Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/55Ko8L4DfJGr1GsAwl7LDKSWUOU.roa
File: 55Ko8L4DfJGr1GsAwl7LDKSWUOU.roa (raw, json)
Hash identifier: psKKzbtdVmfbgoJcgoYpYHhQy7c50R4DZBOEc+q9D1o=
Subject key identifier: E7:92:A8:F0:BE:03:7C:91:AB:D4:6B:00:C2:5E:CB:0C:A4:96:50:E5
Certificate issuer: /CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Certificate serial: 019424453DC389F2CCF1F8ABE72CE4E9B923
Authority key identifier: 2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/55Ko8L4DfJGr1GsAwl7LDKSWUOU.roa
Signing time: Wed 01 Jan 2025 23:48:25 +0000
ROA not before: Wed 01 Jan 2025 23:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44002
IP address blocks: 79.98.72.0/21 maxlen: 21
79.98.72.0/24 maxlen: 24
79.98.73.0/24 maxlen: 24
79.98.74.0/24 maxlen: 24
79.98.75.0/24 maxlen: 24
79.98.76.0/24 maxlen: 24
79.98.77.0/24 maxlen: 24
79.98.78.0/24 maxlen: 24
79.98.79.0/24 maxlen: 24
185.4.200.0/22 maxlen: 22
185.4.200.0/24 maxlen: 24
185.4.201.0/24 maxlen: 24
185.4.202.0/24 maxlen: 24
185.4.203.0/24 maxlen: 24
2a02:970::/32 maxlen: 48
2a02:970:1::/48 maxlen: 48
2a02:970:440::/43 maxlen: 43
2a02:970:450::/48 maxlen: 48
2a02:970:470::/48 maxlen: 48
2a02:970:1006::/48 maxlen: 48
2a02:970:1017::/48 maxlen: 48
2a02:970:1019::/48 maxlen: 48
2a02:970:1028::/48 maxlen: 48
2a02:970:1052::/48 maxlen: 48
2a02:970:1061::/48 maxlen: 48
2a02:970:1176::/48 maxlen: 48
2a02:970:1185::/48 maxlen: 48
2a02:970:1192::/48 maxlen: 48
2a02:970:1206::/48 maxlen: 48
2a02:970:1245::/48 maxlen: 48
2a02:970:1366::/48 maxlen: 48
2a02:970:1446::/48 maxlen: 48
2a02:970:1c01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3d:c3:89:f2:cc:f1:f8:ab:e7:2c:e4:e9:b9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Validity
Not Before: Jan 1 23:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e792a8f0be037c91abd46b00c25ecb0ca49650e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:43:56:94:77:c2:58:0b:70:6e:26:d1:28:
41:58:53:5d:3e:47:75:70:a5:6c:6f:6f:e2:23:4e:
ad:e1:5e:af:fe:a5:db:1c:d2:f4:fe:c7:99:af:af:
d3:79:5b:9a:09:0f:35:19:82:ec:07:5d:e0:86:7f:
5a:c5:ce:48:7e:f4:a3:67:1c:cf:01:7a:8c:c0:5f:
f7:11:bc:62:d8:00:d6:2b:9c:d6:e8:97:32:91:83:
7e:15:5b:0a:cb:c8:2f:6a:8f:e1:79:ca:eb:19:ba:
18:fb:ba:11:98:0d:d6:cb:89:4c:47:e1:14:45:25:
82:1d:7c:2c:9b:6d:40:4c:2d:94:4d:bb:32:27:a0:
d5:c4:80:78:e8:79:21:e3:f1:25:85:2e:72:0c:f5:
e8:e9:ba:3d:7e:22:31:c4:88:38:6a:22:5d:d6:e9:
75:ee:a1:b2:a7:1e:99:44:eb:f4:a0:fe:8c:fe:c3:
27:24:5f:28:07:7a:f3:d5:62:6c:74:66:17:c1:38:
c3:80:f6:c3:1c:0a:41:85:4f:e0:66:f8:2d:68:22:
0c:46:2a:19:98:85:d2:70:89:72:b9:2d:dd:bc:dd:
45:5a:f7:a1:a5:d4:73:6e:3f:cd:c9:c0:2e:04:38:
6b:ed:e1:72:2b:fc:e0:95:a1:d7:b3:bf:bb:76:b2:
de:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:92:A8:F0:BE:03:7C:91:AB:D4:6B:00:C2:5E:CB:0C:A4:96:50:E5
X509v3 Authority Key Identifier:
keyid:2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/55Ko8L4DfJGr1GsAwl7LDKSWUOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/LwNC4NI-9-BrHf9cxu5PoXr4vZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.72.0/21
185.4.200.0/22
IPv6:
2a02:970::/32
Signature Algorithm: sha256WithRSAEncryption
6e:b3:c4:9a:f2:cc:1f:48:78:7d:dc:31:1e:14:6b:44:a0:88:
28:c1:d5:ca:02:a4:7d:09:e2:a0:43:8a:82:98:15:ac:2f:f4:
05:79:a8:e4:6f:d5:da:72:14:9a:35:6d:5c:fd:b7:d7:a2:3f:
9b:9f:bb:cf:e5:55:e2:ff:de:d9:45:5e:8a:5c:17:44:95:37:
4d:fa:1a:3c:7d:9d:9a:a3:28:9d:06:0a:48:63:2c:32:a9:44:
45:ea:3a:b3:fd:21:20:30:ea:cd:fe:96:ab:b3:c8:2b:19:84:
6d:f2:a4:1c:a1:a0:c5:fb:ba:29:0f:f5:c2:e6:61:9a:78:cb:
bd:ca:dd:03:5d:65:62:ec:38:12:4f:7e:1d:02:fb:5d:1e:c9:
08:34:b9:46:4b:34:74:24:ba:66:2d:92:10:52:70:21:24:b4:
d5:11:13:fd:03:d6:56:0c:06:27:95:54:3c:cb:93:93:7f:c1:
4c:b0:90:e7:56:f4:56:28:38:49:43:b0:cc:06:ea:98:f6:9a:
71:a7:4e:88:65:2f:0c:c0:e9:fe:c9:c5:6e:77:3b:c4:71:4c:
ec:e9:bb:b3:5e:e3:30:e2:8b:1e:9b:f2:85:e6:62:83:74:c0:
28:2b:6f:05:67:4f:c1:22:56:c6:aa:79:2e:3a:7a:1d:25:9b:
6f:8b:97:3e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRT3DifLM8fir5yzk6bkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMDM0MmUwZDIzZWY3ZTA2YjFkZmY1Y2M2ZWU0ZmExN2Fm
OGJkOTgwHhcNMjUwMTAxMjM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzkyYThmMGJlMDM3YzkxYWJkNDZiMDBjMjVlY2IwY2E0OTY1MGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9pDVpR3wlgLcG4m0ShBWFNdPkd1
cKVsb2/iI06t4V6v/qXbHNL0/seZr6/TeVuaCQ81GYLsB13ghn9axc5IfvSjZxzP
AXqMwF/3Ebxi2ADWK5zW6JcykYN+FVsKy8gvao/hecrrGboY+7oRmA3Wy4lMR+EU
RSWCHXwsm21ATC2UTbsyJ6DVxIB46Hkh4/ElhS5yDPXo6bo9fiIxxIg4aiJd1ul1
7qGypx6ZROv0oP6M/sMnJF8oB3rz1WJsdGYXwTjDgPbDHApBhU/gZvgtaCIMRioZ
mIXScIlyuS3dvN1FWvehpdRzbj/NycAuBDhr7eFyK/zglaHXs7+7drLeaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOeSqPC+A3yRq9RrAMJeywykllDlMB8GA1UdIwQY
MBaAFC8DQuDSPvfgax3/XMbuT6F6+L2YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2Mt
YzkxMGFmOTNlNDI2LzEvNTVLbzhMNERmSkdyMUdzQXdsN0xES1NXVU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2MtYzkxMGFmOTNlNDI2
LzEvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2JIAwQC
uQTIMA0EAgACMAcDBQAqAglwMA0GCSqGSIb3DQEBCwUAA4IBAQBus8Sa8swfSHh9
3DEeFGtEoIgowdXKAqR9CeKgQ4qCmBWsL/QFeajkb9XachSaNW1c/bfXoj+bn7vP
5VXi/97ZRV6KXBdElTdN+ho8fZ2aoyidBgpIYywyqURF6jqz/SEgMOrN/pars8gr
GYRt8qQcoaDF+7opD/XC5mGaeMu9yt0DXWVi7DgST34dAvtdHskINLlGSzR0JLpm
LZIQUnAhJLTVERP9A9ZWDAYnlVQ8y5OTf8FMsJDnVvRWKDhJQ7DMBuqY9ppxp06I
ZS8MwOn+ycVudzvEcUzs6buzXuMw4osem/KF5mKDdMAoK28FZ0/BIlbGqnkuOnod
JZtvi5c+
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:31:52 2025 by rpki-client