Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/LxqOr6kmcQm7vZYRRdP1VkRGlgU.roa
File: LxqOr6kmcQm7vZYRRdP1VkRGlgU.roa (raw, json)
Hash identifier: 3mO1xiAyPsi9YB2Utyx+mrmowxSoZyyyseC61QFbUek=
Subject key identifier: 2F:1A:8E:AF:A9:26:71:09:BB:BD:96:11:45:D3:F5:56:44:46:96:05
Certificate issuer: /CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Certificate serial: 0195710493D0CB32B0D9AC15B620EE512A65
Authority key identifier: D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/LxqOr6kmcQm7vZYRRdP1VkRGlgU.roa
Signing time: Fri 07 Mar 2025 14:31:19 +0000
ROA not before: Fri 07 Mar 2025 14:31:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5405
IP address blocks: 94.103.180.0/24 maxlen: 24
185.134.66.0/24 maxlen: 24
185.134.67.0/24 maxlen: 24
2a11:4140::/29 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:04:93:d0:cb:32:b0:d9:ac:15:b6:20:ee:51:2a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Validity
Not Before: Mar 7 14:31:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f1a8eafa9267109bbbd961145d3f55644469605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0b:f9:a6:0c:5f:13:c6:56:2c:e0:2a:10:de:
6d:32:37:fe:4a:b5:73:90:37:b6:57:bf:b2:3a:8a:
61:28:16:30:fc:9e:36:22:46:19:8a:7a:fd:14:5c:
d5:0d:1e:0c:e4:f4:bb:de:c3:a1:62:d2:9c:62:9d:
4d:48:9d:20:fa:f1:ce:33:c3:e6:23:e8:dd:56:20:
a3:a4:f0:6f:20:86:b4:98:b1:31:40:c4:d3:0d:58:
65:29:eb:aa:0d:b3:9b:52:c0:e4:3c:c8:65:68:45:
92:11:15:e0:cd:39:da:c9:6f:c9:fa:c9:0c:d0:d9:
4b:36:f2:12:d0:d7:13:b2:cb:9a:07:cf:1a:5d:a5:
b6:01:69:c8:03:a3:35:e2:7f:a0:bb:0e:e7:1f:0b:
0a:60:42:2c:99:1a:6b:4f:ea:08:2f:9e:d7:a6:c3:
8a:d9:8b:c9:cb:bc:67:d5:d7:a1:54:34:eb:f3:e6:
84:07:78:d6:02:35:52:ca:3a:41:a2:96:bc:2d:20:
2e:e2:ea:ec:b2:d4:4e:8b:6a:21:55:25:19:52:ef:
c0:0a:c9:db:7c:98:98:d4:b4:17:ee:20:f8:51:a1:
94:94:07:7d:04:6f:ed:1b:98:15:42:e1:44:39:bb:
8f:da:50:f9:88:a1:45:a0:4d:68:56:97:f1:6f:6f:
dc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1A:8E:AF:A9:26:71:09:BB:BD:96:11:45:D3:F5:56:44:46:96:05
X509v3 Authority Key Identifier:
keyid:D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/LxqOr6kmcQm7vZYRRdP1VkRGlgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.180.0/24
185.134.66.0/23
IPv6:
2a11:4140::/29
Signature Algorithm: sha256WithRSAEncryption
65:47:c4:fb:cf:f5:00:24:62:1f:df:8c:af:f3:32:f0:7d:a8:
5c:15:fa:3e:d4:65:5e:e0:7d:86:9b:c5:8e:95:09:b1:68:c3:
37:9f:63:f9:fc:51:72:e3:d6:5d:48:31:53:91:a4:ef:78:de:
0f:e8:67:a0:12:c9:0d:a3:4a:49:8c:77:5b:29:96:b4:ee:45:
61:c1:21:8e:11:bb:1c:e8:cf:06:45:6f:4c:c9:04:7b:30:db:
80:36:14:2b:73:33:8a:b6:dd:3f:9b:52:dc:c0:19:15:b5:06:
d9:0a:81:13:03:bb:f5:27:02:11:b5:85:e2:24:a4:1f:16:4b:
70:cd:48:fb:f4:92:be:26:68:fd:da:84:f2:6c:fe:ca:14:77:
76:7b:81:79:3e:eb:d4:00:ea:66:a1:c8:bc:34:67:ab:4f:c1:
de:0e:de:6d:45:46:97:22:d1:f8:8a:1f:28:12:5c:d8:fa:87:
67:e2:f0:87:6b:e2:ee:f8:23:44:6b:71:1d:3e:82:68:6d:a4:
17:66:d0:10:3c:bb:a2:06:90:3b:a5:4a:5f:ac:16:07:1e:9f:
df:a5:a2:e5:e7:74:0b:fe:dc:d1:01:dc:7c:09:97:26:0f:b1:
fc:41:76:28:27:d2:b5:e3:0b:5a:f7:3f:b4:85:b8:98:2e:10:
14:fe:fe:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZVxBJPQyzKw2awVtiDuUSplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZhNWNhMzdlYWQzMWZkMmEzNTBiMGI0MTJkNzdkOTUz
MjA5MjgwHhcNMjUwMzA3MTQzMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFhOGVhZmE5MjY3MTA5YmJiZDk2MTE0NWQzZjU1NjQ0NDY5NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgv5pgxfE8ZWLOAqEN5tMjf+SrVz
kDe2V7+yOophKBYw/J42IkYZinr9FFzVDR4M5PS73sOhYtKcYp1NSJ0g+vHOM8Pm
I+jdViCjpPBvIIa0mLExQMTTDVhlKeuqDbObUsDkPMhlaEWSERXgzTnayW/J+skM
0NlLNvIS0NcTssuaB88aXaW2AWnIA6M14n+guw7nHwsKYEIsmRprT+oIL57XpsOK
2YvJy7xn1dehVDTr8+aEB3jWAjVSyjpBopa8LSAu4ursstROi2ohVSUZUu/ACsnb
fJiY1LQX7iD4UaGUlAd9BG/tG5gVQuFEObuP2lD5iKFFoE1oVpfxb2/cMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC8ajq+pJnEJu72WEUXT9VZERpYFMB8GA1UdIwQY
MBaAFNW2pco36tMf0qNQsLQS132VMgkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUt
ZDRlODgyMDgzZTRmLzEvTHhxT3I2a21jUW03dlpZUlJkUDFWa1JHbGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUtZDRlODgyMDgzZTRm
LzEvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXme0AwQB
uYZCMA0EAgACMAcDBQMqEUFAMA0GCSqGSIb3DQEBCwUAA4IBAQBlR8T7z/UAJGIf
34yv8zLwfahcFfo+1GVe4H2Gm8WOlQmxaMM3n2P5/FFy49ZdSDFTkaTveN4P6Geg
EskNo0pJjHdbKZa07kVhwSGOEbsc6M8GRW9MyQR7MNuANhQrczOKtt0/m1LcwBkV
tQbZCoETA7v1JwIRtYXiJKQfFktwzUj79JK+Jmj92oTybP7KFHd2e4F5PuvUAOpm
oci8NGerT8HeDt5tRUaXItH4ih8oElzY+odn4vCHa+Lu+CNEa3EdPoJobaQXZtAQ
PLuiBpA7pUpfrBYHHp/fpaLl53QL/tzRAdx8CZcmD7H8QXYoJ9K14wta9z+0hbiY
LhAU/v59
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:02 2025 by rpki-client on console.sobornost.net