Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/0LHXRZXlT4Z5tzVCD5n3wMEK_5I.roa
File: 0LHXRZXlT4Z5tzVCD5n3wMEK_5I.roa (raw, json)
Hash identifier: I8mxC60DkZg+/Z8S1/Ta7eOakDYR4IDLK8C2wNx5/L4=
Subject key identifier: D0:B1:D7:45:95:E5:4F:86:79:B7:35:42:0F:99:F7:C0:C1:0A:FF:92
Certificate issuer: /CN=ec65d31440bf75d25c606f7915c236ca614464a2
Certificate serial: 019425219CF12BDFA8EE1D26AA47268A5407
Authority key identifier: EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/0LHXRZXlT4Z5tzVCD5n3wMEK_5I.roa
Signing time: Thu 02 Jan 2025 03:49:07 +0000
ROA not before: Thu 02 Jan 2025 03:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42673
IP address blocks: 91.150.160.0/19 maxlen: 32
91.189.216.0/21 maxlen: 32
91.246.64.0/21 maxlen: 32
91.246.72.0/22 maxlen: 32
185.80.32.0/22 maxlen: 32
195.248.246.0/23 maxlen: 32
2a05:7100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:9c:f1:2b:df:a8:ee:1d:26:aa:47:26:8a:54:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec65d31440bf75d25c606f7915c236ca614464a2
Validity
Not Before: Jan 2 03:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0b1d74595e54f8679b735420f99f7c0c10aff92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:05:2e:02:c2:8d:e8:03:39:1d:b7:e7:a2:
1e:be:9e:07:5c:e2:7b:44:9d:4f:fe:df:70:01:3e:
86:aa:db:d1:fd:19:f5:e7:4a:79:de:91:e0:67:b2:
e1:e2:f0:fd:ce:4e:1f:61:fc:fa:4c:d0:71:a2:54:
83:f9:d6:9b:2a:56:9e:fd:13:e4:a0:a1:f8:ad:91:
43:bc:05:cc:49:c2:f6:cd:df:e9:17:29:11:3c:d8:
1c:13:6a:74:01:33:b6:7c:2c:17:36:0d:39:ad:0b:
dc:45:d0:7f:f9:b4:c8:cf:d9:9f:e0:e3:97:07:60:
6f:04:02:4c:07:fc:0d:a0:26:a6:9b:95:01:d8:37:
fe:bb:ed:c5:bd:7d:a0:13:14:e0:1a:a9:08:65:f1:
14:01:39:a6:02:42:3c:f0:83:7f:22:a3:09:43:98:
53:a8:d4:3e:c3:f1:68:b7:7b:8c:70:37:dd:c2:4f:
9c:25:8b:42:25:62:e6:11:7b:b9:c9:cc:c1:c3:32:
26:90:19:27:9f:67:05:d8:3c:c4:a8:c2:9a:11:27:
f5:b2:57:a3:d9:c8:9a:a3:2c:6a:07:d0:83:c1:ba:
f4:e0:20:70:05:9c:57:83:fd:cf:d3:b9:dd:94:21:
23:82:b2:34:a6:ed:2e:69:64:92:23:5d:ce:59:85:
36:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B1:D7:45:95:E5:4F:86:79:B7:35:42:0F:99:F7:C0:C1:0A:FF:92
X509v3 Authority Key Identifier:
keyid:EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/0LHXRZXlT4Z5tzVCD5n3wMEK_5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/7GXTFEC_ddJcYG95FcI2ymFEZKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.150.160.0/19
91.189.216.0/21
91.246.64.0-91.246.75.255
185.80.32.0/22
195.248.246.0/23
IPv6:
2a05:7100::/29
Signature Algorithm: sha256WithRSAEncryption
40:ae:71:ef:6c:52:f9:36:1b:e6:5d:60:f0:0c:81:0e:1d:33:
6a:39:dd:86:8f:50:f4:fe:c6:a5:dc:88:77:ae:04:d9:17:c4:
a5:4a:53:d6:8c:be:23:41:96:89:82:b8:b4:0f:38:39:90:27:
a7:e6:66:39:b0:05:3a:ef:65:c1:8b:4c:14:e5:ad:70:04:61:
9a:7d:bf:6f:ac:18:12:21:ff:0c:0c:40:a4:a9:d3:3c:66:dc:
fe:5f:ce:6d:99:f1:7f:b0:33:1a:2a:a4:5c:67:f0:ec:ab:43:
97:9d:e9:77:f4:10:4f:03:a3:f5:7d:63:95:cd:c6:9a:5f:41:
81:3d:aa:36:82:ab:a0:25:5f:59:a1:f1:54:df:2a:d7:4a:6c:
7f:da:8c:a0:76:7e:38:a1:a7:75:5b:c6:a7:85:89:d0:4d:36:
dc:69:b3:51:e5:3a:e1:d8:8c:77:d7:c7:22:27:f3:ea:14:a9:
23:58:9f:04:01:ad:6f:03:a8:04:be:95:44:d2:83:75:9b:57:
7c:22:e3:97:99:c4:cb:01:ab:cc:94:71:c4:53:ae:75:99:97:
0f:df:51:85:b8:e8:fc:2f:e8:eb:e3:b4:35:e7:a2:6d:87:66:
95:bb:e7:d8:cb:ac:0c:7b:c8:f7:17:15:76:bd:7c:26:f0:f2:
67:58:77:de
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQlIZzxK9+o7h0mqkcmilQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNjVkMzE0NDBiZjc1ZDI1YzYwNmY3OTE1YzIzNmNhNjE0
NDY0YTIwHhcNMjUwMTAyMDM0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGIxZDc0NTk1ZTU0Zjg2NzliNzM1NDIwZjk5ZjdjMGMxMGFmZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrkFLgLCjegDOR2356Ievp4HXOJ7
RJ1P/t9wAT6GqtvR/Rn150p53pHgZ7Lh4vD9zk4fYfz6TNBxolSD+dabKlae/RPk
oKH4rZFDvAXMScL2zd/pFykRPNgcE2p0ATO2fCwXNg05rQvcRdB/+bTIz9mf4OOX
B2BvBAJMB/wNoCamm5UB2Df+u+3FvX2gExTgGqkIZfEUATmmAkI88IN/IqMJQ5hT
qNQ+w/Fot3uMcDfdwk+cJYtCJWLmEXu5yczBwzImkBknn2cF2DzEqMKaESf1slej
2ciaoyxqB9CDwbr04CBwBZxXg/3P07ndlCEjgrI0pu0uaWSSI13OWYU2KwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNCx10WV5U+Gebc1Qg+Z98DBCv+SMB8GA1UdIwQY
MBaAFOxl0xRAv3XSXGBveRXCNsphRGSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0dYVEZFQ19kZEpjWUc5NUZjSTJ5bUZFWktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yYTZkZjUtODIzNi00MTJkLWFkNzkt
ZTI5NTg5ZTg5NjRhLzEvMExIWFJaWGxUNFo1dHpWQ0Q1bjN3TUVLXzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yYTZkZjUtODIzNi00MTJkLWFkNzktZTI5NTg5ZTg5NjRh
LzEvN0dYVEZFQ19kZEpjWUc5NUZjSTJ5bUZFWktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFW5agAwQD
W73YMAwDBAZb9kADBAJb9kgDBAK5UCADBAHD+PYwDQQCAAIwBwMFAyoFcQAwDQYJ
KoZIhvcNAQELBQADggEBAECuce9sUvk2G+ZdYPAMgQ4dM2o53YaPUPT+xqXciHeu
BNkXxKVKU9aMviNBlomCuLQPODmQJ6fmZjmwBTrvZcGLTBTlrXAEYZp9v2+sGBIh
/wwMQKSp0zxm3P5fzm2Z8X+wMxoqpFxn8OyrQ5ed6Xf0EE8Do/V9Y5XNxppfQYE9
qjaCq6AlX1mh8VTfKtdKbH/ajKB2fjihp3VbxqeFidBNNtxps1HlOuHYjHfXxyIn
8+oUqSNYnwQBrW8DqAS+lUTSg3WbV3wi45eZxMsBq8yUccRTrnWZlw/fUYW46Pwv
6OvjtDXnom2HZpW759jLrAx7yPcXFXa9fCbw8mdYd94=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:11 2025 by rpki-client on console.sobornost.net