Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/l2XBgGbcIMQ-iwqh11S1_yjLWig.roa
File: l2XBgGbcIMQ-iwqh11S1_yjLWig.roa (raw, json)
Hash identifier: nZxnXhBR3pemT3iBrE0kPVvVmqlAyhaBxoPDBmxVBEw=
Subject key identifier: 97:65:C1:80:66:DC:20:C4:3E:8B:0A:A1:D7:54:B5:FF:28:CB:5A:28
Certificate issuer: /CN=2c75f35d256cc4a5b88319bb7e4bbba329e49341
Certificate serial: 019425FD37128E5DE7F122426B40C8DD2BF7
Authority key identifier: 2C:75:F3:5D:25:6C:C4:A5:B8:83:19:BB:7E:4B:BB:A3:29:E4:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHXzXSVsxKW4gxm7fku7oynkk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/l2XBgGbcIMQ-iwqh11S1_yjLWig.roa
Signing time: Thu 02 Jan 2025 07:48:59 +0000
ROA not before: Thu 02 Jan 2025 07:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200044
IP address blocks: 195.22.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:37:12:8e:5d:e7:f1:22:42:6b:40:c8:dd:2b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c75f35d256cc4a5b88319bb7e4bbba329e49341
Validity
Not Before: Jan 2 07:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9765c18066dc20c43e8b0aa1d754b5ff28cb5a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:8f:e0:2e:85:96:e3:37:99:78:ce:85:1f:
13:f6:f1:33:91:91:f2:ee:2e:1f:44:30:43:ef:c9:
51:fc:49:04:3e:43:c3:f4:5d:d9:98:98:0e:17:dd:
ce:0f:b5:67:86:32:ac:57:f8:4f:e7:eb:c1:1c:82:
e2:73:56:09:b1:eb:9a:0c:1f:e5:58:e8:e4:89:32:
94:24:38:9e:b9:44:83:f1:de:6f:3f:94:d9:4d:af:
3b:87:76:c8:66:6e:ad:04:ad:5a:72:7d:1d:b0:44:
52:9f:95:69:f0:3a:e9:3d:3d:77:77:ec:6b:75:7c:
b9:ed:59:a0:af:d1:82:44:76:2a:cb:5c:28:bc:1f:
5e:34:23:2a:26:9e:ed:3f:c2:2b:4a:f6:80:5d:b8:
6f:ce:00:95:f8:88:7f:1e:74:1f:57:9d:fe:4c:f3:
0a:9f:b2:22:76:41:50:39:bc:6c:09:21:00:44:73:
ac:ce:31:d5:ee:62:5e:d5:90:e3:30:18:57:59:4f:
29:d4:4a:2e:27:05:20:61:11:d8:a8:d7:81:08:5b:
c6:23:e9:73:be:94:39:f8:1b:3e:69:bd:84:09:2e:
bf:39:b8:88:11:c8:91:02:71:53:d7:45:a8:c3:d3:
21:98:7e:4b:90:0b:65:60:a8:f8:36:37:eb:39:74:
28:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:65:C1:80:66:DC:20:C4:3E:8B:0A:A1:D7:54:B5:FF:28:CB:5A:28
X509v3 Authority Key Identifier:
keyid:2C:75:F3:5D:25:6C:C4:A5:B8:83:19:BB:7E:4B:BB:A3:29:E4:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHXzXSVsxKW4gxm7fku7oynkk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/l2XBgGbcIMQ-iwqh11S1_yjLWig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/LHXzXSVsxKW4gxm7fku7oynkk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.123.0/24
Signature Algorithm: sha256WithRSAEncryption
45:93:c0:8d:e2:3e:5d:c2:0b:b4:89:7e:5d:46:27:d9:ce:30:
0f:79:7a:4c:a6:60:05:b7:dc:2b:df:ac:0d:00:f1:bf:16:ba:
82:65:1e:8d:a6:14:63:94:f4:8b:14:f2:60:4e:cf:54:62:03:
fc:fa:48:ea:32:16:c6:b3:b8:98:32:09:5c:fe:e1:e1:2d:45:
bb:e6:11:65:60:58:f1:72:f3:be:2a:e5:79:ac:62:a4:5e:1b:
e8:9b:37:49:0f:2e:6a:42:1c:e4:11:be:75:56:18:be:b0:1a:
55:b1:63:e5:ad:85:65:d7:9b:ec:d9:86:dd:ee:76:4f:6e:65:
31:c5:70:c1:a6:46:b8:5d:63:32:ee:06:7b:5b:8d:61:cb:b2:
3f:11:08:b8:a4:1d:f5:1a:65:e9:b5:8a:97:3d:f2:47:1a:18:
9a:f4:00:c1:2a:cf:67:f0:1b:19:8e:63:4d:a0:06:f8:a5:84:
fb:bd:18:70:6d:b7:ed:ee:d3:14:da:97:b3:f0:b2:e3:06:75:
2c:a1:cc:1d:f6:0e:61:35:5c:26:25:db:28:f2:04:e7:27:d8:
7e:e5:2b:b5:97:c4:12:25:02:6e:2f:1e:80:c0:8d:97:fe:e4:
fe:06:c9:8f:76:64:73:43:44:41:5a:a6:2d:b2:05:d1:17:d7:
9e:75:be:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/TcSjl3n8SJCa0DI3Sv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzVmMzVkMjU2Y2M0YTViODgzMTliYjdlNGJiYmEzMjll
NDkzNDEwHhcNMjUwMTAyMDc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzY1YzE4MDY2ZGMyMGM0M2U4YjBhYTFkNzU0YjVmZjI4Y2I1YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0KP4C6FluM3mXjOhR8T9vEzkZHy
7i4fRDBD78lR/EkEPkPD9F3ZmJgOF93OD7VnhjKsV/hP5+vBHILic1YJseuaDB/l
WOjkiTKUJDieuUSD8d5vP5TZTa87h3bIZm6tBK1acn0dsERSn5Vp8DrpPT13d+xr
dXy57Vmgr9GCRHYqy1wovB9eNCMqJp7tP8IrSvaAXbhvzgCV+Ih/HnQfV53+TPMK
n7IidkFQObxsCSEARHOszjHV7mJe1ZDjMBhXWU8p1EouJwUgYRHYqNeBCFvGI+lz
vpQ5+Bs+ab2ECS6/ObiIEciRAnFT10Wow9MhmH5LkAtlYKj4NjfrOXQoWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdlwYBm3CDEPosKoddUtf8oy1ooMB8GA1UdIwQY
MBaAFCx1810lbMSluIMZu35Lu6Mp5JNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhYelhTVnN4S1c0Z3htN2ZrdTdveW5razBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MGExZTUtN2QyYS00OGQ2LWE1MGUt
Zjk2ZmI0ZWE3ZTcwLzEvbDJYQmdHYmNJTVEtaXdxaDExUzFfeWpMV2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80MGExZTUtN2QyYS00OGQ2LWE1MGUtZjk2ZmI0ZWE3ZTcw
LzEvTEhYelhTVnN4S1c0Z3htN2ZrdTdveW5razBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxZ7MA0G
CSqGSIb3DQEBCwUAA4IBAQBFk8CN4j5dwgu0iX5dRifZzjAPeXpMpmAFt9wr36wN
APG/FrqCZR6NphRjlPSLFPJgTs9UYgP8+kjqMhbGs7iYMglc/uHhLUW75hFlYFjx
cvO+KuV5rGKkXhvomzdJDy5qQhzkEb51Vhi+sBpVsWPlrYVl15vs2Ybd7nZPbmUx
xXDBpka4XWMy7gZ7W41hy7I/EQi4pB31GmXptYqXPfJHGhia9ADBKs9n8BsZjmNN
oAb4pYT7vRhwbbft7tMU2pez8LLjBnUsocwd9g5hNVwmJdso8gTnJ9h+5Su1l8QS
JQJuLx6AwI2X/uT+BsmPdmRzQ0RBWqYtsgXRF9eedb4T
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:32:51 2025 by rpki-client