Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/lKi6SoPHv8adD_f0H8JMR-0tkso.roa
File: lKi6SoPHv8adD_f0H8JMR-0tkso.roa (raw, json)
Hash identifier: IDdp81FcSfbScsI5eFdQ3u0Q5w/9MnWkbMQFbCRI7Lw=
Subject key identifier: 94:A8:BA:4A:83:C7:BF:C6:9D:0F:F7:F4:1F:C2:4C:47:ED:2D:92:CA
Certificate issuer: /CN=773110a43704d9549df7156e3a789e62285b1693
Certificate serial: 0194236A21BDEB7978132FFCED3822FC6984
Authority key identifier: 77:31:10:A4:37:04:D9:54:9D:F7:15:6E:3A:78:9E:62:28:5B:16:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzEQpDcE2VSd9xVuOnieYihbFpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/lKi6SoPHv8adD_f0H8JMR-0tkso.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59626
IP address blocks: 185.139.100.0/22 maxlen: 22
2a07:1480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:21:bd:eb:79:78:13:2f:fc:ed:38:22:fc:69:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=773110a43704d9549df7156e3a789e62285b1693
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94a8ba4a83c7bfc69d0ff7f41fc24c47ed2d92ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:15:4c:b7:06:4e:44:ab:70:9c:d4:62:9e:79:
7f:39:de:f0:39:da:d6:d2:bc:82:51:35:3f:dc:a5:
4c:fb:de:0d:75:cb:eb:93:24:f9:8e:e1:c0:21:70:
48:65:39:b2:07:c5:76:cf:f7:fc:35:c6:89:39:69:
1e:ae:ea:b5:54:56:58:dd:24:e0:4d:82:a8:64:01:
a4:70:ad:8b:11:81:8a:38:c4:38:18:3d:17:b3:a6:
42:cd:dd:9b:65:b0:f7:71:b2:89:80:21:1c:8a:49:
6a:c0:70:96:3c:38:4e:3d:ca:e6:98:c7:c9:d6:9b:
18:cd:7f:ca:17:fe:d5:a0:e4:67:56:b8:13:62:6f:
fb:75:df:40:f6:6f:24:4b:07:a2:d4:69:b6:e1:b1:
8f:c8:81:54:25:b0:f5:62:8a:8e:b0:bd:0c:39:15:
17:8c:30:79:5c:ba:ce:6b:bc:e7:0c:2a:a1:04:2b:
f2:a0:54:63:87:b1:cd:02:9e:c6:41:2e:ed:9d:e0:
05:a1:90:73:44:22:1b:8a:eb:d3:71:05:dc:0e:7a:
da:04:a3:bc:d6:d5:ab:2b:12:ba:67:ab:8d:84:1f:
3f:a9:b6:00:71:67:64:69:f0:80:cc:6a:a5:ef:e7:
7b:08:bc:20:33:cf:c6:de:3a:9f:bb:d5:11:46:56:
b3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A8:BA:4A:83:C7:BF:C6:9D:0F:F7:F4:1F:C2:4C:47:ED:2D:92:CA
X509v3 Authority Key Identifier:
keyid:77:31:10:A4:37:04:D9:54:9D:F7:15:6E:3A:78:9E:62:28:5B:16:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzEQpDcE2VSd9xVuOnieYihbFpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/lKi6SoPHv8adD_f0H8JMR-0tkso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/dzEQpDcE2VSd9xVuOnieYihbFpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.100.0/22
IPv6:
2a07:1480::/29
Signature Algorithm: sha256WithRSAEncryption
26:7f:91:d5:b3:03:b3:b6:94:e6:d7:7f:b4:91:ea:30:61:52:
92:f6:85:96:0b:32:c7:0a:95:3b:bd:51:38:3f:06:84:5c:85:
a9:e8:da:85:7f:65:87:61:5a:a1:99:f3:c7:e6:23:32:86:c0:
4c:5e:97:ca:3f:6e:29:d4:d4:0a:f0:6d:fe:a2:76:66:6e:6a:
82:7f:b7:4f:7e:ca:dd:d4:93:ad:99:51:75:02:a9:b8:36:5f:
2a:58:fa:6c:af:53:44:b9:17:e2:c4:30:5a:5d:01:d9:6e:94:
c8:a9:d1:17:bd:cc:df:b8:89:ba:b4:c4:e4:ac:51:63:2c:d6:
cd:df:d0:b4:99:6e:53:c4:c5:3d:32:bd:71:d7:31:b4:9b:22:
5e:db:89:e8:e4:4b:d6:94:74:fc:73:0e:38:f2:f3:4b:b4:b6:
ae:90:e2:8b:62:e4:8e:87:06:47:34:2f:ae:c5:28:86:fe:d6:
ba:ab:77:b2:1d:23:6a:8d:65:83:54:39:16:3a:e2:cc:75:60:
11:a0:40:a6:e1:83:7e:01:c2:00:ff:63:f6:0d:8d:1d:0c:7b:
83:7f:4d:02:69:be:46:79:fc:64:99:18:d6:00:a7:89:8e:94:
1d:b8:a2:2d:12:00:8a:8f:bd:d2:d5:49:5e:d6:77:0e:ad:2f:
e8:ed:8a:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaiG963l4Ey/87Tgi/GmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzExMGE0MzcwNGQ5NTQ5ZGY3MTU2ZTNhNzg5ZTYyMjg1
YjE2OTMwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE4YmE0YTgzYzdiZmM2OWQwZmY3ZjQxZmMyNGM0N2VkMmQ5MmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBVMtwZORKtwnNRinnl/Od7wOdrW
0ryCUTU/3KVM+94NdcvrkyT5juHAIXBIZTmyB8V2z/f8NcaJOWkeruq1VFZY3STg
TYKoZAGkcK2LEYGKOMQ4GD0Xs6ZCzd2bZbD3cbKJgCEciklqwHCWPDhOPcrmmMfJ
1psYzX/KF/7VoORnVrgTYm/7dd9A9m8kSwei1Gm24bGPyIFUJbD1YoqOsL0MORUX
jDB5XLrOa7znDCqhBCvyoFRjh7HNAp7GQS7tneAFoZBzRCIbiuvTcQXcDnraBKO8
1tWrKxK6Z6uNhB8/qbYAcWdkafCAzGql7+d7CLwgM8/G3jqfu9URRlazfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJSoukqDx7/GnQ/39B/CTEftLZLKMB8GA1UdIwQY
MBaAFHcxEKQ3BNlUnfcVbjp4nmIoWxaTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpFUXBEY0UyVlNkOXhWdU9uaWVZaWhiRnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wODA1MzAtM2Y4MS00NDc5LWI1YTAt
OWEzODE1OWI3OTRlLzEvbEtpNlNvUEh2OGFkRF9mMEg4Sk1SLTB0a3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wODA1MzAtM2Y4MS00NDc5LWI1YTAtOWEzODE1OWI3OTRl
LzEvZHpFUXBEY0UyVlNkOXhWdU9uaWVZaWhiRnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYtkMA0E
AgACMAcDBQMqBxSAMA0GCSqGSIb3DQEBCwUAA4IBAQAmf5HVswOztpTm13+0keow
YVKS9oWWCzLHCpU7vVE4PwaEXIWp6NqFf2WHYVqhmfPH5iMyhsBMXpfKP24p1NQK
8G3+onZmbmqCf7dPfsrd1JOtmVF1Aqm4Nl8qWPpsr1NEuRfixDBaXQHZbpTIqdEX
vczfuIm6tMTkrFFjLNbN39C0mW5TxMU9Mr1x1zG0myJe24no5EvWlHT8cw448vNL
tLaukOKLYuSOhwZHNC+uxSiG/ta6q3eyHSNqjWWDVDkWOuLMdWARoECm4YN+AcIA
/2P2DY0dDHuDf00Cab5GefxkmRjWAKeJjpQduKItEgCKj73S1Ule1ncOrS/o7Yo/
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:02:50 2025 by rpki-client