Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Lzc2jiKshO5DRxqI6YjbX9e6Zcg.roa
File: Lzc2jiKshO5DRxqI6YjbX9e6Zcg.roa (raw, json)
Hash identifier: jnubbwaUdh1rZ5iQtJTEwlNmn0VmSJThcyw7tpnDotI=
Subject key identifier: 2F:37:36:8E:22:AC:84:EE:43:47:1A:88:E9:88:DB:5F:D7:BA:65:C8
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747FA0CD2F4B3AB999087D9E6EF6D01
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Lzc2jiKshO5DRxqI6YjbX9e6Zcg.roa
Signing time: Thu 02 Jan 2025 13:50:16 +0000
ROA not before: Thu 02 Jan 2025 13:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199301
IP address blocks: 213.91.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:fa:0c:d2:f4:b3:ab:99:90:87:d9:e6:ef:6d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f37368e22ac84ee43471a88e988db5fd7ba65c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:26:01:21:b0:92:cc:df:00:f4:57:17:58:ec:
a2:45:03:90:42:ab:f5:32:0f:af:99:1a:b3:16:1b:
dc:b3:a3:ed:15:79:30:c5:5c:ed:f2:f5:45:4f:4c:
41:9d:6c:62:01:a7:ff:44:0f:ce:a1:32:b1:06:4c:
85:64:3f:fe:62:71:7f:19:32:7b:71:4a:eb:7b:89:
f2:84:66:0d:14:45:07:ec:15:56:84:24:56:51:bf:
dc:28:b8:28:d9:5a:e1:18:90:3b:ba:07:d5:d3:1c:
a6:e1:bf:ca:f6:05:20:b4:c2:c9:f7:f7:7d:7c:7e:
70:ba:ae:35:04:d7:a4:15:fa:f4:10:ea:02:dd:3f:
03:ac:2a:ff:79:4b:e5:8f:98:86:7f:0a:cc:94:8e:
8e:2c:f9:8b:60:b0:d6:47:c1:11:7f:83:1b:65:73:
88:51:73:c6:9d:01:55:81:c5:3f:2a:31:f0:85:f8:
b5:2d:ff:5c:16:d3:2e:be:f9:b9:ad:0e:a3:a4:fb:
5a:f1:81:29:b0:e2:f9:96:f5:df:09:92:6a:c7:6e:
08:f8:d5:66:b5:5e:69:c7:f3:28:c2:e4:e5:23:4d:
a0:8c:f6:bd:55:73:07:92:95:ec:85:28:da:3f:a4:
f0:c9:c0:33:6a:09:7e:3e:88:6a:91:ac:84:37:7d:
84:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:37:36:8E:22:AC:84:EE:43:47:1A:88:E9:88:DB:5F:D7:BA:65:C8
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Lzc2jiKshO5DRxqI6YjbX9e6Zcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.91.188.0/24
Signature Algorithm: sha256WithRSAEncryption
31:74:6a:d5:2c:ae:c6:33:4a:f6:2f:75:29:df:18:6b:06:50:
ce:a2:09:e3:28:2f:a5:02:6f:79:9a:5f:8a:33:22:40:56:27:
e9:94:9a:d6:ce:0d:51:3d:c7:2e:45:63:7f:d5:e4:79:c0:e3:
fa:a9:24:a6:45:3d:ab:13:97:06:37:74:e5:19:af:bb:ca:fc:
42:0a:e2:82:ff:61:57:a6:4d:1a:98:66:a7:06:9b:82:47:76:
08:f8:ae:7c:ce:8f:22:68:9c:55:05:3f:cd:e7:50:3f:bb:64:
66:a6:aa:4e:ce:c1:4d:85:97:2a:f7:6a:90:36:e9:a0:f0:12:
f9:a6:d3:ff:db:6c:61:02:d9:0c:84:a6:37:5b:61:cb:fb:21:
71:cb:27:43:94:0f:ec:e4:df:cc:68:3f:04:39:88:12:87:1e:
3b:7b:37:04:84:73:85:d9:71:fa:19:53:0a:58:d2:e8:66:cf:
02:59:6e:f0:de:3b:31:c7:e7:6f:c9:ea:dc:98:69:8a:dc:a9:
a8:93:ff:84:37:57:31:34:66:d1:43:68:c8:25:55:e5:13:7f:
8d:4b:a3:a2:e0:61:fe:dd:a2:98:28:fb:df:f8:10:0a:af:f8:
71:94:51:8f:96:29:ed:34:ec:c7:ae:ea:92:6a:63:2a:66:1e:
bf:43:67:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/oM0vSzq5mQh9nm720BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjM3MzY4ZTIyYWM4NGVlNDM0NzFhODhlOTg4ZGI1ZmQ3YmE2NWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yYBIbCSzN8A9FcXWOyiRQOQQqv1
Mg+vmRqzFhvcs6PtFXkwxVzt8vVFT0xBnWxiAaf/RA/OoTKxBkyFZD/+YnF/GTJ7
cUrre4nyhGYNFEUH7BVWhCRWUb/cKLgo2VrhGJA7ugfV0xym4b/K9gUgtMLJ9/d9
fH5wuq41BNekFfr0EOoC3T8DrCr/eUvlj5iGfwrMlI6OLPmLYLDWR8ERf4MbZXOI
UXPGnQFVgcU/KjHwhfi1Lf9cFtMuvvm5rQ6jpPta8YEpsOL5lvXfCZJqx24I+NVm
tV5px/MowuTlI02gjPa9VXMHkpXshSjaP6TwycAzagl+PohqkayEN32EhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC83No4irITuQ0caiOmI21/XumXIMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvTHpjMmppS3NoTzVEUnhxSTZZamJYOWU2WmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Vu8MA0G
CSqGSIb3DQEBCwUAA4IBAQAxdGrVLK7GM0r2L3Up3xhrBlDOognjKC+lAm95ml+K
MyJAVifplJrWzg1RPccuRWN/1eR5wOP6qSSmRT2rE5cGN3TlGa+7yvxCCuKC/2FX
pk0amGanBpuCR3YI+K58zo8iaJxVBT/N51A/u2RmpqpOzsFNhZcq92qQNumg8BL5
ptP/22xhAtkMhKY3W2HL+yFxyydDlA/s5N/MaD8EOYgShx47ezcEhHOF2XH6GVMK
WNLoZs8CWW7w3jsxx+dvyercmGmK3Kmok/+EN1cxNGbRQ2jIJVXlE3+NS6Oi4GH+
3aKYKPvf+BAKr/hxlFGPlintNOzHruqSamMqZh6/Q2d1
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:49:42 2025 by rpki-client