Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/LQeosQtAPfSnVgSVDz2OO819_2c.roa
File: LQeosQtAPfSnVgSVDz2OO819_2c.roa (raw, json)
Hash identifier: Tkr19vAUAWlnJvYoR9UT3slqIpIAZEXQA2P0LTiz6vk=
Subject key identifier: 2D:07:A8:B1:0B:40:3D:F4:A7:56:04:95:0F:3D:8E:3B:CD:7D:FF:67
Certificate issuer: /CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Certificate serial: 019422203EE27E19C3645A1C13251DA08D08
Authority key identifier: 2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/LQeosQtAPfSnVgSVDz2OO819_2c.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21427
IP address blocks: 37.235.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3e:e2:7e:19:c3:64:5a:1c:13:25:1d:a0:8d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d07a8b10b403df4a75604950f3d8e3bcd7dff67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b0:c9:89:ea:25:31:1b:d6:85:69:89:4b:de:
6b:73:bf:1b:a5:b2:1f:d1:6d:54:14:fd:95:cb:89:
69:96:81:74:60:97:f5:49:5a:00:db:a9:db:5b:c3:
17:8f:0e:86:1f:a7:5a:66:6f:db:2b:fb:25:f4:37:
78:b4:c3:98:7c:fc:d3:8e:95:56:cf:03:ae:bc:c7:
1a:44:c7:0d:32:05:d6:89:a6:47:a6:ad:92:3b:3c:
3a:fa:fa:46:8e:6f:4c:fc:66:d9:30:d1:97:45:86:
44:00:9c:4d:87:e6:17:e9:d8:65:a0:6e:cd:f5:ec:
c4:92:c8:8a:1a:f0:2d:61:b0:ef:00:f8:3f:01:96:
98:3c:c2:f1:e3:50:90:e5:5f:d3:a5:16:71:9c:d6:
9b:c8:d7:e2:53:2d:7c:a0:20:4c:ee:c9:8b:90:7b:
a5:e7:87:8a:61:8b:9f:fb:cd:8f:41:9b:be:c8:20:
56:81:ac:21:b9:0a:6b:80:4e:44:23:02:95:f6:ee:
d4:cb:63:ff:c8:66:84:00:6b:5e:69:1e:35:57:5c:
9e:76:19:fc:db:f4:9a:a9:3e:b3:bd:bd:0f:d9:f9:
3e:a2:8b:6e:b7:37:94:d7:f2:f3:ac:ff:a2:a0:15:
58:e4:00:53:82:32:28:bc:ff:e4:ad:a0:3b:08:c1:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:07:A8:B1:0B:40:3D:F4:A7:56:04:95:0F:3D:8E:3B:CD:7D:FF:67
X509v3 Authority Key Identifier:
keyid:2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/LQeosQtAPfSnVgSVDz2OO819_2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/KseP1RenX3fz9P0imsXmcyVgxuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.77.0/24
Signature Algorithm: sha256WithRSAEncryption
96:66:58:50:8c:87:37:57:d1:04:43:46:88:fa:14:8a:b4:9a:
87:dc:35:e2:e7:72:82:c5:00:cf:0c:53:eb:51:ae:a1:b3:e1:
dc:74:47:5c:ad:7a:75:1c:f3:33:34:3d:0a:03:a5:ed:7d:96:
38:7c:0d:cb:96:10:60:4c:8d:3b:ba:8f:a3:82:d7:82:7a:52:
66:9b:5f:69:44:76:46:49:35:5b:e8:4f:42:b8:3b:39:25:31:
86:98:4a:6d:be:a5:39:08:20:57:61:45:cd:68:14:b6:7f:0b:
ae:a4:48:bb:68:9e:c4:10:60:56:86:19:78:8d:59:14:47:1b:
e2:f4:90:af:1a:92:a1:4f:d7:99:1c:3f:43:78:72:45:c7:65:
1e:ed:8d:bc:79:c9:c2:a4:7f:63:05:2e:ce:a2:25:6a:88:31:
00:19:4e:8a:ed:67:19:2c:58:e7:17:2c:fb:e5:61:81:9c:32:
54:fd:5a:6a:3f:16:f4:d8:ca:77:4e:3b:fa:7a:c4:9b:63:30:
86:72:35:b1:d9:f4:4f:70:ad:2b:bb:22:7b:03:11:4a:2f:a2:
5e:8a:f9:bc:35:11:7b:8e:c5:4c:4f:e5:7c:1c:49:23:1c:72:
59:c0:0b:b1:79:3b:40:98:e5:2c:37:cc:f9:bc:05:01:c4:d9:
4b:1a:5c:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiID7ifhnDZFocEyUdoI0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzc4ZmQ1MTdhNzVmNzdmM2Y0ZmQyMjlhYzVlNjczMjU2
MGM2ZTEwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDA3YThiMTBiNDAzZGY0YTc1NjA0OTUwZjNkOGUzYmNkN2RmZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLDJieolMRvWhWmJS95rc78bpbIf
0W1UFP2Vy4lploF0YJf1SVoA26nbW8MXjw6GH6daZm/bK/sl9Dd4tMOYfPzTjpVW
zwOuvMcaRMcNMgXWiaZHpq2SOzw6+vpGjm9M/GbZMNGXRYZEAJxNh+YX6dhloG7N
9ezEksiKGvAtYbDvAPg/AZaYPMLx41CQ5V/TpRZxnNabyNfiUy18oCBM7smLkHul
54eKYYuf+82PQZu+yCBWgawhuQprgE5EIwKV9u7Uy2P/yGaEAGteaR41V1yedhn8
2/SaqT6zvb0P2fk+ootutzeU1/LzrP+ioBVY5ABTgjIovP/kraA7CMHQyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0HqLELQD30p1YElQ89jjvNff9nMB8GA1UdIwQY
MBaAFCrHj9UXp1938/T9IprF5nMlYMbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NlUDFSZW5YM2Z6OVAwaW1zWG1jeVZneHVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jOGYwMmItMGFiYy00MWZlLWJjNTQt
YWM4MDBjNmQ5NzZmLzEvTFFlb3NRdEFQZlNuVmdTVkR6Mk9PODE5XzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jOGYwMmItMGFiYy00MWZlLWJjNTQtYWM4MDBjNmQ5NzZm
LzEvS3NlUDFSZW5YM2Z6OVAwaW1zWG1jeVZneHVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJetNMA0G
CSqGSIb3DQEBCwUAA4IBAQCWZlhQjIc3V9EEQ0aI+hSKtJqH3DXi53KCxQDPDFPr
Ua6hs+HcdEdcrXp1HPMzND0KA6XtfZY4fA3LlhBgTI07uo+jgteCelJmm19pRHZG
STVb6E9CuDs5JTGGmEptvqU5CCBXYUXNaBS2fwuupEi7aJ7EEGBWhhl4jVkURxvi
9JCvGpKhT9eZHD9DeHJFx2Ue7Y28ecnCpH9jBS7OoiVqiDEAGU6K7WcZLFjnFyz7
5WGBnDJU/VpqPxb02Mp3Tjv6esSbYzCGcjWx2fRPcK0ruyJ7AxFKL6Jeivm8NRF7
jsVMT+V8HEkjHHJZwAuxeTtAmOUsN8z5vAUBxNlLGlxr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:44 2025 by rpki-client