Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/lfOZ-jhMilqSuL67GUaycjG2a5Y.roa
File: lfOZ-jhMilqSuL67GUaycjG2a5Y.roa (raw, json)
Hash identifier: 9YManZxr6tE7PVBjz22JU4to3x2JKMonIrFmesK74ug=
Subject key identifier: 95:F3:99:FA:38:4C:8A:5A:92:B8:BE:BB:19:46:B2:72:31:B6:6B:96
Certificate issuer: /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial: 0194252211ECBE280749A88BE45A125D9278
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/lfOZ-jhMilqSuL67GUaycjG2a5Y.roa
Signing time: Thu 02 Jan 2025 03:49:37 +0000
ROA not before: Thu 02 Jan 2025 03:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63018
IP address blocks: 217.13.109.0/24 maxlen: 24
2a0d:c740:4c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:11:ec:be:28:07:49:a8:8b:e4:5a:12:5d:92:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Validity
Not Before: Jan 2 03:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95f399fa384c8a5a92b8bebb1946b27231b66b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:29:21:62:98:ce:22:f4:e0:4a:6f:83:8d:
72:ae:a3:b2:f6:ef:b8:a1:a6:df:2e:ca:80:23:52:
83:c7:cc:b7:6c:d3:2e:bc:07:f1:68:93:70:d2:45:
ae:20:18:2f:7f:e8:7c:55:46:71:6c:be:6a:fb:92:
7a:42:62:45:d3:af:70:64:ed:35:00:ad:97:74:45:
41:fe:55:ec:61:77:73:1f:d6:85:41:36:8e:6f:41:
6c:e0:07:ff:ee:b4:33:a2:78:aa:3d:e5:40:04:01:
32:d1:65:04:6c:9d:43:2e:31:77:01:f9:29:1a:2b:
3f:d8:68:7b:08:42:a1:3e:ad:21:70:bd:ad:9c:14:
c8:4a:6a:35:25:01:18:ae:60:4e:5e:cb:cf:60:b5:
58:7d:0b:8a:97:fb:3e:4b:da:6d:c5:43:92:06:7c:
01:c6:70:f9:98:22:ae:43:9d:a6:50:b5:b2:1e:bf:
43:71:c9:2a:22:0f:ea:32:79:74:c6:71:3e:63:3e:
77:54:f4:d6:9d:1a:0c:c5:61:1b:3a:08:df:64:68:
13:a9:3f:1d:a3:bb:4c:6e:fb:54:61:b1:28:a3:89:
5d:5c:c2:20:d0:01:e8:af:15:2f:35:b5:70:12:28:
68:bb:eb:a1:11:09:0a:11:b0:eb:d6:03:a4:96:5b:
df:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F3:99:FA:38:4C:8A:5A:92:B8:BE:BB:19:46:B2:72:31:B6:6B:96
X509v3 Authority Key Identifier:
keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/lfOZ-jhMilqSuL67GUaycjG2a5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.13.109.0/24
IPv6:
2a0d:c740:4c::/48
Signature Algorithm: sha256WithRSAEncryption
02:b6:71:70:ea:ca:25:72:26:b7:31:3b:0e:92:33:7f:9d:ba:
7c:99:4f:20:8f:ba:00:3e:e0:d9:71:66:30:11:e9:e4:46:0c:
5e:17:97:12:6a:02:e0:2b:eb:d1:47:64:d1:27:ab:1b:e6:85:
e5:b9:8b:35:36:34:f0:06:34:b4:c6:fc:3c:7f:13:f8:4b:70:
d6:b6:1c:b9:7c:77:a1:35:c3:e9:58:94:f8:b6:0d:4e:45:fb:
b0:3f:0e:9a:16:ef:28:59:db:54:04:31:64:33:f4:f1:30:99:
31:8b:3b:cd:1d:81:09:a0:fb:0d:96:0b:12:c1:8d:19:72:09:
c5:15:11:46:84:8c:0f:51:ca:b1:b0:74:0f:0d:73:96:ff:04:
00:1f:80:18:3f:36:88:87:9a:a7:91:3f:97:41:9a:cb:f3:f6:
b7:13:5e:75:d1:12:60:69:0e:2e:eb:7c:fa:70:1c:21:ad:3f:
f2:a3:24:86:bb:b1:ad:67:f5:de:8a:ee:38:f9:6a:2e:ae:65:
1f:57:15:9b:82:28:93:2a:85:6a:f4:f2:cd:3e:e9:c6:d6:03:
60:68:1f:31:30:b5:75:51:c1:7c:ed:de:e2:b9:3f:cc:a8:fd:
ee:6a:5a:9d:37:00:c9:f4:f0:a1:39:d3:7b:3e:7d:da:37:61:
05:1c:61:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIhHsvigHSaiL5FoSXZJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjUwMTAyMDM0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYzOTlmYTM4NGM4YTVhOTJiOGJlYmIxOTQ2YjI3MjMxYjY2Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU0pIWKYziL04Epvg41yrqOy9u+4
oabfLsqAI1KDx8y3bNMuvAfxaJNw0kWuIBgvf+h8VUZxbL5q+5J6QmJF069wZO01
AK2XdEVB/lXsYXdzH9aFQTaOb0Fs4Af/7rQzoniqPeVABAEy0WUEbJ1DLjF3Afkp
Gis/2Gh7CEKhPq0hcL2tnBTISmo1JQEYrmBOXsvPYLVYfQuKl/s+S9ptxUOSBnwB
xnD5mCKuQ52mULWyHr9DcckqIg/qMnl0xnE+Yz53VPTWnRoMxWEbOgjfZGgTqT8d
o7tMbvtUYbEoo4ldXMIg0AHorxUvNbVwEihou+uhEQkKEbDr1gOkllvfrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJXzmfo4TIpakri+uxlGsnIxtmuWMB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvbGZPWi1qaE1pbHFTdUw2N0dVYXljakcyYTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2Q1tMA8E
AgACMAkDBwAqDcdAAEwwDQYJKoZIhvcNAQELBQADggEBAAK2cXDqyiVyJrcxOw6S
M3+dunyZTyCPugA+4NlxZjAR6eRGDF4XlxJqAuAr69FHZNEnqxvmheW5izU2NPAG
NLTG/Dx/E/hLcNa2HLl8d6E1w+lYlPi2DU5F+7A/DpoW7yhZ21QEMWQz9PEwmTGL
O80dgQmg+w2WCxLBjRlyCcUVEUaEjA9RyrGwdA8Nc5b/BAAfgBg/NoiHmqeRP5dB
msvz9rcTXnXREmBpDi7rfPpwHCGtP/KjJIa7sa1n9d6K7jj5ai6uZR9XFZuCKJMq
hWr08s0+6cbWA2BoHzEwtXVRwXzt3uK5P8yo/e5qWp03AMn08KE503s+fdo3YQUc
Yd0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:57:20 2025 by rpki-client