Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/LgKiXXYA5yE7tFjRIQCbKTti8BA.roa
File: LgKiXXYA5yE7tFjRIQCbKTti8BA.roa (raw, json)
Hash identifier: c3we0Asxtd0I+GJBsbCb/igDUo0vS/R0Tc+na4IjhOs=
Subject key identifier: 2E:02:A2:5D:76:00:E7:21:3B:B4:58:D1:21:00:9B:29:3B:62:F0:10
Certificate issuer: /CN=6dd2e9b3a4d7b24b3a6aa14f3eda3f14fa29c76b
Certificate serial: 30E4CACB
Authority key identifier: 6D:D2:E9:B3:A4:D7:B2:4B:3A:6A:A1:4F:3E:DA:3F:14:FA:29:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdLps6TXsks6aqFPPto_FPopx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/LgKiXXYA5yE7tFjRIQCbKTti8BA.roa
Signing time: Sat 01 Jan 2022 10:55:37 +0000
ROA not before: Sat 01 Jan 2022 10:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47872
IP address blocks: 109.121.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820300491 (0x30e4cacb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dd2e9b3a4d7b24b3a6aa14f3eda3f14fa29c76b
Validity
Not Before: Jan 1 10:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e02a25d7600e7213bb458d121009b293b62f010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ce:79:5b:bf:f8:f3:a0:1d:61:fb:cc:bb:c3:
6e:8c:14:40:da:3e:b3:a8:b5:9b:12:51:f9:95:e4:
d3:9a:e8:bb:9d:bf:a1:a4:4c:3f:21:a7:c9:08:5a:
85:d9:5c:4a:60:c1:58:57:85:3b:99:71:41:5e:7d:
b6:89:f8:c6:3b:5d:42:d6:19:f4:74:6a:af:e2:1c:
38:46:6e:d6:eb:dd:02:20:5d:36:03:dc:7d:5e:85:
d7:30:38:db:97:ff:05:43:9c:54:76:56:dd:66:5b:
56:d9:b6:83:07:ec:0c:df:48:49:06:53:b7:98:7d:
59:9a:20:82:d7:14:78:37:11:c5:7f:ab:85:34:52:
3d:98:ad:60:83:a4:39:5f:f3:b8:fd:b2:fa:16:5f:
53:40:d8:ea:31:cb:f9:46:7e:db:ad:67:e8:56:d6:
c5:9a:81:db:48:c9:6e:1c:f7:e5:6d:a4:37:c7:9a:
f2:c9:dc:e7:5b:95:7d:da:04:df:85:34:e9:61:50:
0d:0b:ef:d6:1f:b6:cb:8f:27:c5:59:a2:2c:e8:5b:
12:64:40:a5:51:6b:29:78:0f:c3:5a:01:17:4a:b5:
84:d0:ac:79:82:8a:15:d1:8e:57:14:c8:f5:03:05:
44:fe:6d:11:5e:0c:90:07:5f:5e:1d:67:1f:fb:80:
0f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:02:A2:5D:76:00:E7:21:3B:B4:58:D1:21:00:9B:29:3B:62:F0:10
X509v3 Authority Key Identifier:
keyid:6D:D2:E9:B3:A4:D7:B2:4B:3A:6A:A1:4F:3E:DA:3F:14:FA:29:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdLps6TXsks6aqFPPto_FPopx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/LgKiXXYA5yE7tFjRIQCbKTti8BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/cd9bc8-11c5-4f5a-bb25-45ae7b3dae68/1/bdLps6TXsks6aqFPPto_FPopx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.152.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ad:f6:e9:e1:b1:1e:d8:05:e6:aa:92:42:ac:13:40:6c:0e:
e7:f4:84:0f:a0:f6:46:ca:8a:84:68:b6:9b:b6:1a:a8:30:5d:
c8:2f:4f:b6:55:40:15:0e:67:64:3b:8f:55:26:4b:ba:9f:8c:
41:74:89:3d:38:8d:8c:7c:61:ef:b6:c5:3d:b6:3b:6b:42:b4:
8d:31:40:59:ae:40:59:52:00:94:4e:a1:9a:50:34:20:32:f7:
e8:81:b1:84:6e:ab:b4:46:06:55:ea:29:11:c2:84:dd:fa:53:
5f:6d:8c:d7:0f:e6:de:08:ed:0e:a1:01:cf:95:09:f8:32:95:
3c:5a:45:8d:e5:24:d3:4a:46:96:23:67:eb:02:fe:08:25:5b:
66:03:92:79:58:6d:fa:d5:e6:4d:c5:f7:18:0d:5e:01:a2:6f:
76:78:d9:1f:fc:5d:93:3d:41:4c:56:34:61:52:93:78:39:27:
10:15:b0:78:4b:b7:da:06:fd:0e:19:76:ea:22:a0:1d:9f:48:
4e:c9:a2:a7:c5:a3:73:3d:4c:16:aa:b3:4a:c4:3f:2c:d5:46:
ee:4f:00:c7:ca:06:04:67:74:ba:67:c9:10:94:ab:15:8c:20:
2e:1b:70:b5:b6:f4:72:78:63:36:f4:a2:3e:67:14:eb:75:c2:
98:74:48:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMOTKyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGQyZTliM2E0ZDdiMjRiM2E2YWExNGYzZWRhM2YxNGZhMjljNzZiMB4XDTIyMDEw
MTEwNTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUwMmEyNWQ3NjAw
ZTcyMTNiYjQ1OGQxMjEwMDliMjkzYjYyZjAxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANrOeVu/+POgHWH7zLvDbowUQNo+s6i1mxJR+ZXk05rou52/
oaRMPyGnyQhahdlcSmDBWFeFO5lxQV59ton4xjtdQtYZ9HRqr+IcOEZu1uvdAiBd
NgPcfV6F1zA425f/BUOcVHZW3WZbVtm2gwfsDN9ISQZTt5h9WZoggtcUeDcRxX+r
hTRSPZitYIOkOV/zuP2y+hZfU0DY6jHL+UZ+261n6FbWxZqB20jJbhz35W2kN8ea
8snc51uVfdoE34U06WFQDQvv1h+2y48nxVmiLOhbEmRApVFrKXgPw1oBF0q1hNCs
eYKKFdGOVxTI9QMFRP5tEV4MkAdfXh1nH/uAD3cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQuAqJddgDnITu0WNEhAJspO2LwEDAfBgNVHSMEGDAWgBRt0umzpNeySzpq
oU8+2j8U+inHazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JkTHBzNlRYc2tzNmFxRlBQdG9fRlBvcHgycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvY2Q5YmM4LTExYzUtNGY1YS1iYjI1LTQ1YWU3YjNkYWU2OC8x
L0xnS2lYWFlBNXlFN3RGalJJUUNiS1R0aThCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
Y2Q5YmM4LTExYzUtNGY1YS1iYjI1LTQ1YWU3YjNkYWU2OC8xL2JkTHBzNlRYc2tz
NmFxRlBQdG9fRlBvcHgycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG15mDANBgkqhkiG9w0BAQsFAAOC
AQEAJq326eGxHtgF5qqSQqwTQGwO5/SED6D2RsqKhGi2m7YaqDBdyC9PtlVAFQ5n
ZDuPVSZLup+MQXSJPTiNjHxh77bFPbY7a0K0jTFAWa5AWVIAlE6hmlA0IDL36IGx
hG6rtEYGVeopEcKE3fpTX22M1w/m3gjtDqEBz5UJ+DKVPFpFjeUk00pGliNn6wL+
CCVbZgOSeVht+tXmTcX3GA1eAaJvdnjZH/xdkz1BTFY0YVKTeDknEBWweEu32gb9
Dhl26iKgHZ9ITsmip8Wjcz1MFqqzSsQ/LNVG7k8Ax8oGBGd0umfJEJSrFYwgLhtw
tbb0cnhjNvSiPmcU63XCmHRIZA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:29:21 2025 by rpki-client