Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/LT0qB-gBAbq5frFGXTq1GqnXCfI.roa
File: LT0qB-gBAbq5frFGXTq1GqnXCfI.roa (raw, json)
Hash identifier: K2tXP/3iE8TclQjWefb7tiAmYpuF8VMrt60W/dO45lU=
Subject key identifier: 2D:3D:2A:07:E8:01:01:BA:B9:7E:B1:46:5D:3A:B5:1A:A9:D7:09:F2
Certificate issuer: /CN=67dcd926bf370d3fa0183a138b57b0983cdaca0a
Certificate serial: 01942445A308BE693679493C1A5967B33B75
Authority key identifier: 67:DC:D9:26:BF:37:0D:3F:A0:18:3A:13:8B:57:B0:98:3C:DA:CA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9zZJr83DT-gGDoTi1ewmDzaygo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/LT0qB-gBAbq5frFGXTq1GqnXCfI.roa
Signing time: Wed 01 Jan 2025 23:48:51 +0000
ROA not before: Wed 01 Jan 2025 23:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42750
IP address blocks: 185.195.72.0/22 maxlen: 22
185.195.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a3:08:be:69:36:79:49:3c:1a:59:67:b3:3b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67dcd926bf370d3fa0183a138b57b0983cdaca0a
Validity
Not Before: Jan 1 23:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d3d2a07e80101bab97eb1465d3ab51aa9d709f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:33:ae:ac:a1:3f:a9:87:8a:5e:62:cd:0e:a1:
fb:0f:22:7a:0e:70:ea:61:d7:74:48:5d:66:77:0b:
1f:69:8d:ba:47:11:cb:79:51:ee:d6:b7:ac:c2:2a:
a9:b7:4f:35:eb:96:37:78:8c:2e:5a:b4:2d:58:6c:
ac:29:72:53:db:3d:9d:14:99:c1:c1:f3:dd:d9:73:
ef:31:f8:fd:bd:20:3e:28:e4:80:03:92:51:1b:85:
bf:3e:3d:2f:74:17:e2:f7:91:d9:2e:4f:c0:4b:e1:
8c:76:96:57:16:c0:0b:eb:47:95:de:1e:56:c6:ba:
0f:ce:36:74:0b:e2:e2:cc:81:56:3a:1a:77:21:26:
ed:d3:ed:e2:44:cb:0b:5b:1a:fb:4d:0e:2d:b9:b8:
55:a0:2e:53:59:d2:ec:20:b9:38:9b:b5:d8:e1:0e:
af:37:3f:68:51:f9:96:68:11:7b:87:a7:0e:9c:11:
1d:0b:02:4c:4a:01:0e:5b:ac:32:42:a3:21:d8:4e:
e6:c3:71:a5:56:88:1b:e4:48:db:9d:06:a4:56:ea:
92:3e:f1:e9:89:62:00:3d:91:65:39:7c:de:3d:68:
c5:78:f5:73:88:e6:85:55:fd:06:3f:87:cb:3e:a5:
9b:de:ca:91:cf:c6:b8:6f:d0:46:28:80:0a:c9:a5:
7c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3D:2A:07:E8:01:01:BA:B9:7E:B1:46:5D:3A:B5:1A:A9:D7:09:F2
X509v3 Authority Key Identifier:
keyid:67:DC:D9:26:BF:37:0D:3F:A0:18:3A:13:8B:57:B0:98:3C:DA:CA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9zZJr83DT-gGDoTi1ewmDzaygo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/LT0qB-gBAbq5frFGXTq1GqnXCfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e1c80d-a63b-481c-a9f2-9f5b2eb492a0/1/Z9zZJr83DT-gGDoTi1ewmDzaygo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.72.0/22
Signature Algorithm: sha256WithRSAEncryption
78:d4:91:ba:96:db:6f:8b:d2:5e:fe:81:1a:45:4d:66:36:07:
ef:30:e7:66:da:06:d9:14:93:5c:f6:18:50:b6:55:3b:00:ed:
d8:9b:4e:5e:7d:26:d4:68:2e:45:c7:14:29:16:76:94:69:e6:
54:3c:f7:9a:3f:df:f5:0e:1a:c2:de:f1:b9:cf:73:06:d7:94:
44:28:ef:d6:f4:17:4d:f7:5b:e3:a9:dc:52:83:c8:a1:e3:7d:
5f:28:a4:8e:3c:39:de:55:49:d3:8b:74:95:ea:b9:70:fe:0a:
a2:c0:3e:ab:02:89:d0:c3:f0:38:49:67:aa:b6:74:c6:8b:60:
9c:2f:ba:8c:cf:5b:71:55:3f:a2:c2:16:d2:04:b9:18:fb:89:
f5:ea:c6:b6:a1:d6:7a:83:d6:d0:07:89:2d:35:ad:ac:01:9e:
4b:00:51:80:e8:b0:08:79:2a:8e:46:66:c4:a1:2e:63:bf:ba:
27:c6:5b:67:35:93:82:c0:27:ed:89:3f:35:a7:b1:5e:72:82:
f1:0b:60:c1:61:32:f8:9a:67:09:84:3e:94:27:26:fc:aa:98:
73:db:5a:d5:95:55:a7:ff:98:96:b7:0e:a0:87:42:24:69:35:
43:fc:df:b9:74:cb:ff:98:9f:e4:65:1a:4f:53:14:80:f7:0d:
a3:70:13:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaMIvmk2eUk8Gllnszt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZGNkOTI2YmYzNzBkM2ZhMDE4M2ExMzhiNTdiMDk4M2Nk
YWNhMGEwHhcNMjUwMTAxMjM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNkMmEwN2U4MDEwMWJhYjk3ZWIxNDY1ZDNhYjUxYWE5ZDcwOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzOurKE/qYeKXmLNDqH7DyJ6DnDq
Ydd0SF1mdwsfaY26RxHLeVHu1reswiqpt08165Y3eIwuWrQtWGysKXJT2z2dFJnB
wfPd2XPvMfj9vSA+KOSAA5JRG4W/Pj0vdBfi95HZLk/AS+GMdpZXFsAL60eV3h5W
xroPzjZ0C+LizIFWOhp3ISbt0+3iRMsLWxr7TQ4tubhVoC5TWdLsILk4m7XY4Q6v
Nz9oUfmWaBF7h6cOnBEdCwJMSgEOW6wyQqMh2E7mw3GlVogb5EjbnQakVuqSPvHp
iWIAPZFlOXzePWjFePVziOaFVf0GP4fLPqWb3sqRz8a4b9BGKIAKyaV88wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC09KgfoAQG6uX6xRl06tRqp1wnyMB8GA1UdIwQY
MBaAFGfc2Sa/Nw0/oBg6E4tXsJg82soKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjl6WkpyODNEVC1nR0RvVGkxZXdtRHpheWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lMWM4MGQtYTYzYi00ODFjLWE5ZjIt
OWY1YjJlYjQ5MmEwLzEvTFQwcUItZ0JBYnE1ZnJGR1hUcTFHcW5YQ2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lMWM4MGQtYTYzYi00ODFjLWE5ZjItOWY1YjJlYjQ5MmEw
LzEvWjl6WkpyODNEVC1nR0RvVGkxZXdtRHpheWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucNIMA0G
CSqGSIb3DQEBCwUAA4IBAQB41JG6lttvi9Je/oEaRU1mNgfvMOdm2gbZFJNc9hhQ
tlU7AO3Ym05efSbUaC5FxxQpFnaUaeZUPPeaP9/1DhrC3vG5z3MG15REKO/W9BdN
91vjqdxSg8ih431fKKSOPDneVUnTi3SV6rlw/gqiwD6rAonQw/A4SWeqtnTGi2Cc
L7qMz1txVT+iwhbSBLkY+4n16sa2odZ6g9bQB4ktNa2sAZ5LAFGA6LAIeSqORmbE
oS5jv7onxltnNZOCwCftiT81p7FecoLxC2DBYTL4mmcJhD6UJyb8qphz21rVlVWn
/5iWtw6gh0IkaTVD/N+5dMv/mJ/kZRpPUxSA9w2jcBNj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:12 2025 by rpki-client on console.sobornost.net