Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/Lh_NKL7D2mWFyhzHGugt5SgY5Oo.roa
File: Lh_NKL7D2mWFyhzHGugt5SgY5Oo.roa (raw, json)
Hash identifier: DjvsQWCGurUIzxMM5VASKrLIiSf6rVM8+QHojBeXG6I=
Subject key identifier: 2E:1F:CD:28:BE:C3:DA:65:85:CA:1C:C7:1A:E8:2D:E5:28:18:E4:EA
Certificate issuer: /CN=aa222f5673b828a7ae52f99ba0c62acd70974a38
Certificate serial: 019424458F4E2C20AFEB78F906397F2AA07E
Authority key identifier: AA:22:2F:56:73:B8:28:A7:AE:52:F9:9B:A0:C6:2A:CD:70:97:4A:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/Lh_NKL7D2mWFyhzHGugt5SgY5Oo.roa
Signing time: Wed 01 Jan 2025 23:48:45 +0000
ROA not before: Wed 01 Jan 2025 23:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204923
IP address blocks: 5.61.0.0/21 maxlen: 21
80.208.248.0/22 maxlen: 22
185.60.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:8f:4e:2c:20:af:eb:78:f9:06:39:7f:2a:a0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa222f5673b828a7ae52f99ba0c62acd70974a38
Validity
Not Before: Jan 1 23:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e1fcd28bec3da6585ca1cc71ae82de52818e4ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2e:01:17:bd:e7:30:09:46:9d:84:a3:ea:1b:
5e:3f:bd:25:e0:02:77:b6:8d:05:41:57:2e:19:3d:
f5:2c:d6:3f:70:87:74:1d:73:96:e5:8e:00:de:fb:
ff:fc:89:6d:e3:b9:dc:2c:f1:60:6f:5f:b1:05:a0:
3a:35:b2:8d:da:1b:d0:d6:1c:4b:52:2e:49:ab:19:
d5:26:e6:32:89:ae:21:2d:2d:27:41:11:5e:e4:74:
f9:64:9e:a9:8f:56:b7:af:a7:bd:48:e4:ba:0e:52:
0d:2b:46:18:0f:68:7b:37:1d:2c:68:6a:a7:6e:36:
57:95:27:3d:89:87:c4:e6:8e:f9:83:0d:c5:42:17:
2a:1d:e4:3a:0b:4b:9b:a4:54:49:17:ec:ae:22:fd:
5c:ea:02:5f:69:8a:91:f2:ea:bf:8f:ad:45:ee:3c:
3c:6c:00:fa:16:b7:31:69:db:d3:dd:db:32:07:d4:
e5:80:c8:45:82:64:05:df:4c:bb:d5:62:6e:30:c6:
4e:85:9d:8f:b1:73:06:0b:28:cd:07:8f:fa:7d:5b:
ca:07:66:bf:12:9d:43:6d:8d:06:ab:d6:7c:9f:e4:
ad:66:11:7e:b7:ac:6c:5b:2d:5c:23:77:33:94:1d:
ae:44:df:30:ca:1b:58:66:3e:7d:d3:b7:fc:ef:b3:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1F:CD:28:BE:C3:DA:65:85:CA:1C:C7:1A:E8:2D:E5:28:18:E4:EA
X509v3 Authority Key Identifier:
keyid:AA:22:2F:56:73:B8:28:A7:AE:52:F9:9B:A0:C6:2A:CD:70:97:4A:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/Lh_NKL7D2mWFyhzHGugt5SgY5Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.0.0/21
80.208.248.0/22
185.60.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:47:01:ef:9d:52:c4:16:ac:f3:b8:34:0a:e1:a2:35:10:b6:
8e:83:fd:c4:e7:53:b1:63:9b:b7:02:2b:5e:3c:f6:2c:b4:90:
d3:76:31:0f:84:f8:01:3b:ba:71:00:9c:e1:ea:ef:9c:89:15:
89:c4:73:d8:98:29:35:ac:7c:a8:9b:dd:07:e8:47:d1:bf:a1:
f4:83:03:59:3f:bd:74:40:8d:bb:fe:0d:7c:14:b0:68:a7:1f:
97:b5:b3:92:e9:d2:16:41:ca:6b:88:74:d1:4c:5f:10:d3:44:
cd:77:b3:8d:a4:bc:a9:db:39:00:15:f2:f0:85:d3:21:8a:28:
d4:f0:ab:f3:e3:5f:e8:d9:e9:29:d3:2d:2f:a0:94:fe:13:a6:
a7:b1:f8:1a:89:53:64:e4:0b:d9:54:3d:2d:f6:21:36:73:c9:
4f:cd:fb:8f:3d:78:50:22:c3:99:e0:98:81:b5:fe:bc:1f:a4:
7c:ad:ed:4d:85:e9:f4:f0:93:38:b8:c9:af:64:d1:c3:87:08:
32:ae:41:23:01:b2:a0:a3:72:53:4c:cb:e0:74:8f:c5:a7:d4:
b3:a8:92:55:7f:b3:37:59:18:22:5c:bc:98:85:0b:28:ea:32:
3f:66:0f:a8:73:60:89:f5:ba:5e:17:70:fa:f5:c0:8f:03:40:
a7:05:f0:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRY9OLCCv63j5Bjl/KqB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMjIyZjU2NzNiODI4YTdhZTUyZjk5YmEwYzYyYWNkNzA5
NzRhMzgwHhcNMjUwMTAxMjM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFmY2QyOGJlYzNkYTY1ODVjYTFjYzcxYWU4MmRlNTI4MThlNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry4BF73nMAlGnYSj6hteP70l4AJ3
to0FQVcuGT31LNY/cId0HXOW5Y4A3vv//Ilt47ncLPFgb1+xBaA6NbKN2hvQ1hxL
Ui5JqxnVJuYyia4hLS0nQRFe5HT5ZJ6pj1a3r6e9SOS6DlINK0YYD2h7Nx0saGqn
bjZXlSc9iYfE5o75gw3FQhcqHeQ6C0ubpFRJF+yuIv1c6gJfaYqR8uq/j61F7jw8
bAD6FrcxadvT3dsyB9TlgMhFgmQF30y71WJuMMZOhZ2PsXMGCyjNB4/6fVvKB2a/
Ep1DbY0Gq9Z8n+StZhF+t6xsWy1cI3czlB2uRN8wyhtYZj5907f877NlZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC4fzSi+w9plhcocxxroLeUoGOTqMB8GA1UdIwQY
MBaAFKoiL1ZzuCinrlL5m6DGKs1wl0o4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTQ2MzYtYzk5OC00MDlhLTg5YmIt
MmI3YjgyN2U3MThjLzEvTGhfTktMN0QybVdGeWh6SEd1Z3Q1U2dZNU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTQ2MzYtYzk5OC00MDlhLTg5YmItMmI3YjgyN2U3MThj
LzEvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT0AAwQC
UND4AwQCuTzwMA0GCSqGSIb3DQEBCwUAA4IBAQCnRwHvnVLEFqzzuDQK4aI1ELaO
g/3E51OxY5u3AitePPYstJDTdjEPhPgBO7pxAJzh6u+ciRWJxHPYmCk1rHyom90H
6EfRv6H0gwNZP710QI27/g18FLBopx+XtbOS6dIWQcpriHTRTF8Q00TNd7ONpLyp
2zkAFfLwhdMhiijU8Kvz41/o2ekp0y0voJT+E6ansfgaiVNk5AvZVD0t9iE2c8lP
zfuPPXhQIsOZ4JiBtf68H6R8re1Nhen08JM4uMmvZNHDhwgyrkEjAbKgo3JTTMvg
dI/Fp9SzqJJVf7M3WRgiXLyYhQso6jI/Zg+oc2CJ9bpeF3D69cCPA0CnBfD4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:48 2025 by rpki-client on console.sobornost.net