Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/LIjdQencXfbD45S0LQZ2wcjy95w.roa
File: LIjdQencXfbD45S0LQZ2wcjy95w.roa (raw, json)
Hash identifier: VNapXo8Xqg2CHBPi7C8poe/2EQzcFFsxRg/lEO6d0Hc=
Subject key identifier: 2C:88:DD:41:E9:DC:5D:F6:C3:E3:94:B4:2D:06:76:C1:C8:F2:F7:9C
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0193EFD7885F242764FD0793400AF8797569
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/LIjdQencXfbD45S0LQZ2wcjy95w.roa
Signing time: Sun 22 Dec 2024 19:28:19 +0000
ROA not before: Sun 22 Dec 2024 19:28:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199785
IP address blocks: 37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ef:d7:88:5f:24:27:64:fd:07:93:40:0a:f8:79:75:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Dec 22 19:28:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c88dd41e9dc5df6c3e394b42d0676c1c8f2f79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:c9:92:4b:78:ed:6a:59:1c:5f:5c:c0:c6:
8c:31:12:8c:69:f7:ce:1a:ed:d2:74:e4:16:d9:8d:
cd:54:41:08:42:a5:8e:dd:f9:02:29:62:e3:d8:52:
a4:95:6f:64:33:58:48:27:e4:33:c8:9a:ff:b2:30:
b3:b6:a2:8f:4c:d9:86:0b:72:e0:82:08:fd:72:23:
46:53:57:55:60:c6:c2:bc:6b:c1:6e:62:a7:a0:b5:
f2:80:a5:46:43:8f:fd:a8:97:dd:03:db:34:35:66:
3a:e3:4f:2a:66:ba:40:33:9f:de:1d:0f:e6:a5:97:
85:a7:3c:88:27:5a:c5:c4:f9:b8:b9:ee:ee:e6:10:
0f:e2:fa:1b:70:a8:52:68:c1:7b:4c:70:16:db:3c:
a2:4b:71:e7:0e:4c:45:83:45:d3:da:ba:82:1c:dd:
06:f1:b9:5a:1c:84:99:72:98:00:2b:62:1c:8a:96:
c4:1b:ef:3b:25:ab:ad:90:2c:bf:34:9a:52:0a:8f:
73:48:83:79:b7:7e:de:f6:a9:b7:3a:19:b8:43:f4:
16:3e:d3:41:a7:e6:fd:61:0d:86:14:8e:74:38:10:
0e:c4:26:c4:44:34:e4:11:fb:a8:57:cc:c1:a0:5c:
b7:c3:3f:b9:be:2b:15:53:20:5d:c3:07:9d:e2:85:
ce:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:88:DD:41:E9:DC:5D:F6:C3:E3:94:B4:2D:06:76:C1:C8:F2:F7:9C
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/LIjdQencXfbD45S0LQZ2wcjy95w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/23
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
b1:ed:47:eb:0a:5e:3e:29:e2:b1:73:e4:fd:fc:a4:bf:53:64:
03:4d:da:32:15:d4:ec:74:18:9c:81:b1:2b:ff:5a:62:5c:9f:
83:f3:95:cd:94:35:f0:ad:6c:e1:af:2b:04:0e:06:84:ba:d9:
5b:fa:55:48:6f:68:22:84:eb:41:63:a9:39:81:7c:20:32:65:
4e:2b:20:a0:99:28:ec:97:69:67:98:89:ef:81:00:88:67:4c:
ce:bb:8d:f2:89:dd:9f:a1:ea:30:87:2e:b3:3c:ca:fe:a1:1c:
fa:b8:52:e5:c3:b7:9c:ee:84:da:99:94:3d:68:c5:13:ea:eb:
24:37:93:0d:b9:87:17:94:7d:37:b1:1e:cc:2e:44:c9:98:60:
22:4e:9f:0c:75:6f:54:1c:cc:7b:f3:d1:b9:86:a3:fd:20:14:
6e:5f:08:70:bd:72:a8:85:f5:7b:32:5b:7d:3f:44:a9:29:48:
dd:71:3f:10:05:ee:d8:fd:53:c1:94:84:d0:5a:ae:c9:77:32:
90:ba:61:e8:b2:7f:14:51:de:cd:d6:39:cf:e8:fe:94:0c:83:
60:27:5e:dd:bf:82:51:42:d4:27:7d:d7:61:c4:49:15:5e:66:
e8:52:c0:ca:18:c3:99:f2:f7:4f:b8:79:16:65:19:42:0e:86:
b0:90:bd:8d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZPv14hfJCdk/QeTQAr4eXVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQxMjIyMTkyODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg4ZGQ0MWU5ZGM1ZGY2YzNlMzk0YjQyZDA2NzZjMWM4ZjJmNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo17Jkkt47WpZHF9cwMaMMRKMaffO
Gu3SdOQW2Y3NVEEIQqWO3fkCKWLj2FKklW9kM1hIJ+QzyJr/sjCztqKPTNmGC3Lg
ggj9ciNGU1dVYMbCvGvBbmKnoLXygKVGQ4/9qJfdA9s0NWY6408qZrpAM5/eHQ/m
pZeFpzyIJ1rFxPm4ue7u5hAP4vobcKhSaMF7THAW2zyiS3HnDkxFg0XT2rqCHN0G
8blaHISZcpgAK2IcipbEG+87JautkCy/NJpSCo9zSIN5t37e9qm3Ohm4Q/QWPtNB
p+b9YQ2GFI50OBAOxCbERDTkEfuoV8zBoFy3wz+5visVUyBdwwed4oXOxQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCyI3UHp3F32w+OUtC0GdsHI8vecMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTElqZFFlbmNYZmJENDVTMExRWjJ3Y2p5OTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBJS4QMAwD
BACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBALHtR+sKXj4p4rFz5P38pL9T
ZANN2jIV1Ox0GJyBsSv/WmJcn4Pzlc2UNfCtbOGvKwQOBoS62Vv6VUhvaCKE60Fj
qTmBfCAyZU4rIKCZKOyXaWeYie+BAIhnTM67jfKJ3Z+h6jCHLrM8yv6hHPq4UuXD
t5zuhNqZlD1oxRPq6yQ3kw25hxeUfTexHswuRMmYYCJOnwx1b1QczHvz0bmGo/0g
FG5fCHC9cqiF9XsyW30/RKkpSN1xPxAF7tj9U8GUhNBarsl3MpC6YeiyfxRR3s3W
Oc/o/pQMg2AnXt2/glFC1Cd912HESRVeZuhSwMoYw5ny90+4eRZlGUIOhrCQvY0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:09 2025 by rpki-client