Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/LH7w3vOlTcRmJHq2EtyJwGzFlEE.roa
File: LH7w3vOlTcRmJHq2EtyJwGzFlEE.roa (raw, json)
Hash identifier: BdRuTFIKBfgw0BiPV5lECgqiOEd6ZtJOGCfbNoIAYBE=
Subject key identifier: 2C:7E:F0:DE:F3:A5:4D:C4:66:24:7A:B6:12:DC:89:C0:6C:C5:94:41
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 019421B1EDA817017A6BA94D75BFBF3CC687
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/LH7w3vOlTcRmJHq2EtyJwGzFlEE.roa
Signing time: Wed 01 Jan 2025 11:48:16 +0000
ROA not before: Wed 01 Jan 2025 11:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12657
IP address blocks: 212.72.64.0/19 maxlen: 19
212.102.160.0/19 maxlen: 19
213.131.192.0/19 maxlen: 19
2001:1578::/29 maxlen: 40
2001:1578::/32 maxlen: 40
2001:1578::/48 maxlen: 48
2001:1578:ff::/48 maxlen: 48
2001:1579::/32 maxlen: 48
2001:1579::/48 maxlen: 48
2001:1579:1::/48 maxlen: 48
2001:1579:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ed:a8:17:01:7a:6b:a9:4d:75:bf:bf:3c:c6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 11:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c7ef0def3a54dc466247ab612dc89c06cc59441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:6e:5c:db:12:c4:72:95:e4:3e:37:e0:66:
99:89:79:1c:a2:c8:39:39:61:58:6a:57:73:96:cb:
5d:8d:3b:46:29:a5:ca:e9:7f:e4:54:98:7b:95:c0:
e2:5b:56:f9:36:c1:6b:b6:0b:da:5e:e9:8d:5b:2a:
f0:96:db:6b:53:2a:8d:cb:a1:03:a7:a4:39:ce:53:
c5:e5:f3:0b:4b:d9:c3:ad:3c:71:53:64:8b:0b:55:
9f:01:5b:c2:14:83:e1:af:4e:f2:6c:5a:37:9d:f6:
4f:43:f1:4d:6b:ea:4f:49:46:01:6c:a0:22:c7:8e:
d5:ae:18:73:55:0e:df:c8:0a:48:fe:8f:92:51:dd:
41:b1:ac:c9:20:9a:3f:bd:34:ff:34:f2:d1:44:e7:
29:eb:08:e6:e7:71:8b:c5:21:94:42:e5:11:6b:ed:
e3:a9:25:d8:f8:f4:cf:19:b6:f8:51:cb:02:45:8e:
a4:01:c2:31:d3:19:cc:00:ef:57:73:e4:00:02:5f:
7d:15:46:f0:3f:86:ed:85:e1:db:9c:77:ab:77:84:
4a:80:a1:f8:40:d8:64:e9:6a:9d:14:5e:1b:c0:52:
2f:54:13:be:18:4b:43:10:e4:d8:52:6b:22:dc:82:
47:cd:ff:56:49:a1:7f:40:ef:96:e3:8f:4a:05:69:
1b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7E:F0:DE:F3:A5:4D:C4:66:24:7A:B6:12:DC:89:C0:6C:C5:94:41
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/LH7w3vOlTcRmJHq2EtyJwGzFlEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.72.64.0/19
212.102.160.0/19
213.131.192.0/19
IPv6:
2001:1578::/29
Signature Algorithm: sha256WithRSAEncryption
6e:46:b6:74:46:d2:92:53:9d:24:b9:44:a8:d1:88:08:d4:bb:
18:2f:82:a4:1f:3a:d2:67:88:9b:5b:8f:f8:f5:1d:d5:29:3f:
7a:63:59:d5:d4:36:2c:1b:85:42:13:aa:41:25:26:c6:de:95:
5d:7a:f2:38:da:91:8b:9f:63:03:e0:e8:9c:88:21:1e:98:60:
7f:e7:f0:9e:78:0d:ad:73:07:43:62:32:4e:ed:2c:d0:6d:82:
d9:73:6f:2e:df:84:6e:98:0a:49:a6:93:f9:f5:d2:a9:20:5f:
0b:f2:15:28:ea:b7:f3:65:a0:78:95:8e:d3:19:a5:ab:39:83:
57:7f:d0:18:17:85:bf:9d:1c:de:37:b7:5d:ca:b9:9e:a2:ad:
34:d0:0c:20:70:fd:8c:e7:6e:92:73:3a:b6:a8:66:07:76:9a:
d9:85:f6:81:bc:2e:eb:96:64:f2:61:42:a2:d9:ac:e1:71:e9:
1c:69:65:3c:6d:e3:8b:3e:43:66:93:da:e3:c6:25:eb:a2:fe:
61:d0:f0:2f:b8:6b:bf:5b:bd:ed:89:12:b8:77:e0:74:cd:a5:
79:be:5d:e0:28:07:de:5d:b2:81:7d:34:24:15:b1:ca:cc:ff:
93:7a:e2:97:a3:a6:3e:bb:ae:2c:75:59:6d:b4:6e:55:21:9a:
eb:52:c7:d2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhse2oFwF6a6lNdb+/PMaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDM1MWIyNzRmYzIzYTQyNzI4MzAzNjM4YTBkNjJiNjA2
NDAxYjQwHhcNMjUwMTAxMTE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdlZjBkZWYzYTU0ZGM0NjYyNDdhYjYxMmRjODljMDZjYzU5NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWNuXNsSxHKV5D434GaZiXkcosg5
OWFYaldzlstdjTtGKaXK6X/kVJh7lcDiW1b5NsFrtgvaXumNWyrwlttrUyqNy6ED
p6Q5zlPF5fMLS9nDrTxxU2SLC1WfAVvCFIPhr07ybFo3nfZPQ/FNa+pPSUYBbKAi
x47VrhhzVQ7fyApI/o+SUd1BsazJIJo/vTT/NPLRROcp6wjm53GLxSGUQuURa+3j
qSXY+PTPGbb4UcsCRY6kAcIx0xnMAO9Xc+QAAl99FUbwP4btheHbnHerd4RKgKH4
QNhk6WqdFF4bwFIvVBO+GEtDEOTYUmsi3IJHzf9WSaF/QO+W449KBWkboQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCx+8N7zpU3EZiR6thLcicBsxZRBMB8GA1UdIwQY
MBaAFLvTUbJ0/COkJygwNjig1itgZAG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYt
NDZiMzAyOGEwM2IwLzEvTEg3dzN2T2xUY1JtSkhxMkV0eUp3R3pGbEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMWY5MGEtMmJhZC00MWI0LWIxYTYtNDZiMzAyOGEwM2Iw
LzEvdTlOUnNuVDhJNlFuS0RBMk9LRFdLMkJrQWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQF1EhAAwQF
1GagAwQF1YPAMA0EAgACMAcDBQMgARV4MA0GCSqGSIb3DQEBCwUAA4IBAQBuRrZ0
RtKSU50kuUSo0YgI1LsYL4KkHzrSZ4ibW4/49R3VKT96Y1nV1DYsG4VCE6pBJSbG
3pVdevI42pGLn2MD4OiciCEemGB/5/CeeA2tcwdDYjJO7SzQbYLZc28u34RumApJ
ppP59dKpIF8L8hUo6rfzZaB4lY7TGaWrOYNXf9AYF4W/nRzeN7ddyrmeoq000Awg
cP2M526Sczq2qGYHdprZhfaBvC7rlmTyYUKi2azhcekcaWU8beOLPkNmk9rjxiXr
ov5h0PAvuGu/W73tiRK4d+B0zaV5vl3gKAfeXbKBfTQkFbHKzP+TeuKXo6Y+u64s
dVlttG5VIZrrUsfS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:59 2025 by rpki-client