Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/Lv2wiVd5W6fO0oFt1129Hp2_JXI.roa
File: Lv2wiVd5W6fO0oFt1129Hp2_JXI.roa (raw, json)
Hash identifier: a18u7/Ld/uiUSIXy3NrIWvGHO/1tG/taeIg5V6wnWHQ=
Subject key identifier: 2E:FD:B0:89:57:79:5B:A7:CE:D2:81:6D:D7:5D:BD:1E:9D:BF:25:72
Certificate issuer: /CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Certificate serial: 01859CD58CB7C1F193C9C23F5525AED17E05
Authority key identifier: 34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/Lv2wiVd5W6fO0oFt1129Hp2_JXI.roa
Signing time: Tue 10 Jan 2023 17:58:38 +0000
ROA not before: Tue 10 Jan 2023 17:58:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.138.164.0/24 maxlen: 24
2a11:4c02::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:d5:8c:b7:c1:f1:93:c9:c2:3f:55:25:ae:d1:7e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Validity
Not Before: Jan 10 17:58:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2efdb08957795ba7ced2816dd75dbd1e9dbf2572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:93:96:9d:87:a8:e7:85:de:7c:3d:cd:24:
31:cb:ff:46:c4:e4:4c:65:46:72:91:ed:d9:6d:2d:
c9:56:88:b6:56:cd:28:84:c9:66:36:cb:ef:0a:c4:
2f:2c:f4:0c:a1:b1:62:fd:30:5a:d9:d0:9d:9f:f5:
80:78:51:b2:be:60:8f:5b:b0:bb:ec:fa:e0:10:8c:
43:aa:4c:e0:67:ca:9e:2f:e3:c2:b7:77:c2:84:29:
cb:53:10:b8:15:22:c9:13:67:54:b5:52:c5:57:46:
e7:ae:b9:49:0f:c3:a7:be:75:48:f6:a3:42:c3:08:
eb:97:9f:77:97:4c:c4:05:e0:7d:1a:16:44:5e:9a:
f4:03:0c:15:1e:42:83:01:9c:2b:7a:ad:5b:74:7b:
6f:f6:bc:4a:74:6f:34:d5:aa:8c:b8:06:fe:ea:b1:
04:bb:b7:da:1b:43:4c:4c:1c:9a:3a:db:dc:f9:56:
1f:2d:e2:ef:93:17:29:32:a8:50:18:07:bf:ba:18:
66:e0:05:4b:e1:0f:20:0f:1f:f2:c7:14:45:68:f0:
c1:be:17:7d:ab:cd:1d:0c:49:af:a3:4a:e6:da:1a:
4e:48:01:76:9c:0c:40:c4:fc:9e:28:8f:d8:ae:29:
80:8a:b1:5a:4f:0e:8f:89:65:d4:0b:f8:5f:88:45:
1b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FD:B0:89:57:79:5B:A7:CE:D2:81:6D:D7:5D:BD:1E:9D:BF:25:72
X509v3 Authority Key Identifier:
keyid:34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/Lv2wiVd5W6fO0oFt1129Hp2_JXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/NKnrbE06V8mlZFbdvwASuBdQsdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.164.0/24
IPv6:
2a11:4c02::/32
Signature Algorithm: sha256WithRSAEncryption
37:0c:df:c5:bb:e4:30:90:93:f5:4a:bf:6a:08:cf:56:00:5c:
35:81:25:73:51:4e:4f:28:70:f0:6f:0a:bb:87:7a:23:df:5a:
90:d4:fc:75:2d:20:85:f5:0e:6a:71:bc:7e:fe:fe:81:8b:55:
22:be:d0:87:27:5f:0b:5c:1a:c2:29:3c:f5:84:8c:5e:c6:96:
27:3c:ec:7e:3b:d0:10:1e:33:a0:0a:d8:07:a8:a5:89:e2:07:
dd:66:e6:82:07:a2:ee:11:5a:33:3c:27:86:b9:24:ab:ad:a6:
79:ff:35:8e:a2:d4:ae:bb:22:ea:9f:41:ff:e6:76:37:bc:86:
b6:c0:25:c7:99:d3:09:50:f1:62:f5:5e:0a:72:4f:ff:6e:a8:
0a:36:ca:a4:2b:2b:06:ed:41:96:b2:93:2e:34:f6:59:8a:1c:
b0:3e:af:4a:98:7f:db:11:46:8a:d2:df:d8:e0:16:5f:2e:24:
ce:d3:5e:d7:12:c1:5b:10:e4:e2:6d:6e:b0:b9:36:a1:33:b1:
dc:70:fb:76:eb:d6:cc:da:0a:e1:6c:64:54:d3:03:8b:9f:6e:
99:9e:97:d5:60:44:73:ba:da:99:80:78:6d:de:fd:4c:b9:ff:
f6:93:9d:4d:e7:4c:4a:9c:48:67:63:e3:58:a3:30:c4:c0:15:
da:67:b3:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWc1Yy3wfGTycI/VSWu0X4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTllYjZjNGQzYTU3YzlhNTY0NTZkZGJmMDAxMmI4MTc1
MGIxZDMwHhcNMjMwMTEwMTc1ODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZkYjA4OTU3Nzk1YmE3Y2VkMjgxNmRkNzVkYmQxZTlkYmYyNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUuTlp2HqOeF3nw9zSQxy/9GxORM
ZUZyke3ZbS3JVoi2Vs0ohMlmNsvvCsQvLPQMobFi/TBa2dCdn/WAeFGyvmCPW7C7
7PrgEIxDqkzgZ8qeL+PCt3fChCnLUxC4FSLJE2dUtVLFV0bnrrlJD8OnvnVI9qNC
wwjrl593l0zEBeB9GhZEXpr0AwwVHkKDAZwreq1bdHtv9rxKdG801aqMuAb+6rEE
u7faG0NMTByaOtvc+VYfLeLvkxcpMqhQGAe/uhhm4AVL4Q8gDx/yxxRFaPDBvhd9
q80dDEmvo0rm2hpOSAF2nAxAxPyeKI/YrimAirFaTw6PiWXUC/hfiEUbewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC79sIlXeVunztKBbdddvR6dvyVyMB8GA1UdIwQY
MBaAFDSp62xNOlfJpWRW3b8AErgXULHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMt
MzQ1ZDA2NGRhN2JmLzEvTHYyd2lWZDVXNmZPMG9GdDExMjlIcDJfSlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMtMzQ1ZDA2NGRhN2Jm
LzEvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYqkMA0E
AgACMAcDBQAqEUwCMA0GCSqGSIb3DQEBCwUAA4IBAQA3DN/Fu+QwkJP1Sr9qCM9W
AFw1gSVzUU5PKHDwbwq7h3oj31qQ1Px1LSCF9Q5qcbx+/v6Bi1UivtCHJ18LXBrC
KTz1hIxexpYnPOx+O9AQHjOgCtgHqKWJ4gfdZuaCB6LuEVozPCeGuSSrraZ5/zWO
otSuuyLqn0H/5nY3vIa2wCXHmdMJUPFi9V4Kck//bqgKNsqkKysG7UGWspMuNPZZ
ihywPq9KmH/bEUaK0t/Y4BZfLiTO017XEsFbEOTibW6wuTahM7HccPt269bM2grh
bGRU0wOLn26ZnpfVYERzutqZgHht3v1Muf/2k51N50xKnEhnY+NYozDEwBXaZ7OL
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:42 2025 by rpki-client