Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/Lf-7J_CEiQS4b7WeR5Eaw4iyRLQ.roa
File: Lf-7J_CEiQS4b7WeR5Eaw4iyRLQ.roa (raw, json)
Hash identifier: 99fN5956ngv/TFkL8FxEzwLHD53MuB+d8ra8OJh/4dM=
Subject key identifier: 2D:FF:BB:27:F0:84:89:04:B8:6F:B5:9E:47:91:1A:C3:88:B2:44:B4
Certificate issuer: /CN=53f39d2f20e2d9b4f96cbd1337ea32da518d8ec8
Certificate serial: 01942368DD18C68A6A969825E10713DABA97
Authority key identifier: 53:F3:9D:2F:20:E2:D9:B4:F9:6C:BD:13:37:EA:32:DA:51:8D:8E:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_OdLyDi2bT5bL0TN-oy2lGNjsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/Lf-7J_CEiQS4b7WeR5Eaw4iyRLQ.roa
Signing time: Wed 01 Jan 2025 19:47:42 +0000
ROA not before: Wed 01 Jan 2025 19:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58291
IP address blocks: 5.39.184.0/21 maxlen: 21
185.79.152.0/22 maxlen: 22
185.140.184.0/22 maxlen: 22
2a02:f640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:dd:18:c6:8a:6a:96:98:25:e1:07:13:da:ba:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f39d2f20e2d9b4f96cbd1337ea32da518d8ec8
Validity
Not Before: Jan 1 19:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dffbb27f0848904b86fb59e47911ac388b244b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cc:72:aa:cf:3d:29:2a:fe:3c:cd:75:db:83:
7e:52:52:c8:bf:d4:f5:4f:da:98:94:3d:ff:49:66:
c0:53:a4:66:a7:3b:39:8a:c1:cb:11:e8:77:18:71:
05:8e:44:51:82:5b:f4:2f:b7:82:62:a5:a8:58:42:
d8:ed:52:58:98:49:2f:ca:4a:38:c1:a2:ca:b2:f6:
0c:77:97:50:8e:e2:89:43:87:30:88:e6:04:dc:c6:
86:f8:2d:62:c2:2d:e3:8a:c3:d9:f9:b9:42:60:42:
35:1f:e9:1b:00:36:ee:18:db:28:7f:13:a3:3a:12:
d0:1f:00:a0:19:45:de:55:26:26:ae:5c:95:a8:4c:
bf:8a:1c:63:83:48:08:34:26:3a:56:6b:d4:56:b9:
ca:0d:94:dd:b1:d5:d4:79:47:bd:a4:f3:ff:da:a9:
dc:49:df:96:99:61:a5:98:84:44:0c:0e:22:06:05:
91:57:24:e8:c5:88:e6:fa:d7:29:66:6c:97:e1:87:
8c:d4:b9:b9:6e:a0:6d:94:e4:8e:0a:83:c7:74:9c:
26:33:d4:c9:c5:b2:e5:44:a1:02:1d:0c:cd:cd:5a:
94:bf:9b:d6:d1:df:dd:b0:ca:9b:39:18:a5:ed:99:
1c:d6:7d:51:e6:06:bf:17:61:10:40:e9:28:82:54:
58:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FF:BB:27:F0:84:89:04:B8:6F:B5:9E:47:91:1A:C3:88:B2:44:B4
X509v3 Authority Key Identifier:
keyid:53:F3:9D:2F:20:E2:D9:B4:F9:6C:BD:13:37:EA:32:DA:51:8D:8E:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_OdLyDi2bT5bL0TN-oy2lGNjsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/Lf-7J_CEiQS4b7WeR5Eaw4iyRLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/U_OdLyDi2bT5bL0TN-oy2lGNjsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.184.0/21
185.79.152.0/22
185.140.184.0/22
IPv6:
2a02:f640::/29
Signature Algorithm: sha256WithRSAEncryption
90:56:bf:6f:04:74:66:d0:7a:94:af:af:e8:49:cf:f0:db:cb:
2b:ed:29:2c:7e:b1:5a:d2:4c:e5:24:9e:b6:04:80:85:b3:82:
5f:da:c5:ce:60:30:81:0f:19:6a:40:a4:b1:df:25:1d:13:d9:
22:6f:33:30:cd:0c:38:a1:10:cc:84:89:85:79:53:44:3a:35:
c1:7a:23:6b:eb:55:43:74:0a:23:7a:93:71:fb:10:78:bd:d2:
6e:76:b0:2d:24:83:0f:2c:12:a3:69:68:59:c4:44:5a:f1:ba:
9e:b1:45:2e:e3:f6:3c:25:80:4f:18:43:07:dc:b9:b0:18:24:
99:57:a8:09:b9:c3:8b:68:7f:6d:53:48:7a:c0:13:af:9c:3f:
c2:e4:04:36:cd:e7:d5:c0:3e:0c:52:5d:e3:56:2f:99:a5:6e:
a6:49:7a:8e:d4:3b:6d:7f:87:32:4e:64:f3:46:8b:54:93:5c:
ae:d6:7a:87:35:f0:25:bf:ad:5c:3f:20:33:6f:15:f6:3c:30:
e0:ca:5a:97:23:ca:f9:1d:a7:0a:80:c4:d7:3f:e1:95:21:97:
dd:91:f1:67:d2:e6:3c:2a:ec:de:ed:3f:52:51:d8:60:f8:3f:
14:81:90:a2:50:e2:73:50:d2:37:bc:54:9b:e5:5e:56:d3:c9:
36:45:b0:ec
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQjaN0Yxopqlpgl4QcT2rqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM5ZDJmMjBlMmQ5YjRmOTZjYmQxMzM3ZWEzMmRhNTE4
ZDhlYzgwHhcNMjUwMTAxMTk0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZmYmIyN2YwODQ4OTA0Yjg2ZmI1OWU0NzkxMWFjMzg4YjI0NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sxyqs89KSr+PM1124N+UlLIv9T1
T9qYlD3/SWbAU6Rmpzs5isHLEeh3GHEFjkRRglv0L7eCYqWoWELY7VJYmEkvyko4
waLKsvYMd5dQjuKJQ4cwiOYE3MaG+C1iwi3jisPZ+blCYEI1H+kbADbuGNsofxOj
OhLQHwCgGUXeVSYmrlyVqEy/ihxjg0gINCY6VmvUVrnKDZTdsdXUeUe9pPP/2qnc
Sd+WmWGlmIREDA4iBgWRVyToxYjm+tcpZmyX4YeM1Lm5bqBtlOSOCoPHdJwmM9TJ
xbLlRKECHQzNzVqUv5vW0d/dsMqbORil7Zkc1n1R5ga/F2EQQOkoglRYxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC3/uyfwhIkEuG+1nkeRGsOIskS0MB8GA1UdIwQY
MBaAFFPznS8g4tm0+Wy9EzfqMtpRjY7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9PZEx5RGkyYlQ1YkwwVE4tb3kybEdOanNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xZDhmY2EtYjQ2Mi00MzEzLWE1MjMt
ZTQxMWI0M2RjNjhhLzEvTGYtN0pfQ0VpUVM0YjdXZVI1RWF3NGl5UkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xZDhmY2EtYjQ2Mi00MzEzLWE1MjMtZTQxMWI0M2RjNjhh
LzEvVV9PZEx5RGkyYlQ1YkwwVE4tb3kybEdOanNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBSe4AwQC
uU+YAwQCuYy4MA0EAgACMAcDBQMqAvZAMA0GCSqGSIb3DQEBCwUAA4IBAQCQVr9v
BHRm0HqUr6/oSc/w28sr7SksfrFa0kzlJJ62BICFs4Jf2sXOYDCBDxlqQKSx3yUd
E9kibzMwzQw4oRDMhImFeVNEOjXBeiNr61VDdAojepNx+xB4vdJudrAtJIMPLBKj
aWhZxERa8bqesUUu4/Y8JYBPGEMH3LmwGCSZV6gJucOLaH9tU0h6wBOvnD/C5AQ2
zefVwD4MUl3jVi+ZpW6mSXqO1Dttf4cyTmTzRotUk1yu1nqHNfAlv61cPyAzbxX2
PDDgylqXI8r5HacKgMTXP+GVIZfdkfFn0uY8Kuze7T9SUdhg+D8UgZCiUOJzUNI3
vFSb5V5W08k2RbDs
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:52:17 2025 by rpki-client