Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/lQnsuSPRzwbhpl5HgEOQpZDD34k.roa
File: lQnsuSPRzwbhpl5HgEOQpZDD34k.roa (raw, json)
Hash identifier: IPjYSRDjQRK4ZxgGrRlNzR9WIDEqNLvDqZwGEGyoqM0=
Subject key identifier: 95:09:EC:B9:23:D1:CF:06:E1:A6:5E:47:80:43:90:A5:90:C3:DF:89
Certificate issuer: /CN=52ecb0e85d0b7feea4a82ac9448d47c3ec0af053
Certificate serial: 01942669ECA98197F9BAB48893B6812359A6
Authority key identifier: 52:EC:B0:E8:5D:0B:7F:EE:A4:A8:2A:C9:44:8D:47:C3:EC:0A:F0:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uuyw6F0Lf-6kqCrJRI1Hw-wK8FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/lQnsuSPRzwbhpl5HgEOQpZDD34k.roa
Signing time: Thu 02 Jan 2025 09:47:43 +0000
ROA not before: Thu 02 Jan 2025 09:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60200
IP address blocks: 185.34.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:ec:a9:81:97:f9:ba:b4:88:93:b6:81:23:59:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52ecb0e85d0b7feea4a82ac9448d47c3ec0af053
Validity
Not Before: Jan 2 09:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9509ecb923d1cf06e1a65e47804390a590c3df89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8c:8e:23:a8:c2:b4:f0:d8:b9:72:bc:89:4c:
b5:93:95:4a:cd:f4:a5:44:52:75:4b:47:44:a3:6c:
7e:74:41:ad:b7:e2:e1:51:b8:e6:bd:66:d9:15:40:
ff:ad:c7:9f:e1:04:e5:f6:5b:09:a2:8e:e6:56:8e:
cb:53:cf:4f:bb:bd:43:77:bb:01:8d:d5:67:72:04:
0f:7d:1c:3b:14:21:46:71:47:8e:de:b5:a3:b1:af:
79:02:93:26:fe:c1:6b:f4:b5:7b:33:6f:10:7b:76:
4e:9e:32:d8:d8:5c:52:14:08:11:dd:06:86:10:d2:
47:62:e5:1f:86:3c:6f:48:9b:c0:7b:eb:b6:d7:0a:
bd:7a:ac:c3:35:83:d4:1e:6a:0d:51:30:71:10:45:
ad:6c:89:2c:25:ae:3d:15:d2:b6:b7:bc:2a:5e:8d:
f8:77:56:92:ce:12:de:97:53:6a:05:80:ce:aa:a1:
59:ae:2f:d8:ec:7d:0f:e4:8f:b9:1e:4c:bf:f9:11:
f0:78:c4:43:57:15:78:ba:3f:e5:06:8e:8c:31:e9:
69:f6:f6:7a:a7:4d:25:2d:80:98:61:fc:2a:b6:59:
66:4d:fe:7a:6f:17:2b:9e:62:bd:90:3a:77:38:e7:
a5:d5:0b:7a:de:1f:63:cd:5f:6c:a9:71:f7:6d:50:
10:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:09:EC:B9:23:D1:CF:06:E1:A6:5E:47:80:43:90:A5:90:C3:DF:89
X509v3 Authority Key Identifier:
keyid:52:EC:B0:E8:5D:0B:7F:EE:A4:A8:2A:C9:44:8D:47:C3:EC:0A:F0:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uuyw6F0Lf-6kqCrJRI1Hw-wK8FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/lQnsuSPRzwbhpl5HgEOQpZDD34k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/Uuyw6F0Lf-6kqCrJRI1Hw-wK8FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.172.0/22
Signature Algorithm: sha256WithRSAEncryption
20:f2:a1:a7:22:f7:91:fe:fb:40:99:c4:1a:9c:c0:03:8c:62:
ed:8c:bb:96:48:29:0c:53:41:91:8c:fc:25:ce:05:6d:b3:67:
7a:10:82:f6:1a:3a:cb:39:05:5c:64:b0:cf:99:d2:2b:f0:eb:
73:88:4e:dc:d2:4c:b5:52:0b:98:ae:1b:d7:1c:6e:3c:d4:4e:
56:33:73:ee:56:db:69:d7:bd:c9:b5:45:15:c6:14:97:9a:fd:
8b:d8:3c:23:b5:14:af:9a:e4:e4:38:e8:53:8e:ed:ec:5e:ae:
61:5a:87:26:d6:3a:fd:4b:e1:eb:ff:29:02:25:d5:93:d3:8f:
eb:cb:e5:15:aa:74:5b:37:3a:bc:cb:ae:70:21:14:be:9e:25:
bc:32:96:19:bf:2b:d3:75:fb:3a:10:fb:e6:17:72:cf:ec:ab:
dd:8b:ab:54:f0:f1:f3:e1:b0:01:5c:3b:0f:1f:d2:0d:67:73:
56:cb:24:19:33:8d:e9:9e:8d:b0:db:65:90:5b:78:22:e4:37:
b6:49:a5:89:1d:48:da:ea:68:6c:ee:c1:95:56:05:5a:e5:d7:
8c:93:53:80:41:bd:d1:47:49:d7:0f:2a:65:4e:12:08:db:7b:
ce:b4:42:3a:a5:bb:6b:e7:52:35:cb:97:06:39:56:e5:94:a0:
b9:e8:bb:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaeypgZf5urSIk7aBI1mmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZWNiMGU4NWQwYjdmZWVhNGE4MmFjOTQ0OGQ0N2MzZWMw
YWYwNTMwHhcNMjUwMTAyMDk0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA5ZWNiOTIzZDFjZjA2ZTFhNjVlNDc4MDQzOTBhNTkwYzNkZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoyOI6jCtPDYuXK8iUy1k5VKzfSl
RFJ1S0dEo2x+dEGtt+LhUbjmvWbZFUD/rcef4QTl9lsJoo7mVo7LU89Pu71Dd7sB
jdVncgQPfRw7FCFGcUeO3rWjsa95ApMm/sFr9LV7M28Qe3ZOnjLY2FxSFAgR3QaG
ENJHYuUfhjxvSJvAe+u21wq9eqzDNYPUHmoNUTBxEEWtbIksJa49FdK2t7wqXo34
d1aSzhLel1NqBYDOqqFZri/Y7H0P5I+5Hky/+RHweMRDVxV4uj/lBo6MMelp9vZ6
p00lLYCYYfwqtllmTf56bxcrnmK9kDp3OOel1Qt63h9jzV9sqXH3bVAQwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUJ7Lkj0c8G4aZeR4BDkKWQw9+JMB8GA1UdIwQY
MBaAFFLssOhdC3/upKgqyUSNR8PsCvBTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXV5dzZGMExmLTZrcUNySlJJMUh3LXdLOEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kYjNlNTYtZTgzMi00OTFkLWI1MzAt
Y2E0ZjY2YjA5MDY4LzEvbFFuc3VTUFJ6d2JocGw1SGdFT1FwWkREMzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kYjNlNTYtZTgzMi00OTFkLWI1MzAtY2E0ZjY2YjA5MDY4
LzEvVXV5dzZGMExmLTZrcUNySlJJMUh3LXdLOEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSKsMA0G
CSqGSIb3DQEBCwUAA4IBAQAg8qGnIveR/vtAmcQanMADjGLtjLuWSCkMU0GRjPwl
zgVts2d6EIL2GjrLOQVcZLDPmdIr8OtziE7c0ky1UguYrhvXHG481E5WM3PuVttp
173JtUUVxhSXmv2L2DwjtRSvmuTkOOhTju3sXq5hWocm1jr9S+Hr/ykCJdWT04/r
y+UVqnRbNzq8y65wIRS+niW8MpYZvyvTdfs6EPvmF3LP7Kvdi6tU8PHz4bABXDsP
H9INZ3NWyyQZM43pno2w22WQW3gi5De2SaWJHUja6mhs7sGVVgVa5deMk1OAQb3R
R0nXDyplThII23vOtEI6pbtr51I1y5cGOVbllKC56Ltg
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:51:55 2025 by rpki-client