Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LghdsOCYh3YTEhMNzdv7DLth8Bg.roa
File: LghdsOCYh3YTEhMNzdv7DLth8Bg.roa (raw, json)
Hash identifier: Rozv0JQjLPWBqxRIKkGPOppB/boSK9rfJz2CBev3lE8=
Subject key identifier: 2E:08:5D:B0:E0:98:87:76:13:12:13:0D:CD:DB:FB:0C:BB:61:F0:18
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5AF9A4728536C9A866980886B40D92E7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LghdsOCYh3YTEhMNzdv7DLth8Bg.roa
Signing time: Sun 03 Sep 2023 12:17:04 +0000
ROA not before: Sun 03 Sep 2023 12:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5a:f9:a4:72:85:36:c9:a8:66:98:08:86:b4:0d:92:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 12:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e085db0e09887761312130dcddbfb0cbb61f018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:09:f1:05:c2:93:6d:73:df:85:3c:01:bb:ea:
78:02:a2:97:16:7e:de:a6:ac:37:b4:df:0c:1f:04:
72:9e:fa:b9:d2:67:ec:99:52:8f:aa:44:da:d4:a9:
0d:8b:c2:5c:4f:fd:5a:ef:f8:5a:fc:f2:1c:02:2c:
f0:05:a5:41:75:8b:06:0c:4b:16:a2:3b:16:47:b3:
85:34:88:9e:90:00:bd:9b:c3:81:b1:08:bd:77:9d:
7c:16:56:3e:2e:d6:89:23:8a:f5:16:e6:b2:6a:99:
8d:68:a5:36:e1:89:ad:16:82:ec:a7:99:c9:b7:4e:
2d:54:bf:bf:4f:4d:f2:2b:a9:06:ba:8b:2e:63:dc:
ca:5f:b8:87:6e:45:a4:ef:0c:b6:05:01:2c:33:41:
60:d6:5d:1a:27:b6:b5:ed:61:30:46:08:12:26:66:
09:56:fd:cf:66:07:9a:1e:24:d2:50:35:ea:ea:55:
96:f6:33:2b:1b:6f:a4:24:93:4b:97:8e:0d:8b:dc:
2b:fd:0a:48:dd:7e:aa:95:4a:3a:02:1b:69:73:39:
3c:8e:84:f9:1b:f6:ab:6d:e7:03:63:ac:55:e6:04:
d2:de:c5:83:d2:18:1d:33:6b:3c:da:ae:1c:a1:03:
d9:a4:16:aa:20:7c:a0:35:e0:79:50:53:0d:2c:91:
c0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:08:5D:B0:E0:98:87:76:13:12:13:0D:CD:DB:FB:0C:BB:61:F0:18
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/LghdsOCYh3YTEhMNzdv7DLth8Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:e9:9e:bc:fe:53:74:b6:b9:00:b4:5a:99:ab:7a:9e:9d:e4:
a9:d7:eb:59:e6:9d:5a:f9:ff:d3:4c:41:a4:a8:24:52:91:5e:
29:37:06:07:af:ae:34:d9:a9:23:f6:d0:65:24:51:9d:f0:d5:
a1:bf:d6:44:94:0e:db:bc:77:8d:48:d6:86:96:49:26:eb:2d:
e6:82:f6:34:41:85:fb:62:87:9c:52:27:e0:81:d1:c0:51:dd:
d0:48:7e:22:51:64:3e:dd:d5:ea:80:af:22:39:fd:78:1c:76:
26:0c:57:f1:06:4f:a5:47:f7:45:52:fb:ae:76:12:f0:42:00:
44:ca:4e:f3:eb:19:5d:36:af:f0:13:9f:5c:7e:96:31:33:19:
5a:3e:ce:4e:fa:1a:37:4f:dd:1c:49:43:42:42:5f:3a:ea:fd:
2c:6e:05:3e:32:cc:ed:c6:2a:f7:76:68:f4:d1:4d:c8:22:93:
b3:b5:8c:77:ae:47:d8:b5:9c:0a:94:80:91:b7:7c:ff:ac:a8:
2b:7a:f8:c2:f9:dd:12:f4:fe:a8:ad:b5:02:c3:49:20:42:eb:
b5:b1:92:c6:b1:5e:fa:3c:72:79:85:67:0e:5a:01:09:bc:66:
54:34:0f:f2:5d:6d:8b:a1:7c:36:e0:3a:69:e0:b2:e0:89:b7:
6e:da:8e:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpa+aRyhTbJqGaYCIa0DZLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTIxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA4NWRiMGUwOTg4Nzc2MTMxMjEzMGRjZGRiZmIwY2JiNjFmMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwnxBcKTbXPfhTwBu+p4AqKXFn7e
pqw3tN8MHwRynvq50mfsmVKPqkTa1KkNi8JcT/1a7/ha/PIcAizwBaVBdYsGDEsW
ojsWR7OFNIiekAC9m8OBsQi9d518FlY+LtaJI4r1FuayapmNaKU24YmtFoLsp5nJ
t04tVL+/T03yK6kGuosuY9zKX7iHbkWk7wy2BQEsM0Fg1l0aJ7a17WEwRggSJmYJ
Vv3PZgeaHiTSUDXq6lWW9jMrG2+kJJNLl44Ni9wr/QpI3X6qlUo6Ahtpczk8joT5
G/arbecDY6xV5gTS3sWD0hgdM2s82q4coQPZpBaqIHygNeB5UFMNLJHAHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC4IXbDgmId2ExITDc3b+wy7YfAYMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTGdoZHNPQ1loM1lURWhNTnpkdjdETHRoOEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJjpnrz+U3S2uQC0Wpmr
ep6d5KnX61nmnVr5/9NMQaSoJFKRXik3BgevrjTZqSP20GUkUZ3w1aG/1kSUDtu8
d41I1oaWSSbrLeaC9jRBhftih5xSJ+CB0cBR3dBIfiJRZD7d1eqAryI5/XgcdiYM
V/EGT6VH90VS+652EvBCAETKTvPrGV02r/ATn1x+ljEzGVo+zk76GjdP3RxJQ0JC
Xzrq/SxuBT4yzO3GKvd2aPTRTcgik7O1jHeuR9i1nAqUgJG3fP+sqCt6+ML53RL0
/qittQLDSSBC67WxksaxXvo8cnmFZw5aAQm8ZlQ0D/JdbYuhfDbgOmngsuCJt27a
joA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:44 2025 by rpki-client