Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/lbsbTqD_9mE7vY8Zyug_YVR-sD8.roa
File: lbsbTqD_9mE7vY8Zyug_YVR-sD8.roa (raw, json)
Hash identifier: TyKDojoTZ/eLBbbwUhWYN2H/st4TZlYsWMMpDrArAgs=
Subject key identifier: 95:BB:1B:4E:A0:FF:F6:61:3B:BD:8F:19:CA:E8:3F:61:54:7E:B0:3F
Certificate issuer: /CN=a8b31004df135aa1a8b943033db14691b11a63dd
Certificate serial: 01942454B6AEDBEFE04B064B3E1538A3AE90
Authority key identifier: A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/lbsbTqD_9mE7vY8Zyug_YVR-sD8.roa
Signing time: Thu 02 Jan 2025 00:05:19 +0000
ROA not before: Thu 02 Jan 2025 00:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3242
IP address blocks: 151.1.0.0/18 maxlen: 18
151.1.0.0/23 maxlen: 23
151.1.0.0/24 maxlen: 24
151.1.1.0/24 maxlen: 24
151.1.2.0/23 maxlen: 23
151.1.4.0/22 maxlen: 22
151.1.7.0/24 maxlen: 24
151.1.8.0/21 maxlen: 21
151.1.16.0/20 maxlen: 20
151.1.24.0/21 maxlen: 21
151.1.32.0/19 maxlen: 19
151.1.32.0/21 maxlen: 21
151.1.40.0/23 maxlen: 23
151.1.42.0/23 maxlen: 23
151.1.44.0/23 maxlen: 23
151.1.46.0/23 maxlen: 23
151.1.48.0/24 maxlen: 24
151.1.49.0/24 maxlen: 24
151.1.50.0/24 maxlen: 24
151.1.62.0/24 maxlen: 24
151.1.66.0/23 maxlen: 23
151.1.68.0/22 maxlen: 22
151.1.72.0/24 maxlen: 24
151.1.74.0/23 maxlen: 23
151.1.76.0/22 maxlen: 22
151.1.80.0/20 maxlen: 20
151.1.84.0/24 maxlen: 24
151.1.96.0/22 maxlen: 22
151.1.100.0/22 maxlen: 22
151.1.101.0/24 maxlen: 24
151.1.104.0/21 maxlen: 21
151.1.112.0/20 maxlen: 20
151.1.128.0/18 maxlen: 18
151.1.192.0/18 maxlen: 18
151.1.192.0/22 maxlen: 22
151.1.192.0/24 maxlen: 24
151.1.194.0/24 maxlen: 24
151.1.195.0/24 maxlen: 24
151.1.196.0/22 maxlen: 22
151.1.200.0/21 maxlen: 21
151.1.203.0/24 maxlen: 24
151.1.208.0/21 maxlen: 21
151.1.212.0/24 maxlen: 24
151.1.216.0/21 maxlen: 21
151.1.224.0/19 maxlen: 19
151.1.227.0/24 maxlen: 24
151.1.232.0/21 maxlen: 21
151.1.244.0/24 maxlen: 24
151.2.0.0/20 maxlen: 20
151.2.32.0/19 maxlen: 19
151.2.36.0/24 maxlen: 24
151.2.96.0/20 maxlen: 20
151.2.102.0/24 maxlen: 24
2a01:65c0::/32 maxlen: 32
2a01:65c0:100::/48 maxlen: 48
2a01:65c0:101::/48 maxlen: 48
2a01:65c0:200::/40 maxlen: 40
2a01:65c0:e00::/48 maxlen: 48
2a01:65c0:e01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:54:b6:ae:db:ef:e0:4b:06:4b:3e:15:38:a3:ae:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b31004df135aa1a8b943033db14691b11a63dd
Validity
Not Before: Jan 2 00:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95bb1b4ea0fff6613bbd8f19cae83f61547eb03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:49:80:66:c9:91:08:aa:82:f2:bd:f0:c2:
ed:60:24:4e:7a:49:04:0d:d3:0f:b3:88:59:4a:89:
a8:82:f4:66:ff:19:62:4b:fb:c2:d3:ab:63:71:f7:
c8:ff:76:48:c8:84:53:a6:fe:d9:33:92:a8:c5:47:
91:43:77:ca:6b:7c:5f:57:4d:f4:62:cf:17:02:71:
e8:95:0c:63:d2:be:e5:d3:c7:c7:ac:0c:72:b6:2f:
03:3d:b9:a9:fc:39:9c:e8:91:77:e3:20:7e:48:85:
53:8b:a4:aa:0e:1d:98:50:07:ce:8b:4b:02:fa:4a:
e6:2d:2f:62:5c:f4:ea:a1:66:1d:77:e2:3e:26:37:
bb:b6:58:c7:76:7e:c9:ee:5a:a0:09:c9:c8:a3:8f:
16:25:99:74:8e:6d:1d:42:0b:e6:b6:f6:57:d1:bc:
c8:3b:53:2e:fd:ea:c0:71:d7:0d:8f:0c:96:4b:4d:
a3:61:f6:d9:0f:d8:85:7e:14:94:f8:9f:dc:df:85:
5e:a7:eb:f6:ad:9e:4b:26:80:30:d0:a1:5f:6f:00:
26:f3:96:f9:05:53:ab:21:72:1d:1e:00:f1:66:7e:
ac:a9:7f:66:57:69:27:39:5d:4b:86:36:b0:56:8a:
40:cd:c1:d4:6e:29:eb:22:8f:25:c6:bd:ee:5a:f5:
f3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BB:1B:4E:A0:FF:F6:61:3B:BD:8F:19:CA:E8:3F:61:54:7E:B0:3F
X509v3 Authority Key Identifier:
keyid:A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/lbsbTqD_9mE7vY8Zyug_YVR-sD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.1.0.0/18
151.1.66.0-151.1.72.255
151.1.74.0-151.2.15.255
151.2.32.0/19
151.2.96.0/20
IPv6:
2a01:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
05:1c:55:a6:f2:4d:f5:cf:f7:5f:f6:83:ad:72:94:1c:88:e6:
ad:76:d9:f4:05:58:bb:99:29:ae:09:4e:87:0e:9a:fb:4d:80:
d3:a9:9c:cf:64:88:f8:a6:f7:71:80:6c:38:ea:cd:e5:a6:68:
05:40:7e:a9:b1:fe:25:fa:f7:d1:6d:4c:8c:7d:85:48:8c:ae:
ea:f5:2c:e1:d4:d1:c8:55:7a:c2:bf:61:b6:1e:13:e3:3b:99:
ad:55:cd:e7:bf:70:f4:5b:d6:ac:27:30:72:f6:fd:c2:b0:ca:
fc:f5:16:25:6d:2c:a0:ce:68:d0:76:e5:a9:8e:c2:79:37:7c:
88:4e:df:ce:83:86:ec:c7:b7:df:de:26:ed:14:7e:da:b8:ed:
60:82:e3:cd:1e:a2:b4:00:95:37:0a:bf:04:91:64:56:0c:ad:
32:68:1b:a7:4e:f8:9f:ea:3b:f8:e6:1e:da:61:27:63:df:a9:
76:ee:69:a5:b6:2e:92:6a:49:f7:df:7d:e6:ee:bd:8b:e5:7b:
a2:26:5e:c1:2c:58:c1:ba:e5:9a:1d:03:71:14:d8:4a:3d:60:
31:82:68:c0:0c:0a:64:f5:0d:7b:22:9a:c6:a3:c8:47:f3:25:
46:d8:1f:90:90:82:9c:5b:a1:34:ca:a4:26:05:43:a9:7b:32:
9a:b0:27:98
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQkVLau2+/gSwZLPhU4o66QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjMxMDA0ZGYxMzVhYTFhOGI5NDMwMzNkYjE0NjkxYjEx
YTYzZGQwHhcNMjUwMTAyMDAwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJiMWI0ZWEwZmZmNjYxM2JiZDhmMTljYWU4M2Y2MTU0N2ViMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ5JgGbJkQiqgvK98MLtYCROekkE
DdMPs4hZSomogvRm/xliS/vC06tjcffI/3ZIyIRTpv7ZM5KoxUeRQ3fKa3xfV030
Ys8XAnHolQxj0r7l08fHrAxyti8DPbmp/Dmc6JF34yB+SIVTi6SqDh2YUAfOi0sC
+krmLS9iXPTqoWYdd+I+Jje7tljHdn7J7lqgCcnIo48WJZl0jm0dQgvmtvZX0bzI
O1Mu/erAcdcNjwyWS02jYfbZD9iFfhSU+J/c34Vep+v2rZ5LJoAw0KFfbwAm85b5
BVOrIXIdHgDxZn6sqX9mV2knOV1LhjawVopAzcHUbinrIo8lxr3uWvXzbwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJW7G06g//ZhO72PGcroP2FUfrA/MB8GA1UdIwQY
MBaAFKizEATfE1qhqLlDAz2xRpGxGmPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQt
YzJhNDNiMDgwZDZmLzEvbGJzYlRxRF85bUU3dlk4Wnl1Z19ZVlItc0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQtYzJhNDNiMDgwZDZm
LzEvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuAwQGlwEAMAwD
BAGXAUIDBACXAUgwDAMEAZcBSgMEBJcCAAMEBZcCIAMEBJcCYDANBAIAAjAHAwUA
KgFlwDANBgkqhkiG9w0BAQsFAAOCAQEABRxVpvJN9c/3X/aDrXKUHIjmrXbZ9AVY
u5kprglOhw6a+02A06mcz2SI+Kb3cYBsOOrN5aZoBUB+qbH+Jfr30W1MjH2FSIyu
6vUs4dTRyFV6wr9hth4T4zuZrVXN579w9FvWrCcwcvb9wrDK/PUWJW0soM5o0Hbl
qY7CeTd8iE7fzoOG7Me3394m7RR+2rjtYILjzR6itACVNwq/BJFkVgytMmgbp074
n+o7+OYe2mEnY9+pdu5ppbYukmpJ99995u69i+V7oiZewSxYwbrlmh0DcRTYSj1g
MYJowAwKZPUNeyKaxqPIR/MlRtgfkJCCnFuhNMqkJgVDqXsymrAnmA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:16 2025 by rpki-client on console.sobornost.net