Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/3b91a6-1f94-40b9-99eb-4204922cf203/1/lFHrL_YNvigyYAgmHmx4kwF4fjA.roa
File: lFHrL_YNvigyYAgmHmx4kwF4fjA.roa (raw, json)
Hash identifier: TdWLngCvYzOj7/aalnreTfxAUVNBAlAPeR2kOZr8gMA=
Subject key identifier: 94:51:EB:2F:F6:0D:BE:28:32:60:08:26:1E:6C:78:93:01:78:7E:30
Certificate issuer: /CN=42d395fdc17645ef5c34ad8e531d1224d3146453
Certificate serial: 018CC8024EE0BAAC93D5ED4EA6C8C3A47DE6
Authority key identifier: 42:D3:95:FD:C1:76:45:EF:5C:34:AD:8E:53:1D:12:24:D3:14:64:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtOV_cF2Re9cNK2OUx0SJNMUZFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/3b91a6-1f94-40b9-99eb-4204922cf203/1/lFHrL_YNvigyYAgmHmx4kwF4fjA.roa
Signing time: Tue 02 Jan 2024 02:30:43 +0000
ROA not before: Tue 02 Jan 2024 02:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 5.42.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:4e:e0:ba:ac:93:d5:ed:4e:a6:c8:c3:a4:7d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42d395fdc17645ef5c34ad8e531d1224d3146453
Validity
Not Before: Jan 2 02:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9451eb2ff60dbe28326008261e6c789301787e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:fa:84:d4:29:95:f3:4d:13:8a:2a:30:82:
de:d5:44:1e:9a:fd:72:c1:a1:18:ef:a0:ac:50:c8:
4c:1a:4b:bd:b4:0c:66:35:b9:64:cc:2a:54:64:ff:
b6:45:f4:1e:ee:dc:ea:11:ef:e1:e6:9d:3f:d9:df:
0f:2f:68:39:7e:93:93:89:f6:fb:6a:60:93:56:52:
8b:4c:fc:11:11:67:36:42:b3:2f:3e:84:50:42:9a:
7c:0f:ee:a4:02:ad:3d:f6:7a:22:28:73:b8:ee:a9:
3a:3f:dc:0a:97:66:f3:62:8b:4e:15:5b:e6:45:98:
64:af:4b:62:57:20:82:69:ba:12:53:48:5d:59:e7:
54:94:ed:60:b3:f3:f6:c8:02:a0:28:dc:9d:25:5d:
b6:2d:8a:8b:16:6f:9c:54:86:d6:54:6d:48:85:ec:
38:00:33:09:4c:a9:07:f3:bb:6b:5e:55:f2:a8:d6:
cd:20:c5:6f:3b:0a:79:06:67:7d:cd:c0:07:9a:b4:
2f:05:73:cc:60:a3:25:89:f9:18:66:2c:19:b8:ec:
ba:cc:33:c1:91:ab:03:0f:8d:af:68:4e:6b:5e:1e:
41:57:d3:e6:ca:fa:06:49:11:ef:a3:2f:bb:30:d6:
c9:cb:13:04:fd:6a:80:2e:a3:92:46:56:7d:8f:14:
f1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:51:EB:2F:F6:0D:BE:28:32:60:08:26:1E:6C:78:93:01:78:7E:30
X509v3 Authority Key Identifier:
keyid:42:D3:95:FD:C1:76:45:EF:5C:34:AD:8E:53:1D:12:24:D3:14:64:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtOV_cF2Re9cNK2OUx0SJNMUZFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/3b91a6-1f94-40b9-99eb-4204922cf203/1/lFHrL_YNvigyYAgmHmx4kwF4fjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/3b91a6-1f94-40b9-99eb-4204922cf203/1/QtOV_cF2Re9cNK2OUx0SJNMUZFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.211.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:ce:cf:aa:1f:9e:7a:e7:4c:51:fa:60:b7:33:92:20:aa:d6:
02:bf:fd:d2:f3:fb:23:3a:c6:ba:46:63:a4:0c:ca:ef:d7:da:
ca:53:bb:9f:f9:51:38:ad:43:42:4b:4a:c0:c2:a8:ce:3d:09:
dd:72:25:4c:ad:d4:8e:fc:64:32:84:9f:72:ef:0f:09:12:10:
7f:56:08:37:92:73:ae:62:60:cb:57:c2:e3:6f:da:bf:98:d1:
c6:92:40:2e:af:a0:69:30:df:05:2c:e2:1e:00:3e:39:2a:c3:
e7:0d:9d:30:d7:32:b5:77:6e:0c:fb:6d:af:ec:44:c4:60:8c:
f3:1a:41:35:1a:95:a1:37:c5:49:54:c3:c3:98:5c:d3:f6:bb:
fc:d0:78:9f:fa:d2:80:33:d5:86:ff:67:9f:01:5d:d9:8e:b7:
61:be:1f:e3:2d:5b:23:13:9f:60:28:68:38:a4:b8:0d:2d:68:
20:c4:a0:a9:df:25:5d:a1:e6:b2:71:c4:2e:07:02:e3:98:1d:
09:f4:fb:6d:58:3c:55:c9:e9:b9:51:3c:d0:8d:44:0f:0e:75:
ad:e9:4c:00:fa:99:67:1e:2b:99:87:cb:8c:6d:f3:31:ac:87:
ca:1a:bc:88:ac:d9:52:71:6d:f1:8d:47:8b:82:0d:41:36:64:
6d:2d:2e:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAk7guqyT1e1OpsjDpH3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZDM5NWZkYzE3NjQ1ZWY1YzM0YWQ4ZTUzMWQxMjI0ZDMx
NDY0NTMwHhcNMjQwMTAyMDIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUxZWIyZmY2MGRiZTI4MzI2MDA4MjYxZTZjNzg5MzAxNzg3ZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/T6hNQplfNNE4oqMILe1UQemv1y
waEY76CsUMhMGku9tAxmNblkzCpUZP+2RfQe7tzqEe/h5p0/2d8PL2g5fpOTifb7
amCTVlKLTPwREWc2QrMvPoRQQpp8D+6kAq099noiKHO47qk6P9wKl2bzYotOFVvm
RZhkr0tiVyCCaboSU0hdWedUlO1gs/P2yAKgKNydJV22LYqLFm+cVIbWVG1Ihew4
ADMJTKkH87trXlXyqNbNIMVvOwp5Bmd9zcAHmrQvBXPMYKMlifkYZiwZuOy6zDPB
kasDD42vaE5rXh5BV9PmyvoGSRHvoy+7MNbJyxME/WqALqOSRlZ9jxTxpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRR6y/2Db4oMmAIJh5seJMBeH4wMB8GA1UdIwQY
MBaAFELTlf3BdkXvXDStjlMdEiTTFGRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXRPVl9jRjJSZTljTksyT1V4MFNKTk1VWkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zYjkxYTYtMWY5NC00MGI5LTk5ZWIt
NDIwNDkyMmNmMjAzLzEvbEZIckxfWU52aWd5WUFnbUhteDRrd0Y0ZmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zYjkxYTYtMWY5NC00MGI5LTk5ZWItNDIwNDkyMmNmMjAz
LzEvUXRPVl9jRjJSZTljTksyT1V4MFNKTk1VWkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrTMA0G
CSqGSIb3DQEBCwUAA4IBAQDNzs+qH55650xR+mC3M5IgqtYCv/3S8/sjOsa6RmOk
DMrv19rKU7uf+VE4rUNCS0rAwqjOPQndciVMrdSO/GQyhJ9y7w8JEhB/Vgg3knOu
YmDLV8Ljb9q/mNHGkkAur6BpMN8FLOIeAD45KsPnDZ0w1zK1d24M+22v7ETEYIzz
GkE1GpWhN8VJVMPDmFzT9rv80Hif+tKAM9WG/2efAV3Zjrdhvh/jLVsjE59gKGg4
pLgNLWggxKCp3yVdoeayccQuBwLjmB0J9PttWDxVyem5UTzQjUQPDnWt6UwA+pln
HiuZh8uMbfMxrIfKGryIrNlScW3xjUeLgg1BNmRtLS6X
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:45 2025 by rpki-client