Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/lUKZFEQR5YFLyzQjNbMEJSbndmc.roa
File: lUKZFEQR5YFLyzQjNbMEJSbndmc.roa (raw, json)
Hash identifier: Ev1zfRFSrBx+hG5oLqV3IujShWJmSxI4j5cxDJLVNpw=
Subject key identifier: 95:42:99:14:44:11:E5:81:4B:CB:34:23:35:B3:04:25:26:E7:76:67
Certificate issuer: /CN=cd2d25f7691360878cbace985890b9f5efcf7d95
Certificate serial: 019422FC4F0FA814745C9D34ACFE1D03A472
Authority key identifier: CD:2D:25:F7:69:13:60:87:8C:BA:CE:98:58:90:B9:F5:EF:CF:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zS0l92kTYIeMus6YWJC59e_PfZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/lUKZFEQR5YFLyzQjNbMEJSbndmc.roa
Signing time: Wed 01 Jan 2025 17:49:08 +0000
ROA not before: Wed 01 Jan 2025 17:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9063
IP address blocks: 185.5.28.0/22 maxlen: 22
185.209.92.0/22 maxlen: 22
195.66.0.0/21 maxlen: 21
213.185.65.0/24 maxlen: 24
213.185.66.0/23 maxlen: 23
213.185.68.0/22 maxlen: 22
213.185.72.0/22 maxlen: 22
213.185.76.0/23 maxlen: 23
2a02:7940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:4f:0f:a8:14:74:5c:9d:34:ac:fe:1d:03:a4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd2d25f7691360878cbace985890b9f5efcf7d95
Validity
Not Before: Jan 1 17:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=954299144411e5814bcb342335b3042526e77667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:75:8c:e9:f1:02:3f:74:5d:37:a0:b5:89:54:
d7:45:9b:43:ce:bb:9e:be:a4:b3:b2:b1:f6:30:88:
5e:02:ad:00:1e:0d:d9:9e:88:3d:30:b4:ea:2d:88:
a3:ee:30:4f:67:61:6d:bc:96:09:79:08:82:b1:2e:
e5:aa:6b:e3:32:36:7d:62:93:fd:13:1a:81:8e:ef:
2a:a1:8b:a6:9a:02:29:02:94:1b:9f:32:8e:a9:15:
59:66:90:a4:27:8f:30:44:07:e5:48:32:f9:13:b8:
2b:fd:a5:11:bd:f5:a6:5b:c2:9d:c8:f6:12:21:6f:
3c:07:8b:92:0d:9b:12:bb:6a:d1:6c:f9:e5:43:f6:
dc:e0:e7:91:dc:54:3f:c8:f3:4a:15:91:be:f6:0a:
7f:ed:05:f9:ba:a9:c6:42:8b:ef:f7:8f:55:ec:52:
a3:f4:89:59:97:2c:6c:26:43:16:11:6c:4f:3c:be:
0a:f1:f1:bb:92:98:fe:43:61:62:28:b7:de:13:04:
e8:d9:65:d3:9f:21:0e:d5:bb:a0:8d:77:17:0d:9b:
02:4c:4b:aa:ff:2a:26:43:56:e1:d6:ae:08:a9:81:
7e:95:18:e0:4a:56:9d:a0:52:06:30:8d:4b:48:8a:
eb:a2:0b:b0:49:ea:fb:d1:e8:f0:33:22:3a:6b:56:
8e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:42:99:14:44:11:E5:81:4B:CB:34:23:35:B3:04:25:26:E7:76:67
X509v3 Authority Key Identifier:
keyid:CD:2D:25:F7:69:13:60:87:8C:BA:CE:98:58:90:B9:F5:EF:CF:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zS0l92kTYIeMus6YWJC59e_PfZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/lUKZFEQR5YFLyzQjNbMEJSbndmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/zS0l92kTYIeMus6YWJC59e_PfZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.28.0/22
185.209.92.0/22
195.66.0.0/21
213.185.65.0-213.185.77.255
IPv6:
2a02:7940::/32
Signature Algorithm: sha256WithRSAEncryption
01:28:11:80:36:f6:62:da:c2:c6:c4:7d:06:62:58:51:01:b3:
4d:01:53:e4:2b:e8:51:e5:63:ce:99:3b:a2:55:c9:36:3c:db:
90:17:06:40:ef:cd:35:d2:60:07:38:c5:11:c3:eb:1a:72:10:
fa:f1:02:11:4e:02:48:2c:af:9b:21:54:af:0c:e6:1a:53:d6:
2c:95:00:23:d3:04:b3:88:c4:61:da:3a:d1:91:dc:63:a0:56:
6e:f3:49:4d:56:d1:cc:5d:6a:81:a1:26:46:b9:fc:0f:a5:c7:
f5:f4:d4:5f:36:c6:ef:cd:fb:ea:37:6d:89:d3:ac:ec:d3:a8:
50:d4:07:42:63:97:0f:5b:dc:8e:7e:b9:f7:61:8b:f8:2e:17:
8a:42:ac:11:de:70:57:4c:9a:41:0e:0d:2f:fb:a0:45:43:ee:
9e:dd:61:4f:6d:2e:35:b9:7c:f2:aa:02:e5:1f:05:ac:74:80:
1a:da:15:38:db:52:4c:83:a3:4d:ca:72:be:36:3c:b7:ce:59:
6d:25:4f:05:b6:63:39:7b:90:05:18:c7:b8:c2:95:37:f9:e0:
e8:ff:8b:84:78:0f:cf:95:2a:31:8b:f7:5b:b6:3a:df:7f:5b:
7d:a5:e1:17:ab:64:26:5a:a2:c4:6a:80:9b:78:80:5c:f8:67:
d3:9f:25:03
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQi/E8PqBR0XJ00rP4dA6RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMmQyNWY3NjkxMzYwODc4Y2JhY2U5ODU4OTBiOWY1ZWZj
ZjdkOTUwHhcNMjUwMTAxMTc0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQyOTkxNDQ0MTFlNTgxNGJjYjM0MjMzNWIzMDQyNTI2ZTc3NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XWM6fECP3RdN6C1iVTXRZtDzrue
vqSzsrH2MIheAq0AHg3Znog9MLTqLYij7jBPZ2FtvJYJeQiCsS7lqmvjMjZ9YpP9
ExqBju8qoYummgIpApQbnzKOqRVZZpCkJ48wRAflSDL5E7gr/aURvfWmW8KdyPYS
IW88B4uSDZsSu2rRbPnlQ/bc4OeR3FQ/yPNKFZG+9gp/7QX5uqnGQovv949V7FKj
9IlZlyxsJkMWEWxPPL4K8fG7kpj+Q2FiKLfeEwTo2WXTnyEO1bugjXcXDZsCTEuq
/yomQ1bh1q4IqYF+lRjgSladoFIGMI1LSIrroguwSer70ejwMyI6a1aOrwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJVCmRREEeWBS8s0IzWzBCUm53ZnMB8GA1UdIwQY
MBaAFM0tJfdpE2CHjLrOmFiQufXvz32VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelMwbDkya1RZSWVNdXM2WVdKQzU5ZV9QZlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jMzgzNjAtNzQzYS00MjhmLWFiOTct
NjM2OWIxN2ZmMTc4LzEvbFVLWkZFUVI1WUZMeXpRak5iTUVKU2JuZG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jMzgzNjAtNzQzYS00MjhmLWFiOTctNjM2OWIxN2ZmMTc4
LzEvelMwbDkya1RZSWVNdXM2WVdKQzU5ZV9QZlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCuQUcAwQC
udFcAwQDw0IAMAwDBADVuUEDBAHVuUwwDQQCAAIwBwMFACoCeUAwDQYJKoZIhvcN
AQELBQADggEBAAEoEYA29mLawsbEfQZiWFEBs00BU+Qr6FHlY86ZO6JVyTY825AX
BkDvzTXSYAc4xRHD6xpyEPrxAhFOAkgsr5shVK8M5hpT1iyVACPTBLOIxGHaOtGR
3GOgVm7zSU1W0cxdaoGhJka5/A+lx/X01F82xu/N++o3bYnTrOzTqFDUB0Jjlw9b
3I5+ufdhi/guF4pCrBHecFdMmkEODS/7oEVD7p7dYU9tLjW5fPKqAuUfBax0gBra
FTjbUkyDo03Kcr42PLfOWW0lTwW2Yzl7kAUYx7jClTf54Oj/i4R4D8+VKjGL91u2
Ot9/W32l4RerZCZaosRqgJt4gFz4Z9OfJQM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net