Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LPO2RLj2ob6ZNsnyBM2Duk0rusM.roa
File: LPO2RLj2ob6ZNsnyBM2Duk0rusM.roa (raw, json)
Hash identifier: 7OUck+DqZbn5/4OQykMbPpzbTgktym4FHX85WJUsgaM=
Subject key identifier: 2C:F3:B6:44:B8:F6:A1:BE:99:36:C9:F2:04:CD:83:BA:4D:2B:BA:C3
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 019545D466BAA6A370A72B1F0B271B42FEAC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LPO2RLj2ob6ZNsnyBM2Duk0rusM.roa
Signing time: Thu 27 Feb 2025 05:15:02 +0000
ROA not before: Thu 27 Feb 2025 05:15:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.189.0/24 maxlen: 24
45.65.114.0/24 maxlen: 24
45.65.115.0/24 maxlen: 24
45.154.156.0/24 maxlen: 24
45.154.158.0/24 maxlen: 24
185.83.200.0/23 maxlen: 23
185.83.202.0/23 maxlen: 23
188.209.131.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.132.0/24 maxlen: 24
188.209.133.0/24 maxlen: 24
188.209.134.0/24 maxlen: 24
188.209.135.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
194.15.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:45:d4:66:ba:a6:a3:70:a7:2b:1f:0b:27:1b:42:fe:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 27 05:15:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cf3b644b8f6a1be9936c9f204cd83ba4d2bbac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ef:7c:af:56:06:e9:cf:25:19:29:45:a2:4e:
78:0b:22:52:6c:ac:34:ca:b3:c2:0f:52:6e:81:7e:
42:3b:b3:98:00:2f:57:d4:bb:c4:71:8d:c0:86:9f:
b9:b1:23:c5:b7:42:2a:af:a8:1b:14:b5:0c:78:79:
0f:80:ed:1b:0c:58:82:81:9e:d6:e7:a4:62:69:c8:
a8:b5:8b:7e:8c:d7:1d:8c:bf:dc:d4:be:6a:20:56:
c2:d2:9c:2c:30:d6:2d:e6:d5:6e:ef:50:bf:f6:96:
1a:8b:78:68:6c:29:2d:ef:28:7a:b7:95:51:ea:ee:
e1:1a:0c:65:c3:c3:3f:57:a3:a2:1e:23:5d:50:0d:
1d:84:d6:92:16:f5:56:e3:b2:4c:ea:64:92:a5:f6:
f9:25:35:03:e3:00:73:cc:05:33:06:4f:25:c7:09:
49:4a:43:c6:f3:5e:41:01:47:39:9d:0d:41:7d:71:
9a:d1:8f:d6:0f:79:fc:59:a3:32:3b:18:f2:1a:80:
0f:2d:1a:76:71:c6:b3:b3:e4:9f:d4:9e:ea:4c:e0:
70:0f:c1:f9:df:74:65:a3:0f:9e:f6:71:e9:84:5e:
a7:6a:3d:8d:c2:06:f1:96:3c:a4:de:ae:9f:62:8c:
f7:d6:b0:62:fd:f6:28:72:01:81:50:64:e1:30:da:
d9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F3:B6:44:B8:F6:A1:BE:99:36:C9:F2:04:CD:83:BA:4D:2B:BA:C3
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/LPO2RLj2ob6ZNsnyBM2Duk0rusM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.189.0/24
45.65.114.0/23
45.154.156.0/24
45.154.158.0/24
185.83.200.0/22
188.209.131.0-188.209.135.255
188.209.139.0/24
194.15.99.0/24
Signature Algorithm: sha256WithRSAEncryption
24:33:2a:4d:69:90:1a:33:f2:f5:ae:66:30:6d:7e:c9:27:76:
32:22:4b:dc:e1:66:9a:ac:87:ef:7a:8e:21:6e:af:88:12:fd:
0a:f2:3c:a6:12:a0:af:15:29:0c:d5:b8:70:8c:d7:43:94:3d:
e6:5a:c6:49:9b:f2:f2:f6:cd:84:7a:22:5d:aa:62:ac:bb:90:
cb:d9:6c:d0:73:2c:61:0c:14:15:b1:b1:a3:18:87:84:49:d5:
9e:95:71:f2:3d:62:86:85:81:a9:1a:82:ad:74:19:62:bf:bf:
fb:13:84:c1:2b:f2:cf:50:8e:40:4c:7c:bd:a5:54:04:ca:1d:
85:ec:ad:c8:11:79:06:a3:8d:27:de:b1:d3:11:8a:77:23:28:
8c:22:a4:d2:f2:7e:3f:0f:fb:af:3e:11:99:34:3f:95:e1:37:
fa:b3:21:dd:1f:1a:34:c9:9b:97:f1:d7:51:21:19:c5:e1:ca:
c6:26:53:8a:f6:3f:e9:55:7c:8e:fe:67:65:85:ce:0c:fd:6c:
b9:d4:32:36:2e:74:bf:95:16:7d:e8:65:50:39:02:c1:2e:14:
45:1b:bf:c9:ba:c6:65:6c:be:a7:84:58:ed:7d:8a:a4:f0:a8:
63:f1:fa:b8:ff:b8:3c:4d:35:59:66:6e:21:c7:6f:0d:74:56:
35:33:e3:03
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZVF1Ga6pqNwpysfCycbQv6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMjI3MDUxNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2YzYjY0NGI4ZjZhMWJlOTkzNmM5ZjIwNGNkODNiYTRkMmJiYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+98r1YG6c8lGSlFok54CyJSbKw0
yrPCD1JugX5CO7OYAC9X1LvEcY3Ahp+5sSPFt0Iqr6gbFLUMeHkPgO0bDFiCgZ7W
56RiaciotYt+jNcdjL/c1L5qIFbC0pwsMNYt5tVu71C/9pYai3hobCkt7yh6t5VR
6u7hGgxlw8M/V6OiHiNdUA0dhNaSFvVW47JM6mSSpfb5JTUD4wBzzAUzBk8lxwlJ
SkPG815BAUc5nQ1BfXGa0Y/WD3n8WaMyOxjyGoAPLRp2ccazs+Sf1J7qTOBwD8H5
33Rlow+e9nHphF6naj2Nwgbxljyk3q6fYoz31rBi/fYocgGBUGThMNrZRQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCzztkS49qG+mTbJ8gTNg7pNK7rDMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTFBPMlJMajJvYjZaTnNueUJNMkR1azBydXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQu9AwQB
LUFyAwQALZqcAwQALZqeAwQCuVPIMAwDBAC80YMDBAO80YADBAC80YsDBADCD2Mw
DQYJKoZIhvcNAQELBQADggEBACQzKk1pkBoz8vWuZjBtfskndjIiS9zhZpqsh+96
jiFur4gS/QryPKYSoK8VKQzVuHCM10OUPeZaxkmb8vL2zYR6Il2qYqy7kMvZbNBz
LGEMFBWxsaMYh4RJ1Z6VcfI9YoaFgakagq10GWK/v/sThMEr8s9QjkBMfL2lVATK
HYXsrcgReQajjSfesdMRincjKIwipNLyfj8P+68+EZk0P5XhN/qzId0fGjTJm5fx
11EhGcXhysYmU4r2P+lVfI7+Z2WFzgz9bLnUMjYudL+VFn3oZVA5AsEuFEUbv8m6
xmVsvqeEWO19iqTwqGPx+rj/uDxNNVlmbiHHbw10VjUz4wM=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:48:21 2025 by rpki-client on console.sobornost.net