Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/lUuN68-IxOYTjJomy5kGo9veb00.roa
File: lUuN68-IxOYTjJomy5kGo9veb00.roa (raw, json)
Hash identifier: IB0rOxo9mML04bmfaPFamlA+rNBljWr4GfuyYt2d/RU=
Subject key identifier: 95:4B:8D:EB:CF:88:C4:E6:13:8C:9A:26:CB:99:06:A3:DB:DE:6F:4D
Certificate issuer: /CN=e9052499b0003ea0eeaea2426338c34e0bf8fdcf
Certificate serial: 01941FFA782D108906828C9E217C4BE1BF10
Authority key identifier: E9:05:24:99:B0:00:3E:A0:EE:AE:A2:42:63:38:C3:4E:0B:F8:FD:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QUkmbAAPqDurqJCYzjDTgv4_c8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/lUuN68-IxOYTjJomy5kGo9veb00.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201608
IP address blocks: 185.69.68.0/23 maxlen: 23
193.108.25.0/24 maxlen: 24
193.108.26.0/24 maxlen: 24
2a0f:8bc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:78:2d:10:89:06:82:8c:9e:21:7c:4b:e1:bf:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9052499b0003ea0eeaea2426338c34e0bf8fdcf
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=954b8debcf88c4e6138c9a26cb9906a3dbde6f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1e:87:ad:d8:b8:81:c4:a4:cb:4c:ab:5b:ca:
69:24:3c:63:93:1c:17:18:18:54:1c:a6:39:87:7a:
25:6f:c4:c7:46:94:b7:f3:2b:66:27:dd:70:ad:58:
dd:9f:9a:cc:ee:f0:91:11:06:98:74:14:44:2b:e4:
39:67:e5:10:66:bb:7c:c2:6e:c8:9e:b8:2f:ec:c8:
e2:20:0e:77:a9:03:a4:88:47:cb:75:ac:35:0d:3a:
a2:cb:3c:32:ba:02:77:01:e1:d4:36:a6:53:6e:ba:
e2:02:3c:89:a4:73:a4:b8:f1:b5:67:38:ed:16:42:
81:08:26:d1:8b:f7:a8:fd:1f:7f:a2:5a:8a:a5:56:
2b:95:0d:0c:dc:3b:c1:94:c3:68:92:61:b8:bc:0b:
56:b1:c3:2c:3e:29:92:07:46:49:a5:e2:e4:ad:69:
d6:87:6e:68:01:33:a0:7a:88:9d:42:5f:b5:fb:6a:
60:57:da:d3:9d:1a:d7:06:a3:90:ba:9e:8b:04:fe:
1f:73:c2:cc:0c:37:60:52:5b:3e:cd:ff:f6:ee:49:
05:15:24:70:58:89:4a:4d:f2:a4:7f:dc:85:1e:08:
5d:af:49:9d:b8:f8:e6:c9:7b:0f:28:eb:6b:57:55:
6e:fc:d9:35:ac:12:62:68:4b:9e:b5:2c:e5:07:0e:
18:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4B:8D:EB:CF:88:C4:E6:13:8C:9A:26:CB:99:06:A3:DB:DE:6F:4D
X509v3 Authority Key Identifier:
keyid:E9:05:24:99:B0:00:3E:A0:EE:AE:A2:42:63:38:C3:4E:0B:F8:FD:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QUkmbAAPqDurqJCYzjDTgv4_c8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/lUuN68-IxOYTjJomy5kGo9veb00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/6QUkmbAAPqDurqJCYzjDTgv4_c8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.68.0/23
193.108.25.0-193.108.26.255
IPv6:
2a0f:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
73:4a:d7:7e:d1:55:8d:5a:05:75:70:ea:83:a6:ed:e9:26:75:
2d:e6:d1:4c:dc:83:91:11:e1:b6:ac:dc:da:91:36:08:61:5e:
25:d9:9a:79:43:58:00:f8:5f:b4:87:a8:66:0b:68:bb:19:4b:
ed:3f:6b:03:24:af:b4:c0:8a:be:ff:40:d0:45:9c:d2:52:55:
23:76:46:89:ef:04:0c:9d:9b:d3:ce:9f:e0:f0:4e:7f:de:9f:
a7:6f:52:fb:84:8f:80:d2:cc:3c:70:6f:bc:85:94:14:25:ec:
85:4c:59:5e:d9:80:23:76:31:86:60:11:f7:e0:36:53:44:d5:
3e:70:fa:0c:07:c0:23:ff:62:59:5a:23:8d:cc:27:a3:1f:e5:
24:55:72:ec:79:74:81:22:e5:c6:52:29:2a:fe:e7:7d:0a:10:
aa:20:f4:11:3a:2e:18:e0:5a:5e:4b:79:1f:c7:32:a9:79:bd:
97:3f:ce:d1:ab:49:e3:09:95:9d:44:43:71:e0:b5:54:5d:a5:
c6:80:b2:69:dd:b2:0b:f5:fd:6e:ce:99:b7:18:13:30:3d:a8:
a3:17:98:29:cc:6c:51:8c:ff:94:a9:d8:dd:95:f6:d8:3a:47:
3b:e4:a8:c8:c6:cd:cc:63:51:33:e8:47:bd:b8:3f:ad:a1:fd:
2c:22:23:a5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQf+ngtEIkGgoyeIXxL4b8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDUyNDk5YjAwMDNlYTBlZWFlYTI0MjYzMzhjMzRlMGJm
OGZkY2YwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRiOGRlYmNmODhjNGU2MTM4YzlhMjZjYjk5MDZhM2RiZGU2ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4R6Hrdi4gcSky0yrW8ppJDxjkxwX
GBhUHKY5h3olb8THRpS38ytmJ91wrVjdn5rM7vCREQaYdBREK+Q5Z+UQZrt8wm7I
nrgv7MjiIA53qQOkiEfLdaw1DTqiyzwyugJ3AeHUNqZTbrriAjyJpHOkuPG1Zzjt
FkKBCCbRi/eo/R9/olqKpVYrlQ0M3DvBlMNokmG4vAtWscMsPimSB0ZJpeLkrWnW
h25oATOgeoidQl+1+2pgV9rTnRrXBqOQup6LBP4fc8LMDDdgUls+zf/27kkFFSRw
WIlKTfKkf9yFHghdr0mduPjmyXsPKOtrV1Vu/Nk1rBJiaEuetSzlBw4YRQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJVLjevPiMTmE4yaJsuZBqPb3m9NMB8GA1UdIwQY
MBaAFOkFJJmwAD6g7q6iQmM4w04L+P3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFVa21iQUFQcUR1cnFKQ1l6akRUZ3Y0X2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83ODdhOTYtZmIwZC00MzJhLTg0Mjgt
NzEwZWY0NzczMmIwLzEvbFV1TjY4LUl4T1lUakpvbXk1a0dvOXZlYjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83ODdhOTYtZmIwZC00MzJhLTg0MjgtNzEwZWY0NzczMmIw
LzEvNlFVa21iQUFQcUR1cnFKQ1l6akRUZ3Y0X2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBuUVEMAwD
BADBbBkDBADBbBowDQQCAAIwBwMFACoPi8AwDQYJKoZIhvcNAQELBQADggEBAHNK
137RVY1aBXVw6oOm7ekmdS3m0Uzcg5ER4bas3NqRNghhXiXZmnlDWAD4X7SHqGYL
aLsZS+0/awMkr7TAir7/QNBFnNJSVSN2RonvBAydm9POn+DwTn/en6dvUvuEj4DS
zDxwb7yFlBQl7IVMWV7ZgCN2MYZgEffgNlNE1T5w+gwHwCP/YllaI43MJ6Mf5SRV
cux5dIEi5cZSKSr+530KEKog9BE6LhjgWl5LeR/HMql5vZc/ztGrSeMJlZ1EQ3Hg
tVRdpcaAsmndsgv1/W7OmbcYEzA9qKMXmCnMbFGM/5Sp2N2V9tg6RzvkqMjGzcxj
UTPoR724P62h/SwiI6U=
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:18:43 2025 by rpki-client