Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/lVcXLet5xDC9hx49fSzHNMkhKuQ.roa
File: lVcXLet5xDC9hx49fSzHNMkhKuQ.roa (raw, json)
Hash identifier: yDDXEEZlcdjv6pPGItKtHPkxBZnpxpZ1NCia9fyNgYI=
Subject key identifier: 95:57:17:2D:EB:79:C4:30:BD:87:1E:3D:7D:2C:C7:34:C9:21:2A:E4
Certificate issuer: /CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Certificate serial: 0194266BB358B9963A08DB00B47DC217FE05
Authority key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/lVcXLet5xDC9hx49fSzHNMkhKuQ.roa
Signing time: Thu 02 Jan 2025 09:49:40 +0000
ROA not before: Thu 02 Jan 2025 09:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199274
IP address blocks: 176.103.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b3:58:b9:96:3a:08:db:00:b4:7d:c2:17:fe:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Validity
Not Before: Jan 2 09:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9557172deb79c430bd871e3d7d2cc734c9212ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:96:58:e5:ec:ac:a2:a6:51:63:8a:ec:f1:
2f:df:f1:2f:0b:60:51:60:41:98:c0:9a:ad:56:7a:
14:d1:df:42:72:c1:6d:b6:7c:6b:7f:89:6b:0a:32:
43:a0:b5:af:d0:91:b6:ad:38:16:1d:ea:5d:4b:fb:
dc:34:de:82:16:c7:81:4a:de:27:ec:18:0c:38:d8:
2c:47:ce:be:43:18:ae:33:7b:a4:e9:e9:5f:98:01:
8d:88:2c:0a:30:aa:39:12:64:64:f4:17:6b:e9:ce:
a7:14:08:e5:34:54:ed:ca:a5:36:9a:e0:22:e9:0e:
e7:aa:2c:d7:b9:ee:54:0f:76:59:3d:47:b7:13:e2:
1f:dd:ec:89:16:06:13:e7:cb:1e:4a:d8:c0:50:64:
71:86:75:44:c2:f6:60:ac:d7:47:ef:7c:aa:86:cd:
4b:f0:24:07:c3:b0:9d:37:7a:cf:e5:bb:21:23:85:
96:b6:e1:99:f8:42:60:38:a5:bd:f6:44:78:ed:9e:
7a:fc:8f:ed:ae:b7:22:1d:48:24:9e:e6:28:d3:a9:
0c:3c:94:f0:9b:fa:80:f8:c1:ff:e9:91:24:c6:ff:
c3:06:6a:1e:b1:d9:ae:fc:e2:75:16:ec:6f:dc:24:
fc:12:86:d1:d7:67:65:9d:76:c5:50:10:0a:2d:c6:
fb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:57:17:2D:EB:79:C4:30:BD:87:1E:3D:7D:2C:C7:34:C9:21:2A:E4
X509v3 Authority Key Identifier:
keyid:54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/lVcXLet5xDC9hx49fSzHNMkhKuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.132.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f0:0b:ce:8c:40:cb:0d:f5:f5:0e:a3:33:a6:e9:af:65:38:
a0:c5:4f:21:69:00:f0:16:c9:8b:b0:db:30:0f:c7:28:f5:9a:
5e:ad:bf:d0:d0:eb:15:87:19:14:a3:6d:3b:70:4c:5b:cd:41:
17:b0:3f:63:36:69:53:18:43:9d:05:ce:1b:50:8f:23:f6:22:
21:1f:6f:51:53:dd:42:f1:ee:d6:c7:89:39:db:c6:f7:8d:b5:
0f:fd:80:a7:89:da:1e:d8:37:45:32:57:a0:d9:fe:a0:ca:2e:
bb:85:2d:1d:c8:50:0f:fb:5f:53:26:d0:26:9e:30:d2:41:9c:
8a:a8:8a:dc:0e:18:4b:39:fb:24:e8:4a:6e:10:72:86:d8:5c:
fe:bb:fb:09:20:39:1a:6e:f3:0c:fc:a9:79:00:bd:45:af:7d:
f6:a0:d7:82:b3:af:aa:af:58:ab:04:f2:77:f4:37:06:95:5f:
47:b9:4f:9d:a7:d6:bd:d6:c9:c8:83:db:9d:67:51:b3:96:86:
61:ac:90:8d:26:6a:1d:cd:e5:a7:b6:f5:8b:7d:71:19:b3:a1:
82:2b:24:4f:b5:ef:0d:bb:77:32:32:12:fe:34:76:1e:6a:6b:
dd:07:55:76:41:5f:dc:bb:24:3f:4f:a5:4e:43:35:ea:93:b1:
58:b9:01:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7NYuZY6CNsAtH3CF/4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzkxZGRlMmM5YmRlYTM2NmNlN2VjNmM1YTgwMGM1ZGE2
MzM0NTQwHhcNMjUwMTAyMDk0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU3MTcyZGViNzljNDMwYmQ4NzFlM2Q3ZDJjYzczNGM5MjEyYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGKWWOXsrKKmUWOK7PEv3/EvC2BR
YEGYwJqtVnoU0d9CcsFttnxrf4lrCjJDoLWv0JG2rTgWHepdS/vcNN6CFseBSt4n
7BgMONgsR86+QxiuM3uk6elfmAGNiCwKMKo5EmRk9Bdr6c6nFAjlNFTtyqU2muAi
6Q7nqizXue5UD3ZZPUe3E+If3eyJFgYT58seStjAUGRxhnVEwvZgrNdH73yqhs1L
8CQHw7CdN3rP5bshI4WWtuGZ+EJgOKW99kR47Z56/I/trrciHUgknuYo06kMPJTw
m/qA+MH/6ZEkxv/DBmoesdmu/OJ1Fuxv3CT8EobR12dlnXbFUBAKLcb7yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVXFy3recQwvYcePX0sxzTJISrkMB8GA1UdIwQY
MBaAFFR5Hd4sm96jZs5+xsWoAMXaYzRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQt
MThiMzRiZWE5YjA2LzEvbFZjWExldDV4REM5aHg0OWZTekhOTWtoS3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQtMThiMzRiZWE5YjA2
LzEvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGeEMA0G
CSqGSIb3DQEBCwUAA4IBAQAS8AvOjEDLDfX1DqMzpumvZTigxU8haQDwFsmLsNsw
D8co9Zperb/Q0OsVhxkUo207cExbzUEXsD9jNmlTGEOdBc4bUI8j9iIhH29RU91C
8e7Wx4k528b3jbUP/YCnidoe2DdFMleg2f6gyi67hS0dyFAP+19TJtAmnjDSQZyK
qIrcDhhLOfsk6EpuEHKG2Fz+u/sJIDkabvMM/Kl5AL1Fr332oNeCs6+qr1irBPJ3
9DcGlV9HuU+dp9a91snIg9udZ1GzloZhrJCNJmodzeWntvWLfXEZs6GCKyRPte8N
u3cyMhL+NHYeamvdB1V2QV/cuyQ/T6VOQzXqk7FYuQHo
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:52:11 2025 by rpki-client