Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/LrkB9dXr22HFK0At5t4rrNYD7PQ.roa
File: LrkB9dXr22HFK0At5t4rrNYD7PQ.roa (raw, json)
Hash identifier: pK+9flLjEvjRYAQ3vaW216H5wdCjdNXzoh5ryOe38KA=
Subject key identifier: 2E:B9:01:F5:D5:EB:DB:61:C5:2B:40:2D:E6:DE:2B:AC:D6:03:EC:F4
Certificate issuer: /CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Certificate serial: 019427B5D894E4C94ABAA4DDA66C955CD52E
Authority key identifier: 26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/LrkB9dXr22HFK0At5t4rrNYD7PQ.roa
Signing time: Thu 02 Jan 2025 15:50:16 +0000
ROA not before: Thu 02 Jan 2025 15:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204324
IP address blocks: 185.252.40.0/24 maxlen: 24
185.252.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d8:94:e4:c9:4a:ba:a4:dd:a6:6c:95:5c:d5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Validity
Not Before: Jan 2 15:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2eb901f5d5ebdb61c52b402de6de2bacd603ecf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:76:90:fc:4e:f2:78:05:78:34:d8:19:f7:a2:
84:da:6c:03:a7:23:54:6e:ec:ab:81:ab:25:77:6e:
7a:1b:1c:0e:57:d9:e1:23:c3:63:10:a0:fb:09:2f:
da:7f:a7:25:b4:64:fd:07:66:8e:1d:18:d2:87:ce:
11:4d:ec:1e:28:89:a9:a8:68:cb:f7:f3:b6:2a:58:
9d:ae:df:aa:a2:0a:80:1e:e2:b0:5d:7a:f6:1d:47:
aa:7a:da:fd:9a:0a:64:69:1f:60:9d:a0:51:2c:e0:
46:0e:20:52:f0:06:de:d3:a8:31:2e:31:78:7e:84:
fe:98:77:48:59:06:74:2b:de:8c:a5:22:f4:bf:0d:
dd:66:90:f5:ed:25:95:97:43:2d:5d:01:82:b2:18:
c3:3d:91:e5:fa:6c:20:54:16:c5:28:43:46:9d:22:
11:c6:21:1c:a8:82:7b:0a:77:7d:ab:99:46:49:1d:
dc:27:52:1b:05:a2:8e:6d:5d:be:79:7c:dd:6d:56:
da:26:d9:85:ca:25:d5:53:92:43:8c:8a:40:e7:e3:
90:85:2f:f1:45:ad:71:4d:7d:5d:66:c2:67:59:f6:
df:a3:51:bc:75:ca:f0:03:ed:52:2c:2d:04:ff:e1:
90:13:44:6b:34:85:b7:90:3c:ed:48:ae:ef:d3:c3:
c9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B9:01:F5:D5:EB:DB:61:C5:2B:40:2D:E6:DE:2B:AC:D6:03:EC:F4
X509v3 Authority Key Identifier:
keyid:26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/LrkB9dXr22HFK0At5t4rrNYD7PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/Jm4MQOTpNw25mtJ6lymNfQVZj3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.40.0/23
Signature Algorithm: sha256WithRSAEncryption
40:80:7c:52:1e:bc:19:e4:90:b3:45:66:2c:c2:93:45:4c:97:
9e:3f:75:0a:98:7a:b1:29:2e:09:1b:52:32:77:b7:f5:30:f8:
5a:8e:d4:ec:25:ef:d4:11:c6:9d:16:60:c1:ad:cf:60:e9:17:
fc:05:d6:0f:c5:21:82:85:19:79:11:3c:cc:64:21:32:9f:e3:
a8:3a:78:c1:25:6b:88:51:59:07:ff:a5:31:de:b6:07:d1:9b:
0f:d9:9e:f8:5f:13:c4:29:ff:2a:06:87:2e:b1:78:15:a3:f7:
a7:93:b7:63:94:ac:06:06:99:db:ee:78:99:9a:fc:74:8c:6a:
05:64:d8:b9:82:dd:7d:81:8f:7b:9b:3b:fc:59:50:59:92:05:
24:62:f5:36:24:81:7f:6a:dc:f9:c0:ca:36:2d:62:3d:65:2d:
1b:e0:ff:07:6c:b6:0f:11:5a:ee:d0:79:c2:68:a0:c8:89:b9:
4f:9d:5c:6b:0d:a5:05:04:0e:7b:05:81:bd:7c:9a:f9:04:a9:
3b:11:b4:d3:a9:4b:40:c8:5f:39:66:4d:45:8e:8b:45:d4:61:
51:77:4c:27:97:0b:90:36:46:9c:7e:fd:18:06:4b:06:98:ca:
b9:a4:d7:8a:ff:28:68:ca:98:76:37:f9:9d:9b:79:03:92:ed:
85:99:ef:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntdiU5MlKuqTdpmyVXNUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NmUwYzQwZTRlOTM3MGRiOTlhZDI3YTk3Mjk4ZDdkMDU1
OThmNzMwHhcNMjUwMTAyMTU1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI5MDFmNWQ1ZWJkYjYxYzUyYjQwMmRlNmRlMmJhY2Q2MDNlY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnaQ/E7yeAV4NNgZ96KE2mwDpyNU
buyrgasld256GxwOV9nhI8NjEKD7CS/af6cltGT9B2aOHRjSh84RTeweKImpqGjL
9/O2Klidrt+qogqAHuKwXXr2HUeqetr9mgpkaR9gnaBRLOBGDiBS8Abe06gxLjF4
foT+mHdIWQZ0K96MpSL0vw3dZpD17SWVl0MtXQGCshjDPZHl+mwgVBbFKENGnSIR
xiEcqIJ7Cnd9q5lGSR3cJ1IbBaKObV2+eXzdbVbaJtmFyiXVU5JDjIpA5+OQhS/x
Ra1xTX1dZsJnWfbfo1G8dcrwA+1SLC0E/+GQE0RrNIW3kDztSK7v08PJwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC65AfXV69thxStALebeK6zWA+z0MB8GA1UdIwQY
MBaAFCZuDEDk6TcNuZrSepcpjX0FWY9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm00TVFPVHBOdzI1bXRKNmx5bU5mUVZaajNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85ZTU3YWEtODkwMS00YmQ4LTgyOTUt
OWMxYTUzNTgwZTM5LzEvTHJrQjlkWHIyMkhGSzBBdDV0NHJyTllEN1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85ZTU3YWEtODkwMS00YmQ4LTgyOTUtOWMxYTUzNTgwZTM5
LzEvSm00TVFPVHBOdzI1bXRKNmx5bU5mUVZaajNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufwoMA0G
CSqGSIb3DQEBCwUAA4IBAQBAgHxSHrwZ5JCzRWYswpNFTJeeP3UKmHqxKS4JG1Iy
d7f1MPhajtTsJe/UEcadFmDBrc9g6Rf8BdYPxSGChRl5ETzMZCEyn+OoOnjBJWuI
UVkH/6Ux3rYH0ZsP2Z74XxPEKf8qBocusXgVo/enk7djlKwGBpnb7niZmvx0jGoF
ZNi5gt19gY97mzv8WVBZkgUkYvU2JIF/atz5wMo2LWI9ZS0b4P8HbLYPEVru0HnC
aKDIiblPnVxrDaUFBA57BYG9fJr5BKk7EbTTqUtAyF85Zk1FjotF1GFRd0wnlwuQ
Nkacfv0YBksGmMq5pNeK/yhoyph2N/mdm3kDku2Fme8t
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:58:25 2025 by rpki-client