Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/300839-192e-4ea9-99f2-18fd856a58b7/1/LiDek8ukAeDalnCmjHOSOx8ybkY.roa
File: LiDek8ukAeDalnCmjHOSOx8ybkY.roa (raw, json)
Hash identifier: XaMtoZ+RB8cq+ljNgiN30o7Aneys4CKgmujbsMdFNUA=
Subject key identifier: 2E:20:DE:93:CB:A4:01:E0:DA:96:70:A6:8C:73:92:3B:1F:32:6E:46
Certificate issuer: /CN=fa129ccbb8c241a9c9b1ff20730a264956b50294
Certificate serial: 019422FC2A221A271AB5EDB31446CB714288
Authority key identifier: FA:12:9C:CB:B8:C2:41:A9:C9:B1:FF:20:73:0A:26:49:56:B5:02:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hKcy7jCQanJsf8gcwomSVa1ApQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/300839-192e-4ea9-99f2-18fd856a58b7/1/LiDek8ukAeDalnCmjHOSOx8ybkY.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57951
IP address blocks: 37.188.88.0/21 maxlen: 21
2a00:c340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2a:22:1a:27:1a:b5:ed:b3:14:46:cb:71:42:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa129ccbb8c241a9c9b1ff20730a264956b50294
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e20de93cba401e0da9670a68c73923b1f326e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:43:a2:b4:49:77:e3:5d:08:2d:f0:da:88:ab:
44:bf:d7:0e:ff:ee:a3:f6:53:60:4e:f3:1b:28:03:
5e:b8:3b:84:32:5d:af:28:ec:72:82:1d:1f:c4:cd:
e5:fd:b4:9e:af:45:e7:6a:b2:9a:07:da:2a:99:b8:
e0:a9:c8:b0:aa:88:3c:40:a7:4c:03:cc:96:f7:6b:
5b:49:eb:52:5d:d3:a8:1a:a8:d5:65:cb:86:2f:4c:
09:c4:59:4b:94:09:77:f2:f4:db:31:5a:ef:0c:2b:
03:de:f5:91:8d:fa:83:5e:e2:e1:c6:5e:3c:50:9b:
ee:72:8c:8d:71:f3:a4:df:e5:e5:da:dd:ef:c0:57:
75:fb:28:38:15:ef:30:19:2d:10:05:52:44:72:eb:
41:8e:e4:d8:23:09:79:d5:5e:f7:61:7d:f4:3d:6a:
36:1c:44:e1:e2:52:c6:36:96:e6:bc:ae:b3:95:d8:
86:c3:e7:72:e6:a9:15:d8:fe:b9:5a:8d:bf:af:5c:
1e:2b:a4:30:50:67:32:ac:23:6a:aa:05:0a:05:c9:
62:7b:a2:66:b7:ff:e3:b9:44:5f:39:6c:ad:75:41:
3e:c5:22:c1:e1:25:6f:d6:e8:cb:51:c0:59:1e:5e:
60:77:35:89:dc:44:bb:0c:7c:e4:f5:d3:5e:21:7a:
17:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:20:DE:93:CB:A4:01:E0:DA:96:70:A6:8C:73:92:3B:1F:32:6E:46
X509v3 Authority Key Identifier:
keyid:FA:12:9C:CB:B8:C2:41:A9:C9:B1:FF:20:73:0A:26:49:56:B5:02:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hKcy7jCQanJsf8gcwomSVa1ApQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/300839-192e-4ea9-99f2-18fd856a58b7/1/LiDek8ukAeDalnCmjHOSOx8ybkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/300839-192e-4ea9-99f2-18fd856a58b7/1/1-hKcy7jCQanJsf8gcwomSVa1ApQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.88.0/21
IPv6:
2a00:c340::/32
Signature Algorithm: sha256WithRSAEncryption
ba:0c:cd:9e:d3:ef:61:9a:82:92:10:50:35:9e:7a:b1:ff:48:
9a:5e:7f:db:11:bb:3b:f9:8f:b5:e9:c7:ca:03:76:17:6f:39:
6b:75:52:da:0d:71:6c:82:7d:3a:0c:91:df:14:47:a3:db:62:
19:84:e6:2c:88:db:0a:cf:16:28:34:d6:e2:a6:1d:b1:82:7f:
79:e9:88:84:52:03:01:ff:5e:92:32:cc:12:0a:aa:77:c0:59:
91:f9:f4:7b:1d:2c:3e:b5:8b:e4:49:73:50:5d:0b:48:da:a2:
90:40:22:36:57:76:14:2b:00:e0:c6:8b:66:6e:fe:bc:aa:5b:
d6:f7:76:d7:a1:db:1c:9e:10:e9:5a:29:a2:5c:dc:3e:35:4d:
33:d7:0f:8b:a1:33:19:45:aa:f9:ce:76:c2:ab:6d:37:2f:b9:
c9:6e:1f:f3:82:68:57:6b:41:38:19:52:1c:4c:a2:1a:88:a4:
3a:2f:8a:2b:74:42:00:8f:dc:a4:6d:d6:4e:75:8b:2c:82:fb:
75:bd:cb:a7:bc:96:45:ca:eb:50:ef:e5:91:18:18:57:b7:f2:
24:6a:49:ee:9b:d3:dd:46:d5:59:d9:71:74:11:57:2d:1d:bf:
2b:96:33:d8:42:6e:7f:06:62:5f:42:77:8c:9d:4e:65:49:cf:
ad:34:84:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi/CoiGicate2zFEbLcUKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMTI5Y2NiYjhjMjQxYTljOWIxZmYyMDczMGEyNjQ5NTZi
NTAyOTQwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTIwZGU5M2NiYTQwMWUwZGE5NjcwYTY4YzczOTIzYjFmMzI2ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UOitEl3410ILfDaiKtEv9cO/+6j
9lNgTvMbKANeuDuEMl2vKOxygh0fxM3l/bSer0XnarKaB9oqmbjgqciwqog8QKdM
A8yW92tbSetSXdOoGqjVZcuGL0wJxFlLlAl38vTbMVrvDCsD3vWRjfqDXuLhxl48
UJvucoyNcfOk3+Xl2t3vwFd1+yg4Fe8wGS0QBVJEcutBjuTYIwl51V73YX30PWo2
HETh4lLGNpbmvK6zldiGw+dy5qkV2P65Wo2/r1weK6QwUGcyrCNqqgUKBclie6Jm
t//juURfOWytdUE+xSLB4SVv1ujLUcBZHl5gdzWJ3ES7DHzk9dNeIXoXcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC4g3pPLpAHg2pZwpoxzkjsfMm5GMB8GA1UdIwQY
MBaAFPoSnMu4wkGpybH/IHMKJklWtQKUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oS2N5N2pDUWFuSnNmOGdjd29tU1ZhMUFwUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvMzAwODM5LTE5MmUtNGVhOS05OWYy
LTE4ZmQ4NTZhNThiNy8xL0xpRGVrOHVrQWVEYWxuQ21qSE9TT3g4eWJrWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGMvMzAwODM5LTE5MmUtNGVhOS05OWYyLTE4ZmQ4NTZhNThi
Ny8xLzEtaEtjeTdqQ1FhbkpzZjhnY3dvbVNWYTFBcFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAMlvFgw
DQQCAAIwBwMFACoAw0AwDQYJKoZIhvcNAQELBQADggEBALoMzZ7T72GagpIQUDWe
erH/SJpef9sRuzv5j7Xpx8oDdhdvOWt1UtoNcWyCfToMkd8UR6PbYhmE5iyI2wrP
Fig01uKmHbGCf3npiIRSAwH/XpIyzBIKqnfAWZH59HsdLD61i+RJc1BdC0jaopBA
IjZXdhQrAODGi2Zu/ryqW9b3dteh2xyeEOlaKaJc3D41TTPXD4uhMxlFqvnOdsKr
bTcvucluH/OCaFdrQTgZUhxMohqIpDoviit0QgCP3KRt1k51iyyC+3W9y6e8lkXK
61Dv5ZEYGFe38iRqSe6b091G1VnZcXQRVy0dvyuWM9hCbn8GYl9Cd4ydTmVJz600
hMw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:47:29 2025 by rpki-client