Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lzk3nFfrO9mvzma5aZxrK9nexZU.roa
File: lzk3nFfrO9mvzma5aZxrK9nexZU.roa (raw, json)
Hash identifier: yocl/owqrtiZT3Y6kSCXDmPE52smGQy6kBd4j3KwFRI=
Subject key identifier: 97:39:37:9C:57:EB:3B:D9:AF:CE:66:B9:69:9C:6B:2B:D9:DE:C5:95
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBD265054E7AA3C9CD9136C1BF021D
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lzk3nFfrO9mvzma5aZxrK9nexZU.roa
Signing time: Wed 01 Jan 2025 17:48:36 +0000
ROA not before: Wed 01 Jan 2025 17:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396602
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d2:65:05:4e:7a:a3:c9:cd:91:36:c1:bf:02:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9739379c57eb3bd9afce66b9699c6b2bd9dec595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:10:70:0d:df:a3:e7:fa:fb:f8:0d:30:a4:93:
63:d4:fc:70:ad:94:c9:38:81:a9:19:7d:87:39:5f:
fc:28:75:4c:e1:c1:77:75:e2:ad:02:e6:28:f4:09:
37:00:20:4a:02:71:10:94:a7:c4:6c:9c:75:32:24:
43:4e:e8:1e:3d:03:22:24:d5:18:f5:54:b9:e1:f4:
4e:cd:83:67:74:63:8d:a6:0b:36:ef:4a:8c:a1:4e:
da:98:8d:cc:a1:89:7f:14:cc:0c:7d:78:26:41:ce:
c3:c8:bb:f5:37:01:c5:0a:db:89:f4:90:9e:be:d1:
82:2e:81:b3:b1:27:89:29:e1:36:c0:22:4c:f0:60:
30:62:27:56:8e:10:a5:64:34:40:0b:de:c7:37:ff:
d0:a1:35:f7:4d:a6:40:91:29:86:ab:51:13:4d:c5:
33:e3:f2:83:fd:df:26:03:8b:e6:ec:87:f1:ea:4b:
2d:96:64:04:09:f2:0e:73:7e:0b:4d:f4:41:51:96:
17:76:63:bf:68:8d:70:16:8b:11:d9:51:7a:63:8c:
b0:62:8a:02:29:4e:03:88:29:a4:ae:54:c1:46:a5:
c8:4d:c8:7a:1e:42:1e:12:29:e8:db:5e:f5:fb:6c:
8a:c9:8d:21:14:39:2d:36:5c:cd:f8:58:9a:71:8f:
a6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:39:37:9C:57:EB:3B:D9:AF:CE:66:B9:69:9C:6B:2B:D9:DE:C5:95
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lzk3nFfrO9mvzma5aZxrK9nexZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
3d:f1:8e:f7:77:b0:31:ef:ad:77:e4:32:de:a9:9d:8b:25:50:
5c:bb:71:19:7f:bc:2e:79:1c:6e:b8:d5:d2:96:c3:b0:a3:11:
bc:9d:e1:f7:bd:5b:e0:68:f4:b2:f9:d9:c7:67:ea:4d:33:ff:
af:1f:70:6e:c1:61:00:fe:84:b2:b3:25:97:f5:ce:fa:1c:a8:
f2:32:f3:75:0e:c0:8e:ed:b5:80:60:3d:96:8f:f2:91:82:8d:
cd:1a:f6:ca:03:65:1f:28:14:55:97:fa:8a:a0:99:d5:f2:62:
fd:cc:a8:65:69:ee:17:13:39:fb:0d:74:d2:d2:d3:3c:0e:2b:
9c:36:c5:00:d0:56:7b:f9:aa:74:ed:c2:52:22:a5:f8:c1:2f:
d9:21:7d:33:74:88:5a:aa:a0:27:28:8d:3e:21:2d:53:cb:00:
0c:20:db:81:f0:c9:91:60:93:a7:0e:63:56:90:f2:34:98:ea:
04:bb:bf:24:f0:42:e6:1d:aa:f0:e9:e1:65:18:ef:fa:b8:68:
47:54:3a:fe:fc:8a:7e:ef:00:a7:53:84:10:de:55:aa:b5:7c:
06:e4:c4:bd:a0:04:cd:39:ba:45:f2:39:1a:f1:76:9a:59:c3:
cd:f3:81:0e:34:6b:6c:a4:8d:5c:45:11:11:ab:4b:38:a8:a7:
6d:ff:1f:5a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+9JlBU56o8nNkTbBvwIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM5Mzc5YzU3ZWIzYmQ5YWZjZTY2Yjk2OTljNmIyYmQ5ZGVjNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hBwDd+j5/r7+A0wpJNj1PxwrZTJ
OIGpGX2HOV/8KHVM4cF3deKtAuYo9Ak3ACBKAnEQlKfEbJx1MiRDTugePQMiJNUY
9VS54fROzYNndGONpgs270qMoU7amI3MoYl/FMwMfXgmQc7DyLv1NwHFCtuJ9JCe
vtGCLoGzsSeJKeE2wCJM8GAwYidWjhClZDRAC97HN//QoTX3TaZAkSmGq1ETTcUz
4/KD/d8mA4vm7Ifx6kstlmQECfIOc34LTfRBUZYXdmO/aI1wFosR2VF6Y4ywYooC
KU4DiCmkrlTBRqXITch6HkIeEino2171+2yKyY0hFDktNlzN+FiacY+mmQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJc5N5xX6zvZr85muWmcayvZ3sWVMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvbHprM25GZnJPOW12em1hNWFaeHJLOW5leFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAD3xjvd3sDHvrXfkMt6pnYslUFy7cRl/
vC55HG641dKWw7CjEbyd4fe9W+Bo9LL52cdn6k0z/68fcG7BYQD+hLKzJZf1zvoc
qPIy83UOwI7ttYBgPZaP8pGCjc0a9soDZR8oFFWX+oqgmdXyYv3MqGVp7hcTOfsN
dNLS0zwOK5w2xQDQVnv5qnTtwlIipfjBL9khfTN0iFqqoCcojT4hLVPLAAwg24Hw
yZFgk6cOY1aQ8jSY6gS7vyTwQuYdqvDp4WUY7/q4aEdUOv78in7vAKdThBDeVaq1
fAbkxL2gBM05ukXyORrxdppZw83zgQ40a2ykjVxFERGrSziop23/H1o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:22 2025 by rpki-client