Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7514d6-59de-460e-8e2f-ffcee1533577/1/pl2IcfdvWd1nTAPO2kcXwuCa2Cs.roa
File: pl2IcfdvWd1nTAPO2kcXwuCa2Cs.roa (raw, json)
Hash identifier: 85u+tpWuF05Mbmd2ccACruWRfJ5rpPXoHevfa/3sNY4=
Subject key identifier: A6:5D:88:71:F7:6F:59:DD:67:4C:03:CE:DA:47:17:C2:E0:9A:D8:2B
Certificate issuer: /CN=2d9ae102e6cadb471a30a0c85933e0390bf2f9ca
Certificate serial: 0194228E3F90461CE24C4514F6008A6C77FF
Authority key identifier: 2D:9A:E1:02:E6:CA:DB:47:1A:30:A0:C8:59:33:E0:39:0B:F2:F9:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZrhAubK20caMKDIWTPgOQvy-co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7514d6-59de-460e-8e2f-ffcee1533577/1/pl2IcfdvWd1nTAPO2kcXwuCa2Cs.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 185.21.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3f:90:46:1c:e2:4c:45:14:f6:00:8a:6c:77:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9ae102e6cadb471a30a0c85933e0390bf2f9ca
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a65d8871f76f59dd674c03ceda4717c2e09ad82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:aa:85:21:f2:14:85:53:7e:b9:a2:33:76:cc:
77:57:da:be:4e:5a:62:28:df:77:46:af:20:c0:66:
ab:10:36:34:84:55:eb:94:68:6d:c4:56:48:e7:d3:
d6:b6:77:6c:4d:7e:3c:17:5c:4d:43:68:15:1c:12:
54:f5:1f:ec:8a:2b:16:bd:c8:80:a7:b1:dd:cc:df:
a1:46:bd:50:46:70:07:c6:e3:05:82:17:d7:33:2a:
30:1e:4d:d2:3b:9a:c2:6c:5c:3b:0c:4d:5a:94:fd:
37:7e:2a:51:8e:f7:32:f8:19:7d:70:78:19:c2:d6:
ed:66:23:f2:b7:75:e1:6f:66:b4:81:57:86:4a:20:
b6:4e:f7:63:d6:06:d7:4a:a1:98:3c:fa:48:de:05:
d2:f8:35:92:93:2b:d1:af:dd:7c:78:80:95:3f:54:
a7:b5:0e:5f:fd:e3:ff:62:cb:35:dd:e1:14:79:c1:
2a:25:61:0b:e6:97:75:97:3d:f7:ae:26:33:1f:52:
38:43:2c:69:3e:69:19:5d:63:f5:ac:1d:0f:58:e9:
ae:e8:b1:5f:7e:f1:da:01:90:5f:13:3b:46:9b:b7:
5f:08:96:a6:74:b0:af:0f:e0:c4:34:04:68:8e:5a:
9f:70:ac:62:f8:8d:2f:39:a4:49:a5:ea:cb:0e:83:
b0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5D:88:71:F7:6F:59:DD:67:4C:03:CE:DA:47:17:C2:E0:9A:D8:2B
X509v3 Authority Key Identifier:
keyid:2D:9A:E1:02:E6:CA:DB:47:1A:30:A0:C8:59:33:E0:39:0B:F2:F9:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZrhAubK20caMKDIWTPgOQvy-co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7514d6-59de-460e-8e2f-ffcee1533577/1/pl2IcfdvWd1nTAPO2kcXwuCa2Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7514d6-59de-460e-8e2f-ffcee1533577/1/LZrhAubK20caMKDIWTPgOQvy-co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:7b:bb:58:c8:b6:e2:4d:be:87:60:20:98:c9:00:40:43:bf:
9d:94:f4:92:63:2f:e0:61:ee:39:86:35:4c:3d:8c:ce:14:be:
b4:27:8b:de:e0:19:71:05:a5:11:90:f6:61:9b:b6:6b:24:c1:
a5:52:69:03:95:4e:be:3f:70:e0:1f:ca:ee:d0:06:ae:2a:61:
eb:7c:f7:d4:61:10:74:07:34:c1:35:1c:9e:cf:93:e6:32:52:
58:cf:0c:92:49:a6:98:d5:ea:1d:16:ad:7c:21:2d:a4:2a:b0:
01:0d:dd:56:7c:de:de:0b:d7:2e:d6:87:68:26:3c:7e:b0:09:
bb:df:3b:57:a3:bb:74:a8:76:6a:12:7e:19:61:eb:3c:89:a5:
93:90:11:d6:39:c8:17:86:03:b1:81:e0:c8:60:03:7b:c6:94:
1f:00:95:e1:09:72:4e:ed:72:42:1d:8e:6f:22:53:44:df:1c:
c4:b4:45:84:80:e4:e1:12:d5:c7:bd:0a:4a:d7:0e:da:fa:4c:
6d:04:c6:96:6b:4f:fe:a6:72:7c:e0:a8:de:85:89:17:f8:3c:
d4:6c:83:61:76:37:b4:63:1f:6b:6c:b6:0e:12:7e:3c:41:27:
11:5e:f7:f3:30:fa:13:ab:4c:53:c3:cf:99:60:d8:1e:a0:38:
02:83:ee:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijj+QRhziTEUU9gCKbHf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWFlMTAyZTZjYWRiNDcxYTMwYTBjODU5MzNlMDM5MGJm
MmY5Y2EwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjVkODg3MWY3NmY1OWRkNjc0YzAzY2VkYTQ3MTdjMmUwOWFkODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6qFIfIUhVN+uaIzdsx3V9q+Tlpi
KN93Rq8gwGarEDY0hFXrlGhtxFZI59PWtndsTX48F1xNQ2gVHBJU9R/siisWvciA
p7HdzN+hRr1QRnAHxuMFghfXMyowHk3SO5rCbFw7DE1alP03fipRjvcy+Bl9cHgZ
wtbtZiPyt3Xhb2a0gVeGSiC2Tvdj1gbXSqGYPPpI3gXS+DWSkyvRr918eICVP1Sn
tQ5f/eP/Yss13eEUecEqJWEL5pd1lz33riYzH1I4QyxpPmkZXWP1rB0PWOmu6LFf
fvHaAZBfEztGm7dfCJamdLCvD+DENARojlqfcKxi+I0vOaRJperLDoOwVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZdiHH3b1ndZ0wDztpHF8LgmtgrMB8GA1UdIwQY
MBaAFC2a4QLmyttHGjCgyFkz4DkL8vnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpyaEF1YksyMGNhTUtESVdUUGdPUXZ5LWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83NTE0ZDYtNTlkZS00NjBlLThlMmYt
ZmZjZWUxNTMzNTc3LzEvcGwySWNmZHZXZDFuVEFQTzJrY1h3dUNhMkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83NTE0ZDYtNTlkZS00NjBlLThlMmYtZmZjZWUxNTMzNTc3
LzEvTFpyaEF1YksyMGNhTUtESVdUUGdPUXZ5LWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRVIMA0G
CSqGSIb3DQEBCwUAA4IBAQAMe7tYyLbiTb6HYCCYyQBAQ7+dlPSSYy/gYe45hjVM
PYzOFL60J4ve4BlxBaURkPZhm7ZrJMGlUmkDlU6+P3DgH8ru0AauKmHrfPfUYRB0
BzTBNRyez5PmMlJYzwySSaaY1eodFq18IS2kKrABDd1WfN7eC9cu1odoJjx+sAm7
3ztXo7t0qHZqEn4ZYes8iaWTkBHWOcgXhgOxgeDIYAN7xpQfAJXhCXJO7XJCHY5v
IlNE3xzEtEWEgOThEtXHvQpK1w7a+kxtBMaWa0/+pnJ84KjehYkX+DzUbINhdje0
Yx9rbLYOEn48QScRXvfzMPoTq0xTw8+ZYNgeoDgCg+50
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:49:50 2025 by rpki-client