Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/lBLUc28nwdLkSsrePQSmyxKstGI.roa
File: lBLUc28nwdLkSsrePQSmyxKstGI.roa (raw, json)
Hash identifier: vrIWIUHlJDuCxB1hzJyqC5GbG7oElAvbtOgjYcaloKs=
Subject key identifier: 94:12:D4:73:6F:27:C1:D2:E4:4A:CA:DE:3D:04:A6:CB:12:AC:B4:62
Certificate issuer: /CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Certificate serial: 01942521A43D9D1BEF49AEC7F507361A2F9F
Authority key identifier: C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/lBLUc28nwdLkSsrePQSmyxKstGI.roa
Signing time: Thu 02 Jan 2025 03:49:09 +0000
ROA not before: Thu 02 Jan 2025 03:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31043
IP address blocks: 185.117.112.0/22 maxlen: 22
195.47.232.0/24 maxlen: 24
2a0c:3180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a4:3d:9d:1b:ef:49:ae:c7:f5:07:36:1a:2f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Validity
Not Before: Jan 2 03:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9412d4736f27c1d2e44acade3d04a6cb12acb462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:13:00:85:a9:c1:4f:3c:26:47:63:ea:1d:2b:
e2:c4:93:8c:94:23:0c:e4:fc:98:d6:89:da:98:04:
33:7d:bc:4a:ad:1c:5f:ee:88:31:da:3a:83:ef:8b:
10:a5:ef:7f:a9:2f:da:bc:9d:bd:85:80:7e:68:39:
3f:86:8a:99:af:e8:ab:7b:0f:9f:d1:cb:4c:b2:e2:
89:bf:08:f9:b8:54:fa:77:67:12:70:89:6e:19:59:
e6:f8:f9:96:20:af:55:c0:62:f0:3b:cc:88:7c:70:
f9:7c:05:c2:ec:ba:ef:a1:dd:35:05:d5:7f:e4:95:
dc:2f:fb:2b:e9:58:c5:17:64:3f:72:51:56:cc:2d:
e3:03:60:62:30:df:24:06:bd:4c:4a:1c:92:e1:b3:
14:13:d6:71:76:d1:ee:07:6a:2e:90:ee:ac:5f:2e:
02:10:8f:c4:22:f6:f1:b1:82:b5:d6:75:16:d1:4d:
7a:f4:31:5f:e4:9f:16:0e:81:d2:f0:63:ec:db:df:
dc:17:b3:5f:0b:9e:92:67:71:b4:d2:f6:dc:7f:97:
19:56:1d:bf:df:40:44:77:5a:ff:b8:ef:03:ca:c3:
1d:a3:48:5d:7f:75:4e:97:00:b1:71:97:78:56:ca:
e6:cf:55:fa:60:c7:2c:c3:4f:d4:5c:be:64:fe:5c:
37:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:12:D4:73:6F:27:C1:D2:E4:4A:CA:DE:3D:04:A6:CB:12:AC:B4:62
X509v3 Authority Key Identifier:
keyid:C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/lBLUc28nwdLkSsrePQSmyxKstGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.112.0/22
195.47.232.0/24
IPv6:
2a0c:3180::/32
Signature Algorithm: sha256WithRSAEncryption
3c:af:86:02:88:dd:4f:33:87:29:85:c8:10:98:84:9e:e0:c9:
b3:d1:03:b9:3a:ca:b6:8f:32:c1:d4:c9:14:0c:bc:1d:d9:22:
29:de:2c:b7:20:a8:08:16:09:25:47:5b:92:cd:5e:51:63:f1:
47:b6:11:70:1e:39:c0:47:e6:65:76:ca:1d:5f:18:90:b6:b5:
62:67:08:2b:04:18:d7:23:72:70:f9:3d:89:ff:de:ae:42:6e:
f5:8e:60:ac:1f:5f:4f:36:53:de:20:96:0b:90:c9:06:f2:fd:
95:74:90:80:70:3a:0b:42:59:22:3b:19:c2:89:b9:14:1d:1f:
b1:a1:0d:7d:f2:2d:a9:cc:6a:6b:81:01:f2:ae:38:cd:f8:39:
ad:74:12:ec:ef:38:c8:05:00:75:fc:28:8d:a6:7c:51:17:a3:
ea:17:9b:62:8f:d9:59:51:b4:05:74:26:b9:d0:fb:9a:f9:6f:
b4:c7:a7:34:e0:03:f8:66:1a:42:40:a7:8c:7e:ec:80:f5:5a:
ad:c0:2d:80:2f:e8:c5:4c:a9:f6:87:e8:e3:23:d3:0b:32:d4:
29:2a:62:03:90:a6:5f:bd:f3:9d:53:42:49:d9:07:31:7b:5a:
85:17:63:fa:5f:8b:e3:1f:37:4f:bd:dc:c6:a8:9b:ef:d5:95:
d7:1f:97:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIaQ9nRvvSa7H9Qc2Gi+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYTQ5ZjY1YTNkNjgwYzQyOGZkOTRkNjdlNjVhMjcwOWYw
MjkyY2YwHhcNMjUwMTAyMDM0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDEyZDQ3MzZmMjdjMWQyZTQ0YWNhZGUzZDA0YTZjYjEyYWNiNDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxMAhanBTzwmR2PqHSvixJOMlCMM
5PyY1onamAQzfbxKrRxf7ogx2jqD74sQpe9/qS/avJ29hYB+aDk/hoqZr+irew+f
0ctMsuKJvwj5uFT6d2cScIluGVnm+PmWIK9VwGLwO8yIfHD5fAXC7Lrvod01BdV/
5JXcL/sr6VjFF2Q/clFWzC3jA2BiMN8kBr1MShyS4bMUE9ZxdtHuB2oukO6sXy4C
EI/EIvbxsYK11nUW0U169DFf5J8WDoHS8GPs29/cF7NfC56SZ3G00vbcf5cZVh2/
30BEd1r/uO8DysMdo0hdf3VOlwCxcZd4Vsrmz1X6YMcsw0/UXL5k/lw3zwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJQS1HNvJ8HS5ErK3j0EpssSrLRiMB8GA1UdIwQY
MBaAFMOkn2Wj1oDEKP2U1n5lonCfApLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQt
ZjMzNzk3ZTM5YmIyLzEvbEJMVWMyOG53ZExrU3NyZVBRU215eEtzdEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQtZjMzNzk3ZTM5YmIy
LzEvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXVwAwQA
wy/oMA0EAgACMAcDBQAqDDGAMA0GCSqGSIb3DQEBCwUAA4IBAQA8r4YCiN1PM4cp
hcgQmISe4Mmz0QO5Osq2jzLB1MkUDLwd2SIp3iy3IKgIFgklR1uSzV5RY/FHthFw
HjnAR+ZldsodXxiQtrViZwgrBBjXI3Jw+T2J/96uQm71jmCsH19PNlPeIJYLkMkG
8v2VdJCAcDoLQlkiOxnCibkUHR+xoQ198i2pzGprgQHyrjjN+DmtdBLs7zjIBQB1
/CiNpnxRF6PqF5tij9lZUbQFdCa50Pua+W+0x6c04AP4ZhpCQKeMfuyA9VqtwC2A
L+jFTKn2h+jjI9MLMtQpKmIDkKZfvfOdU0JJ2Qcxe1qFF2P6X4vjHzdPvdzGqJvv
1ZXXH5fp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net