Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/b1a1f8-6a5d-4a16-9f4b-c563f734ab74/1/lkL5vhYsimFlGwIzKJdrtVwcZdU.roa
File: lkL5vhYsimFlGwIzKJdrtVwcZdU.roa (raw, json)
Hash identifier: 2H7/6waax/BGz3Tq1LVCIZcHdShd+I6qEgMYBcT4Hpw=
Subject key identifier: 96:42:F9:BE:16:2C:8A:61:65:1B:02:33:28:97:6B:B5:5C:1C:65:D5
Certificate issuer: /CN=67e30c179cd42a8641583234501b18eff2515549
Certificate serial: 0194266AEF3CD569BFC892C67AF7FCA70B09
Authority key identifier: 67:E3:0C:17:9C:D4:2A:86:41:58:32:34:50:1B:18:EF:F2:51:55:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-MMF5zUKoZBWDI0UBsY7_JRVUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/b1a1f8-6a5d-4a16-9f4b-c563f734ab74/1/lkL5vhYsimFlGwIzKJdrtVwcZdU.roa
Signing time: Thu 02 Jan 2025 09:48:49 +0000
ROA not before: Thu 02 Jan 2025 09:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 194.147.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:ef:3c:d5:69:bf:c8:92:c6:7a:f7:fc:a7:0b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e30c179cd42a8641583234501b18eff2515549
Validity
Not Before: Jan 2 09:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9642f9be162c8a61651b023328976bb55c1c65d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:4e:67:71:3d:fc:50:cd:7e:d4:67:b6:64:
24:44:d0:f6:c2:f0:4e:fc:d5:57:c4:cd:b2:36:91:
e3:41:37:a0:5f:48:71:d2:11:ff:3a:a1:42:49:97:
a0:c7:7f:8d:b2:6c:4e:5d:f0:e5:f8:2e:b5:63:c7:
3c:d5:0d:fa:c6:de:f5:f2:63:e6:ca:1b:86:50:df:
b9:38:29:9e:83:90:61:32:88:b4:41:25:fa:86:ca:
67:f2:e9:6a:15:7d:f9:f6:56:e8:f1:05:42:04:02:
d0:3c:93:59:cc:51:a9:fe:17:0f:9f:d4:49:1d:69:
dc:0b:9f:da:7b:ea:f9:18:3c:7b:fc:da:92:e4:1c:
80:b1:63:0d:89:fa:4c:8f:b9:61:ed:90:c1:6d:ad:
e7:72:3a:d4:74:57:58:ef:bb:08:86:58:86:6c:f2:
8a:1a:d7:94:8e:f6:85:0b:d5:27:33:6b:7d:62:b0:
8d:81:b6:44:6c:8a:2b:82:a4:c9:db:a8:d3:74:9e:
6f:64:a6:3e:f5:bc:15:e8:73:00:fb:19:69:13:03:
45:2b:25:45:a3:ba:89:93:2f:2e:44:4c:23:bb:b3:
dd:44:75:04:61:68:f0:e8:a7:05:98:33:60:0c:fa:
4d:fc:86:c2:a4:d1:7f:0a:bf:ea:e3:83:80:00:2e:
dd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:42:F9:BE:16:2C:8A:61:65:1B:02:33:28:97:6B:B5:5C:1C:65:D5
X509v3 Authority Key Identifier:
keyid:67:E3:0C:17:9C:D4:2A:86:41:58:32:34:50:1B:18:EF:F2:51:55:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-MMF5zUKoZBWDI0UBsY7_JRVUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b1a1f8-6a5d-4a16-9f4b-c563f734ab74/1/lkL5vhYsimFlGwIzKJdrtVwcZdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b1a1f8-6a5d-4a16-9f4b-c563f734ab74/1/Z-MMF5zUKoZBWDI0UBsY7_JRVUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.173.0/24
Signature Algorithm: sha256WithRSAEncryption
46:20:01:c6:28:89:e2:ac:29:f9:10:43:ca:cb:f7:51:3c:54:
82:45:e6:4c:3d:35:29:7c:d7:e2:a2:fa:12:82:66:17:43:d0:
b2:f4:b5:59:c6:2a:3d:e2:9b:b9:8a:d3:c7:8e:34:f7:90:0d:
ed:15:0e:c6:5e:d6:8f:02:a7:24:be:1e:8b:02:c6:aa:fd:0f:
31:63:17:f6:ab:2c:f5:1d:78:db:9d:f5:ea:26:ba:af:4e:20:
1b:a5:77:bf:4c:01:2a:62:59:fa:85:76:f7:2b:66:01:b1:8b:
fd:03:09:62:98:ef:30:6b:86:16:9d:92:07:3c:9d:c0:68:1a:
0e:55:69:f5:59:5a:71:51:8d:1f:d5:c2:4d:94:08:1d:51:0c:
18:63:df:64:03:be:cd:f2:fa:49:84:fb:98:f1:dd:e7:1f:53:
d6:29:5e:ec:82:77:fe:3c:80:d8:93:db:3f:2c:1d:b0:79:be:
a5:b9:27:67:5e:cb:03:cf:c0:60:ed:f6:5b:92:b7:12:08:f9:
47:1e:6f:49:61:0a:9a:43:a6:79:a4:84:3a:f5:4b:2f:d1:19:
4c:4f:79:d2:d9:fd:82:9b:a8:c5:de:db:fd:c6:35:f6:dd:1c:
32:0f:df:7b:5e:4c:78:01:4d:8f:6c:b0:64:b0:a7:9e:58:e9:
47:60:70:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmau881Wm/yJLGevf8pwsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTMwYzE3OWNkNDJhODY0MTU4MzIzNDUwMWIxOGVmZjI1
MTU1NDkwHhcNMjUwMTAyMDk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQyZjliZTE2MmM4YTYxNjUxYjAyMzMyODk3NmJiNTVjMWM2NWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcNOZ3E9/FDNftRntmQkRND2wvBO
/NVXxM2yNpHjQTegX0hx0hH/OqFCSZegx3+NsmxOXfDl+C61Y8c81Q36xt718mPm
yhuGUN+5OCmeg5BhMoi0QSX6hspn8ulqFX359lbo8QVCBALQPJNZzFGp/hcPn9RJ
HWncC5/ae+r5GDx7/NqS5ByAsWMNifpMj7lh7ZDBba3ncjrUdFdY77sIhliGbPKK
GteUjvaFC9UnM2t9YrCNgbZEbIorgqTJ26jTdJ5vZKY+9bwV6HMA+xlpEwNFKyVF
o7qJky8uREwju7PdRHUEYWjw6KcFmDNgDPpN/IbCpNF/Cr/q44OAAC7djwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZC+b4WLIphZRsCMyiXa7VcHGXVMB8GA1UdIwQY
MBaAFGfjDBec1CqGQVgyNFAbGO/yUVVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1NTUY1elVLb1pCV0RJMFVCc1k3X0pSVlVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9iMWExZjgtNmE1ZC00YTE2LTlmNGIt
YzU2M2Y3MzRhYjc0LzEvbGtMNXZoWXNpbUZsR3dJektKZHJ0VndjWmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9iMWExZjgtNmE1ZC00YTE2LTlmNGItYzU2M2Y3MzRhYjc0
LzEvWi1NTUY1elVLb1pCV0RJMFVCc1k3X0pSVlVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpOtMA0G
CSqGSIb3DQEBCwUAA4IBAQBGIAHGKInirCn5EEPKy/dRPFSCReZMPTUpfNfiovoS
gmYXQ9Cy9LVZxio94pu5itPHjjT3kA3tFQ7GXtaPAqckvh6LAsaq/Q8xYxf2qyz1
HXjbnfXqJrqvTiAbpXe/TAEqYln6hXb3K2YBsYv9AwlimO8wa4YWnZIHPJ3AaBoO
VWn1WVpxUY0f1cJNlAgdUQwYY99kA77N8vpJhPuY8d3nH1PWKV7sgnf+PIDYk9s/
LB2web6luSdnXssDz8Bg7fZbkrcSCPlHHm9JYQqaQ6Z5pIQ69Usv0RlMT3nS2f2C
m6jF3tv9xjX23RwyD997Xkx4AU2PbLBksKeeWOlHYHAN
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:36:25 2025 by rpki-client