa
Signing time: Tue 02 Jan 2024 08:33:21 +0000
ROA not before: Tue 02 Jan 2024 08:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28917
IP address blocks: 91.209.127.0/24 maxlen: 24
185.16.116.0/22 maxlen: 22
2001:67c:1484::/48 maxlen: 48
2a04:280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4d:9c:97:dc:b8:06:48:9c:e0:04:c1:c4:3d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd909273841b50a81ebd21f5ca0110fceee1ff3d
Validity
Not Before: Jan 2 08:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d2751bb4002c74aa63c74b586ca70107ea1c16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d1:b4:4d:31:45:2a:b6:cf:47:d8:8d:d4:e9:
ef:dd:d8:88:a3:dd:c9:28:03:96:08:88:e6:c7:ca:
bf:8f:a2:0e:ed:78:9d:8b:af:d6:27:b3:14:67:24:
e9:c8:e8:1f:62:f2:be:50:50:37:76:26:f9:43:33:
c5:f6:fb:b4:10:81:a3:c4:cd:db:77:6f:58:94:26:
58:10:11:f8:43:40:55:62:6c:2e:f6:55:8b:ea:4b:
c0:89:8e:af:65:55:97:f9:f5:0e:4f:a8:cd:0a:8c:
39:30:5f:a6:66:06:32:e4:53:29:99:01:2d:c1:08:
32:01:94:18:f8:0b:23:8e:2e:dd:3d:66:8f:c2:1b:
4f:4f:e7:c6:b2:cf:fa:d4:0a:41:d6:ec:00:0b:0f:
1b:a5:56:91:da:9c:fa:d0:86:f2:89:33:b9:70:9c:
81:60:fa:23:40:c8:74:f7:e3:85:96:04:b5:7d:2b:
11:ad:a7:84:a3:e6:23:cb:4a:f9:94:86:83:49:b3:
c9:db:c5:ff:91:74:66:8a:58:17:42:35:d8:7e:41:
c3:24:18:06:8e:d3:6d:62:6d:ca:fa:ab:c2:f2:04:
b2:e9:a3:58:07:af:e4:26:12:9a:97:df:f3:bf:f1:
b8:19:80:fa:5a:c8:4a:66:86:2b:eb:32:10:d0:c2:
67:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:27:51:BB:40:02:C7:4A:A6:3C:74:B5:86:CA:70:10:7E:A1:C1:6B
X509v3 Authority Key Identifier:
keyid:FD:90:92:73:84:1B:50:A8:1E:BD:21:F5:CA:01:10:FC:EE:E1:FF:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ZCSc4QbUKgevSH1ygEQ_O7h_z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/430218-7fc7-41f5-be43-1b4a117bb394/1/LSdRu0ACx0qmPHS1hspwEH6hwWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/430218-7fc7-41f5-be43-1b4a117bb394/1/_ZCSc4QbUKgevSH1ygEQ_O7h_z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.127.0/24
185.16.116.0/22
IPv6:
2001:67c:1484::/48
2a04:280::/29
Signature Algorithm: sha256WithRSAEncryption
21:e9:d9:6b:57:70:11:b8:31:06:a9:2a:9c:a9:5e:37:89:1a:
70:f9:32:aa:f8:a7:07:da:d1:74:97:16:2b:08:7b:41:55:2b:
93:0d:9c:40:d9:5b:38:50:34:7f:97:c7:0e:5d:8f:db:68:52:
ad:b6:18:29:db:e4:98:f0:50:ee:bf:be:54:b0:d9:65:cd:9c:
66:1d:50:41:bc:b2:62:a5:e8:78:78:7e:7a:1d:dd:be:24:27:
4b:53:34:88:8b:04:e4:d4:54:42:89:fd:98:08:f2:db:7a:e0:
56:51:3b:35:7b:2e:73:53:d3:38:f3:2f:02:25:d6:26:e2:b0:
49:27:c4:d1:5c:5c:2b:41:cc:47:f0:fd:e5:1f:bc:2b:fe:71:
57:a1:a8:86:1e:49:08:ab:67:8e:d4:79:34:d0:62:2a:cf:7c:
b6:b8:1a:f8:8a:81:a9:c7:09:c1:a6:20:74:8f:f7:b1:21:57:
65:9d:a0:46:8c:e4:bc:18:60:e9:63:32:c5:a1:a6:32:0f:64:
6b:ce:4f:3f:46:e1:f3:94:3b:29:64:f2:0c:e6:9a:67:d2:7c:
5a:61:56:35:fb:c4:f1:be:a7:e2:10:ea:3f:f4:d7:7b:7d:ec:
18:f6:fd:3e:0d:01:94:92:ca:20:ad:3e:12:57:e1:d8:bc:d6:
c6:82:d0:a5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTk2cl9y4Bkic4ATBxD3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOTA5MjczODQxYjUwYTgxZWJkMjFmNWNhMDExMGZjZWVl
MWZmM2QwHhcNMjQwMTAyMDgzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDI3NTFiYjQwMDJjNzRhYTYzYzc0YjU4NmNhNzAxMDdlYTFjMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntG0TTFFKrbPR9iN1Onv3diIo93J
KAOWCIjmx8q/j6IO7Xidi6/WJ7MUZyTpyOgfYvK+UFA3dib5QzPF9vu0EIGjxM3b
d29YlCZYEBH4Q0BVYmwu9lWL6kvAiY6vZVWX+fUOT6jNCow5MF+mZgYy5FMpmQEt
wQgyAZQY+Asjji7dPWaPwhtPT+fGss/61ApB1uwACw8bpVaR2pz60IbyiTO5cJyB
YPojQMh09+OFlgS1fSsRraeEo+Yjy0r5lIaDSbPJ28X/kXRmilgXQjXYfkHDJBgG
jtNtYm3K+qvC8gSy6aNYB6/kJhKal9/zv/G4GYD6WshKZoYr6zIQ0MJnmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC0nUbtAAsdKpjx0tYbKcBB+ocFrMB8GA1UdIwQY
MBaAFP2QknOEG1CoHr0h9coBEPzu4f89MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1pDU2M0UWJVS2dldlNIMXlnRVFfTzdoX3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80MzAyMTgtN2ZjNy00MWY1LWJlNDMt
MWI0YTExN2JiMzk0LzEvTFNkUnUwQUN4MHFtUEhTMWhzcHdFSDZod1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80MzAyMTgtN2ZjNy00MWY1LWJlNDMtMWI0YTExN2JiMzk0
LzEvX1pDU2M0UWJVS2dldlNIMXlnRVFfTzdoX3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW9F/AwQC
uRB0MBYEAgACMBADBwAgAQZ8FIQDBQMqBAKAMA0GCSqGSIb3DQEBCwUAA4IBAQAh
6dlrV3ARuDEGqSqcqV43iRpw+TKq+KcH2tF0lxYrCHtBVSuTDZxA2Vs4UDR/l8cO
XY/baFKtthgp2+SY8FDuv75UsNllzZxmHVBBvLJipeh4eH56Hd2+JCdLUzSIiwTk
1FRCif2YCPLbeuBWUTs1ey5zU9M48y8CJdYm4rBJJ8TRXFwrQcxH8P3lH7wr/nFX
oaiGHkkIq2eO1Hk00GIqz3y2uBr4ioGpxwnBpiB0j/exIVdlnaBGjOS8GGDpYzLF
oaYyD2Rrzk8/RuHzlDspZPIM5ppn0nxaYVY1+8TxvqfiEOo/9Nd7fewY9v0+DQGU
ksogrT4SV+HYvNbGgtCl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:02 2024 by rpki-client on console-ams.rpki-client.org