Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/lBmif3cec10f96f5KVrFOMIaqw8.roa
File: lBmif3cec10f96f5KVrFOMIaqw8.roa (raw, json)
Hash identifier: CNoA9Jb73fZBHtmfFBZ+xq7RmTBmWpp0zyBq79wifVc=
Subject key identifier: 94:19:A2:7F:77:1E:73:5D:1F:F7:A7:F9:29:5A:C5:38:C2:1A:AB:0F
Certificate issuer: /CN=2c61264467b1a7fef1c51867779e5ad616b619cf
Certificate serial: 019427481B9B0C59C383F64BC7372DFC33D0
Authority key identifier: 2C:61:26:44:67:B1:A7:FE:F1:C5:18:67:77:9E:5A:D6:16:B6:19:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/lBmif3cec10f96f5KVrFOMIaqw8.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201006
IP address blocks: 2.58.220.0/22 maxlen: 22
185.89.52.0/22 maxlen: 22
2a05:ce40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1b:9b:0c:59:c3:83:f6:4b:c7:37:2d:fc:33:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c61264467b1a7fef1c51867779e5ad616b619cf
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9419a27f771e735d1ff7a7f9295ac538c21aab0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:72:7b:40:0a:a3:4a:9d:fd:21:43:66:a6:3d:
f1:7c:2a:74:2f:5c:a0:9f:78:31:5e:80:32:d2:f0:
a0:12:af:80:52:b5:ae:e8:a7:71:08:9a:89:36:a2:
bd:13:6b:94:5e:df:05:46:93:0c:84:c3:eb:54:aa:
d5:c9:02:37:c9:c7:0e:3d:05:2a:df:27:73:57:72:
89:70:28:4a:d6:53:8e:67:9b:d3:38:a9:84:0b:b3:
91:2a:ea:08:da:05:b8:03:09:ea:03:e5:d1:4b:eb:
31:73:57:42:b5:0b:a2:2f:4a:94:3b:d9:59:0b:c6:
1c:74:28:04:c7:df:6a:d1:21:92:70:b6:7d:40:6f:
f1:5c:05:30:05:b2:2b:fb:0f:96:88:a3:e9:85:8b:
1f:c8:cd:c6:eb:32:f4:4f:cc:c7:7a:96:13:b2:91:
9b:6e:9e:f4:b2:b4:b2:8c:a5:17:94:46:11:73:38:
54:d5:a9:4b:6d:0c:52:86:9c:4e:d3:15:df:aa:64:
b1:01:0a:6b:9c:7e:f2:16:43:a7:64:b9:3f:5a:60:
d5:28:97:21:89:33:18:77:be:90:ee:5d:b1:64:a4:
97:6e:37:ec:60:5e:eb:5b:16:4d:34:ef:94:98:35:
70:e3:c0:5c:8d:8d:7e:97:2f:84:cc:9b:3c:55:26:
ce:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:19:A2:7F:77:1E:73:5D:1F:F7:A7:F9:29:5A:C5:38:C2:1A:AB:0F
X509v3 Authority Key Identifier:
keyid:2C:61:26:44:67:B1:A7:FE:F1:C5:18:67:77:9E:5A:D6:16:B6:19:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LGEmRGexp_7xxRhnd55a1ha2Gc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/lBmif3cec10f96f5KVrFOMIaqw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b363cd-5a14-417e-80f5-9215865d37b9/1/LGEmRGexp_7xxRhnd55a1ha2Gc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.220.0/22
185.89.52.0/22
IPv6:
2a05:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
ae:6c:8b:9e:62:d2:f7:75:73:2c:6b:2b:53:7b:e0:2c:a7:f1:
33:41:51:02:58:6f:77:a4:d2:d0:83:15:bd:8d:48:21:eb:e7:
3d:18:38:e1:15:b4:10:83:ab:4e:cd:41:d0:62:06:09:7a:79:
45:23:f4:01:93:57:9f:5f:7f:ed:ef:20:1d:ba:fe:77:e7:19:
31:39:76:d9:69:92:33:54:9d:fb:2b:ff:51:4d:69:db:7b:4e:
1e:14:c0:0f:2d:57:5e:39:7f:45:c6:fc:85:a8:c6:2b:6d:c1:
11:6b:89:d5:1d:13:d4:f3:eb:4d:94:70:56:09:2f:26:35:a7:
fd:e1:51:f1:7b:d9:ac:29:3d:a5:6c:7b:86:e7:2f:5c:45:24:
6e:a1:90:a0:de:1b:9f:02:50:e0:14:20:52:4d:ee:de:24:b7:
e0:a4:b9:35:db:f8:40:56:fd:ee:75:15:f3:4e:87:a6:aa:1e:
16:57:3e:e9:10:9b:3e:57:35:a5:3c:39:a8:b7:ec:26:1e:b0:
e1:09:ae:e9:71:10:90:a4:aa:cd:f0:51:47:fe:75:61:b8:16:
5c:80:91:e1:96:5b:36:c3:e0:2b:51:ad:71:45:91:0d:f9:d6:
93:dd:ee:0d:62:01:a5:6a:ca:b2:5e:bd:b3:43:50:3c:13:77:
39:9f:8f:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSBubDFnDg/ZLxzct/DPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNjEyNjQ0NjdiMWE3ZmVmMWM1MTg2Nzc3OWU1YWQ2MTZi
NjE5Y2YwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE5YTI3Zjc3MWU3MzVkMWZmN2E3ZjkyOTVhYzUzOGMyMWFhYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XJ7QAqjSp39IUNmpj3xfCp0L1yg
n3gxXoAy0vCgEq+AUrWu6KdxCJqJNqK9E2uUXt8FRpMMhMPrVKrVyQI3yccOPQUq
3ydzV3KJcChK1lOOZ5vTOKmEC7ORKuoI2gW4AwnqA+XRS+sxc1dCtQuiL0qUO9lZ
C8YcdCgEx99q0SGScLZ9QG/xXAUwBbIr+w+WiKPphYsfyM3G6zL0T8zHepYTspGb
bp70srSyjKUXlEYRczhU1alLbQxShpxO0xXfqmSxAQprnH7yFkOnZLk/WmDVKJch
iTMYd76Q7l2xZKSXbjfsYF7rWxZNNO+UmDVw48BcjY1+ly+EzJs8VSbO5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJQZon93HnNdH/en+SlaxTjCGqsPMB8GA1UdIwQY
MBaAFCxhJkRnsaf+8cUYZ3eeWtYWthnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEdFbVJHZXhwXzd4eFJobmQ1NWExaGEyR2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iMzYzY2QtNWExNC00MTdlLTgwZjUt
OTIxNTg2NWQzN2I5LzEvbEJtaWYzY2VjMTBmOTZmNUtWckZPTUlhcXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9iMzYzY2QtNWExNC00MTdlLTgwZjUtOTIxNTg2NWQzN2I5
LzEvTEdFbVJHZXhwXzd4eFJobmQ1NWExaGEyR2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCAjrcAwQC
uVk0MA0EAgACMAcDBQMqBc5AMA0GCSqGSIb3DQEBCwUAA4IBAQCubIueYtL3dXMs
aytTe+Asp/EzQVECWG93pNLQgxW9jUgh6+c9GDjhFbQQg6tOzUHQYgYJenlFI/QB
k1efX3/t7yAduv535xkxOXbZaZIzVJ37K/9RTWnbe04eFMAPLVdeOX9FxvyFqMYr
bcERa4nVHRPU8+tNlHBWCS8mNaf94VHxe9msKT2lbHuG5y9cRSRuoZCg3hufAlDg
FCBSTe7eJLfgpLk12/hAVv3udRXzToemqh4WVz7pEJs+VzWlPDmot+wmHrDhCa7p
cRCQpKrN8FFH/nVhuBZcgJHhlls2w+ArUa1xRZEN+daT3e4NYgGlasqyXr2zQ1A8
E3c5n4/I
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:58:35 2025 by rpki-client