Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/LDYwe1NBsYCxalQKxYjYefq4U28.roa
File: LDYwe1NBsYCxalQKxYjYefq4U28.roa (raw, json)
Hash identifier: A79SQsvfOp/HRlekoSuQN9wqWVf3iQKedeaKaMrunx4=
Subject key identifier: 2C:36:30:7B:53:41:B1:80:B1:6A:54:0A:C5:88:D8:79:FA:B8:53:6F
Certificate issuer: /CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Certificate serial: 01942143D929CBB9539CA4664B5E3B987107
Authority key identifier: 68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/LDYwe1NBsYCxalQKxYjYefq4U28.roa
Signing time: Wed 01 Jan 2025 09:48:02 +0000
ROA not before: Wed 01 Jan 2025 09:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49101
IP address blocks: 193.56.11.0/24 maxlen: 24
2a0b:4740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d9:29:cb:b9:53:9c:a4:66:4b:5e:3b:98:71:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68417da8aa4fe0b8cff188412eedda63cbdcf996
Validity
Not Before: Jan 1 09:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c36307b5341b180b16a540ac588d879fab8536f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a9:81:23:7b:e2:84:55:7d:68:f8:c0:bc:e7:
fe:e2:43:5a:b4:da:90:da:ad:26:10:b2:ca:85:0d:
48:ca:19:d0:47:06:b7:aa:42:ca:88:f7:ff:3a:7d:
9e:5c:6e:4b:39:ae:07:85:0f:71:92:97:81:45:9c:
33:94:66:63:58:fc:6e:fc:98:16:bd:8e:71:d3:57:
ed:0b:88:90:3e:27:08:da:61:db:ac:e7:ad:97:1f:
3a:fe:e0:0e:00:a9:11:83:b5:0c:0a:5e:5f:d2:0a:
33:70:89:7a:52:47:cf:f9:dc:7e:66:b6:9e:b4:15:
54:26:e1:f7:69:76:2e:98:cc:9b:e1:3d:6e:0f:39:
4a:e2:d2:4c:24:9b:a7:f5:48:c3:30:5b:39:b9:c0:
a6:c6:09:de:0b:2e:cf:57:02:8c:1b:61:5f:5f:18:
db:b4:ac:ef:32:94:67:69:d5:89:5f:5e:cf:dd:4b:
95:2b:70:1c:55:16:6c:b1:dd:b0:e3:3e:8d:86:9c:
99:5a:ff:9a:06:45:2b:ab:71:09:82:7f:8f:ec:35:
22:ca:c6:7a:7c:4e:01:85:d3:81:a8:7c:ea:a4:47:
8a:38:3b:2c:00:a8:1f:18:bb:0c:44:df:8d:5f:46:
32:2b:7d:26:da:74:c8:b6:f4:70:28:71:c3:ff:d6:
12:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:36:30:7B:53:41:B1:80:B1:6A:54:0A:C5:88:D8:79:FA:B8:53:6F
X509v3 Authority Key Identifier:
keyid:68:41:7D:A8:AA:4F:E0:B8:CF:F1:88:41:2E:ED:DA:63:CB:DC:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/LDYwe1NBsYCxalQKxYjYefq4U28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2309cc-fa79-44d1-8986-4d537cf01809/1/aEF9qKpP4LjP8YhBLu3aY8vc-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.11.0/24
IPv6:
2a0b:4740::/29
Signature Algorithm: sha256WithRSAEncryption
69:5f:f5:58:8a:e8:84:c0:0d:87:62:65:6c:a8:77:04:ca:43:
68:cc:f1:2f:bd:69:10:c8:d8:4c:23:38:f6:0f:ba:cd:5d:30:
0d:16:00:fe:5e:0b:ea:85:eb:a4:02:20:61:d6:dc:0f:79:ca:
9a:be:37:a8:b8:57:78:2d:ed:1b:6f:e1:12:d1:04:70:24:80:
81:c7:22:64:c7:e7:8c:83:63:e8:1a:83:06:99:2c:cb:ec:2b:
1e:95:33:c4:47:b1:d3:98:bf:6b:35:c9:0c:4b:68:ae:c5:f3:
90:98:ed:02:8d:d0:91:40:37:97:00:1d:83:64:eb:a8:67:55:
da:bc:3f:48:a9:ed:05:0e:da:b5:f2:fa:33:af:8a:20:fc:8e:
9f:18:db:6b:9b:bb:b2:32:43:ae:d4:42:8d:17:2f:f2:c0:db:
b5:49:a1:e0:bd:ec:91:6e:47:ab:a8:27:29:8d:5f:99:f8:6d:
54:3d:7d:47:79:0e:f4:fc:13:a7:58:af:76:01:11:ff:28:5c:
9a:5e:f4:78:2a:59:af:49:0a:f8:12:e4:3d:49:01:f3:1f:2e:
2b:49:a1:29:76:e8:93:9d:5f:b9:65:a1:b7:51:6f:6f:8a:8b:
11:67:7c:bd:1e:fa:8f:67:f3:94:1c:dc:5f:82:1a:9f:89:bf:
27:43:b7:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ9kpy7lTnKRmS147mHEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDE3ZGE4YWE0ZmUwYjhjZmYxODg0MTJlZWRkYTYzY2Jk
Y2Y5OTYwHhcNMjUwMTAxMDk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM2MzA3YjUzNDFiMTgwYjE2YTU0MGFjNTg4ZDg3OWZhYjg1MzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6mBI3vihFV9aPjAvOf+4kNatNqQ
2q0mELLKhQ1IyhnQRwa3qkLKiPf/On2eXG5LOa4HhQ9xkpeBRZwzlGZjWPxu/JgW
vY5x01ftC4iQPicI2mHbrOetlx86/uAOAKkRg7UMCl5f0gozcIl6UkfP+dx+Zrae
tBVUJuH3aXYumMyb4T1uDzlK4tJMJJun9UjDMFs5ucCmxgneCy7PVwKMG2FfXxjb
tKzvMpRnadWJX17P3UuVK3AcVRZssd2w4z6NhpyZWv+aBkUrq3EJgn+P7DUiysZ6
fE4BhdOBqHzqpEeKODssAKgfGLsMRN+NX0YyK30m2nTItvRwKHHD/9YSlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCw2MHtTQbGAsWpUCsWI2Hn6uFNvMB8GA1UdIwQY
MBaAFGhBfaiqT+C4z/GIQS7t2mPL3PmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYt
NGQ1MzdjZjAxODA5LzEvTERZd2UxTkJzWUN4YWxRS3hZalllZnE0VTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yMzA5Y2MtZmE3OS00NGQxLTg5ODYtNGQ1MzdjZjAxODA5
LzEvYUVGOXFLcFA0TGpQOFloQkx1M2FZOHZjLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTgLMA0E
AgACMAcDBQMqC0dAMA0GCSqGSIb3DQEBCwUAA4IBAQBpX/VYiuiEwA2HYmVsqHcE
ykNozPEvvWkQyNhMIzj2D7rNXTANFgD+XgvqheukAiBh1twPecqavjeouFd4Le0b
b+ES0QRwJICBxyJkx+eMg2PoGoMGmSzL7CselTPER7HTmL9rNckMS2iuxfOQmO0C
jdCRQDeXAB2DZOuoZ1XavD9Iqe0FDtq18vozr4og/I6fGNtrm7uyMkOu1EKNFy/y
wNu1SaHgveyRbkerqCcpjV+Z+G1UPX1HeQ70/BOnWK92ARH/KFyaXvR4KlmvSQr4
EuQ9SQHzHy4rSaEpduiTnV+5ZaG3UW9viosRZ3y9HvqPZ/OUHNxfghqfib8nQ7eP
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:43:29 2025 by rpki-client