Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/LzqzV901FJ7L-pE2io0JnQT7BO4.roa
File: LzqzV901FJ7L-pE2io0JnQT7BO4.roa (raw, json)
Hash identifier: GQqWNE02zR7Pp1sxpXbJtIEQadxv84uYnIivoQsK42g=
Subject key identifier: 2F:3A:B3:57:DD:35:14:9E:CB:FA:91:36:8A:8D:09:9D:04:FB:04:EE
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 019424B3A8ADD9BD57DAAD19FC8CB4093921
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/LzqzV901FJ7L-pE2io0JnQT7BO4.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58321
IP address blocks: 91.199.22.0/24 maxlen: 24
91.228.196.0/22 maxlen: 24
91.234.146.0/24 maxlen: 24
91.237.52.0/24 maxlen: 24
91.239.66.0/23 maxlen: 24
94.152.254.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
178.250.40.0/21 maxlen: 24
185.5.96.0/22 maxlen: 24
185.25.148.0/22 maxlen: 24
185.123.160.0/22 maxlen: 24
185.123.160.0/24 maxlen: 24
185.140.120.0/22 maxlen: 24
185.180.204.0/22 maxlen: 24
185.193.112.0/22 maxlen: 24
185.201.112.0/22 maxlen: 24
185.204.216.0/22 maxlen: 24
185.208.164.0/24 maxlen: 24
185.243.52.0/22 maxlen: 24
193.17.184.0/24 maxlen: 24
193.218.152.0/22 maxlen: 24
194.169.227.0/24 maxlen: 24
195.2.254.0/23 maxlen: 24
195.78.66.0/23 maxlen: 24
195.114.0.0/23 maxlen: 24
195.242.116.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a8:ad:d9:bd:57:da:ad:19:fc:8c:b4:09:39:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f3ab357dd35149ecbfa91368a8d099d04fb04ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:08:f4:c3:7d:ef:ac:fd:6c:e1:ff:df:87:3f:
7f:75:ce:bd:6c:41:cb:0c:9d:a3:e5:54:65:8f:29:
81:da:47:62:33:af:50:22:04:98:15:dc:68:b5:a0:
b9:10:6e:f4:1e:9a:04:dd:a7:83:2a:1d:1a:89:d7:
87:63:59:d9:6f:46:5b:4b:f8:5d:46:b6:e5:fd:1f:
8d:6c:f4:1b:c3:72:37:67:5a:a8:b1:b0:bb:5d:d8:
4b:e0:4f:e8:9c:86:28:e9:24:74:01:6a:d7:11:cb:
f1:5e:20:2b:c8:17:4b:a8:a5:ab:f1:a4:38:47:aa:
e5:25:be:5d:d2:0e:f9:6e:ae:a3:29:21:8c:3f:2f:
e4:f7:2b:07:e1:f5:30:8b:83:da:00:81:9d:82:34:
70:99:dc:fc:02:8f:5d:9a:1c:c8:8d:35:15:c7:ce:
ff:f9:be:32:6d:2d:0d:71:a8:6e:19:79:e3:bf:7d:
c5:76:92:b2:08:91:bd:30:03:92:6e:4f:ec:a9:cc:
8b:a1:8c:d5:4f:63:d1:cf:e7:98:ea:e7:a6:a9:c4:
b6:0e:e1:0f:92:20:e3:0a:8d:63:53:4d:f4:28:f5:
49:5f:99:9f:53:35:23:b2:78:6a:9a:3e:45:6a:90:
6f:03:a1:af:d0:c2:f3:0c:ec:f6:d0:d7:23:a5:7d:
07:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3A:B3:57:DD:35:14:9E:CB:FA:91:36:8A:8D:09:9D:04:FB:04:EE
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/LzqzV901FJ7L-pE2io0JnQT7BO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
94.152.254.0/23
178.250.40.0/21
185.5.96.0/22
185.25.148.0/22
185.123.160.0/22
185.140.120.0/22
185.180.204.0/22
185.193.112.0/22
185.201.112.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.17.184.0/24
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:59:84:54:a1:ed:0f:0c:fa:a1:d4:bf:f4:6f:dc:89:db:fe:
35:2f:92:e7:ee:fd:18:ff:6e:f7:65:2f:a2:31:08:71:46:e6:
8c:aa:a1:51:70:38:cc:b6:b8:3b:e1:9c:c8:4f:f3:b0:a2:a3:
10:8a:c4:34:1b:b7:0b:2e:e1:b4:57:c8:1b:a5:08:a0:7f:5b:
2d:c3:b9:00:54:61:59:a8:98:71:0c:9b:1b:42:c4:16:7a:6d:
43:34:d9:03:d3:19:3f:69:a6:c5:66:d5:ab:76:cb:4b:12:f6:
04:59:17:b3:8b:1b:af:49:34:a0:93:ce:4b:82:ac:6e:4f:2f:
e4:71:d2:e3:bd:f9:1c:7a:73:c4:75:56:2d:56:57:b2:95:01:
5c:9c:6f:38:1a:35:13:a6:a8:07:c4:20:f4:93:86:cb:22:ef:
11:9f:1e:d8:e3:d3:23:ba:86:3d:d5:11:ef:c3:b5:80:9c:db:
85:52:6c:fc:e3:c8:6c:4f:3f:3e:5d:98:fd:bb:f6:df:13:a5:
e2:cf:c9:37:14:0f:49:90:3c:e9:7a:85:33:d4:74:ea:2d:99:
36:ba:36:c5:e5:c1:0a:4c:3d:b1:cf:08:c8:56:27:fd:92:86:
36:a7:68:b3:ac:23:67:51:d3:5b:92:3d:20:a3:0b:3d:49:51:
5c:f8:65:a9
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZQks6it2b1X2q0Z/Iy0CTkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNhYjM1N2RkMzUxNDllY2JmYTkxMzY4YThkMDk5ZDA0ZmIwNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wj0w33vrP1s4f/fhz9/dc69bEHL
DJ2j5VRljymB2kdiM69QIgSYFdxotaC5EG70HpoE3aeDKh0aideHY1nZb0ZbS/hd
Rrbl/R+NbPQbw3I3Z1qosbC7XdhL4E/onIYo6SR0AWrXEcvxXiAryBdLqKWr8aQ4
R6rlJb5d0g75bq6jKSGMPy/k9ysH4fUwi4PaAIGdgjRwmdz8Ao9dmhzIjTUVx87/
+b4ybS0NcahuGXnjv33FdpKyCJG9MAOSbk/sqcyLoYzVT2PRz+eY6uemqcS2DuEP
kiDjCo1jU030KPVJX5mfUzUjsnhqmj5FapBvA6Gv0MLzDOz20NcjpX0HpwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFC86s1fdNRSey/qRNoqNCZ0E+wTuMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvTHpxelY5MDFGSjdMLXBFMmlvMEpuUVQ3Qk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBABb
xxYDBAJb5MQDBABb6pIDBABb7TQDBAFb70IDBAFemP4DBAOy+igDBAK5BWADBAK5
GZQDBAK5e6ADBAK5jHgDBAK5tMwDBAK5wXADBAK5yXADBAK5zNgDBAC50KQDBAK5
8zQDBADBEbgDBALB2pgDBADCqeMDBAHDAv4DBAHDTkIDBAHDcgADBAHD8nQwDQYJ
KoZIhvcNAQELBQADggEBABpZhFSh7Q8M+qHUv/Rv3Inb/jUvkufu/Rj/bvdlL6Ix
CHFG5oyqoVFwOMy2uDvhnMhP87CioxCKxDQbtwsu4bRXyBulCKB/Wy3DuQBUYVmo
mHEMmxtCxBZ6bUM02QPTGT9ppsVm1at2y0sS9gRZF7OLG69JNKCTzkuCrG5PL+Rx
0uO9+Rx6c8R1Vi1WV7KVAVycbzgaNROmqAfEIPSThssi7xGfHtjj0yO6hj3VEe/D
tYCc24VSbPzjyGxPPz5dmP279t8TpeLPyTcUD0mQPOl6hTPUdOotmTa6NsXlwQpM
PbHPCMhWJ/2ShjanaLOsI2dR01uSPSCjCz1JUVz4Zak=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:04:07 2025 by rpki-client