Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/LM876MaYaB8OnXBNDWvDIMOdaT0.roa
File: LM876MaYaB8OnXBNDWvDIMOdaT0.roa (raw, json)
Hash identifier: dBnZE66nMAqtp/XETbnr6kLTMtvYsN54cnJkvnD4onk=
Subject key identifier: 2C:CF:3B:E8:C6:98:68:1F:0E:9D:70:4D:0D:6B:C3:20:C3:9D:69:3D
Certificate issuer: /CN=286687fb64a77f0100baf23d4f341ece775950e5
Certificate serial: 019426D957DA1DF31F5128E93F692BB08A8A
Authority key identifier: 28:66:87:FB:64:A7:7F:01:00:BA:F2:3D:4F:34:1E:CE:77:59:50:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGaH-2SnfwEAuvI9TzQezndZUOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/LM876MaYaB8OnXBNDWvDIMOdaT0.roa
Signing time: Thu 02 Jan 2025 11:49:25 +0000
ROA not before: Thu 02 Jan 2025 11:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206737
IP address blocks: 185.109.50.0/24 maxlen: 24
185.177.212.0/22 maxlen: 24
2a0a:4680::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:57:da:1d:f3:1f:51:28:e9:3f:69:2b:b0:8a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=286687fb64a77f0100baf23d4f341ece775950e5
Validity
Not Before: Jan 2 11:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ccf3be8c698681f0e9d704d0d6bc320c39d693d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:03:42:e8:23:f0:a9:b6:90:4d:a5:1e:e9:a9:
10:9c:e1:6c:9a:37:92:2b:15:66:bf:bf:b9:0a:19:
f0:9e:b1:b0:af:5c:f0:17:67:89:12:50:12:75:46:
79:c7:52:1a:44:76:7f:38:be:3a:8e:78:60:40:38:
33:89:5c:1c:45:41:b3:31:31:7e:28:ba:40:be:87:
19:dd:de:a9:17:4f:1e:9b:08:50:b0:de:08:4d:b9:
89:50:f4:8e:98:a1:78:b4:46:b2:81:52:e3:fe:ee:
0e:0c:76:cc:53:0f:fe:76:77:c5:c7:b7:25:56:6b:
b1:3c:79:a5:7c:fd:d3:b6:f7:d3:c0:fb:33:6e:d7:
75:57:3c:0c:08:3c:17:53:f2:b9:94:a6:ad:bd:08:
0f:17:7a:ba:dd:4c:d4:40:b6:f0:16:24:02:da:d2:
6e:dd:fd:2f:c4:32:1c:79:20:bc:65:e1:95:c5:30:
99:d9:78:1d:8d:43:5f:cb:e4:48:8c:1d:a9:53:d0:
f7:0d:88:81:66:ec:c9:20:70:bc:39:34:c4:db:5c:
39:6b:6e:94:b2:10:49:79:7e:26:2d:7b:2c:34:7d:
ac:11:9f:3b:7b:80:f4:ad:b2:14:31:b4:10:44:92:
fc:ba:9e:36:dc:62:ad:60:50:61:a9:71:17:68:c0:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CF:3B:E8:C6:98:68:1F:0E:9D:70:4D:0D:6B:C3:20:C3:9D:69:3D
X509v3 Authority Key Identifier:
keyid:28:66:87:FB:64:A7:7F:01:00:BA:F2:3D:4F:34:1E:CE:77:59:50:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGaH-2SnfwEAuvI9TzQezndZUOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/LM876MaYaB8OnXBNDWvDIMOdaT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/KGaH-2SnfwEAuvI9TzQezndZUOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.50.0/24
185.177.212.0/22
IPv6:
2a0a:4680::/29
Signature Algorithm: sha256WithRSAEncryption
1b:38:c7:b2:ba:2d:ef:76:b1:0b:17:a3:96:a5:14:3d:4a:7b:
8a:3e:53:1f:c5:25:a6:59:16:5e:1b:df:ae:33:51:1a:c9:c8:
df:0b:0d:5d:73:8e:c8:5f:79:72:77:86:df:04:b5:2c:0a:8c:
44:ea:5a:4a:5e:8a:b0:82:2d:e5:bd:89:e0:bd:66:a7:93:15:
f1:22:c4:6f:9e:89:4c:3c:0f:3f:f0:10:5d:31:b2:d8:c1:73:
41:e6:b0:dd:75:d2:53:22:65:fb:ae:e8:14:86:06:ab:c5:3c:
a2:c4:95:70:e7:84:2b:b6:25:8e:fb:a3:19:fa:44:cb:88:f2:
7b:a7:15:be:ef:e2:94:19:ac:8d:e3:2b:25:5f:0b:f8:c1:75:
58:a6:d4:01:b8:20:8b:8b:b3:5f:e7:e7:9d:09:44:53:95:94:
e3:78:16:51:ba:a6:e1:ae:dc:76:94:09:29:b6:f7:3c:14:32:
cd:2a:8f:44:74:d6:eb:5b:98:e4:06:09:9a:4e:c6:99:d1:16:
7d:92:26:b8:6c:a2:70:de:8d:c8:2f:f5:59:1a:5c:17:14:f6:
2b:f0:d6:de:b8:a2:98:5c:aa:65:f4:b0:ff:69:1b:79:f8:7b:
a0:7b:ac:66:30:5a:ba:2e:1a:50:6e:6d:40:80:37:0b:3a:77:
cf:8c:2c:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2VfaHfMfUSjpP2krsIqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjY4N2ZiNjRhNzdmMDEwMGJhZjIzZDRmMzQxZWNlNzc1
OTUwZTUwHhcNMjUwMTAyMTE0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2NmM2JlOGM2OTg2ODFmMGU5ZDcwNGQwZDZiYzMyMGMzOWQ2OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxANC6CPwqbaQTaUe6akQnOFsmjeS
KxVmv7+5ChnwnrGwr1zwF2eJElASdUZ5x1IaRHZ/OL46jnhgQDgziVwcRUGzMTF+
KLpAvocZ3d6pF08emwhQsN4ITbmJUPSOmKF4tEaygVLj/u4ODHbMUw/+dnfFx7cl
VmuxPHmlfP3TtvfTwPszbtd1VzwMCDwXU/K5lKatvQgPF3q63UzUQLbwFiQC2tJu
3f0vxDIceSC8ZeGVxTCZ2XgdjUNfy+RIjB2pU9D3DYiBZuzJIHC8OTTE21w5a26U
shBJeX4mLXssNH2sEZ87e4D0rbIUMbQQRJL8up423GKtYFBhqXEXaMBKawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCzPO+jGmGgfDp1wTQ1rwyDDnWk9MB8GA1UdIwQY
MBaAFChmh/tkp38BALryPU80Hs53WVDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dhSC0yU25md0VBdXZJOVR6UWV6bmRaVU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yMDUyYWQtM2Q0MS00NWRhLTg0NzQt
NjMzOWY2YjM2YmNiLzEvTE04NzZNYVlhQjhPblhCTkRXdkRJTU9kYVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yMDUyYWQtM2Q0MS00NWRhLTg0NzQtNjMzOWY2YjM2YmNi
LzEvS0dhSC0yU25md0VBdXZJOVR6UWV6bmRaVU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuW0yAwQC
ubHUMA0EAgACMAcDBQMqCkaAMA0GCSqGSIb3DQEBCwUAA4IBAQAbOMeyui3vdrEL
F6OWpRQ9SnuKPlMfxSWmWRZeG9+uM1EaycjfCw1dc47IX3lyd4bfBLUsCoxE6lpK
Xoqwgi3lvYngvWankxXxIsRvnolMPA8/8BBdMbLYwXNB5rDdddJTImX7rugUhgar
xTyixJVw54QrtiWO+6MZ+kTLiPJ7pxW+7+KUGayN4yslXwv4wXVYptQBuCCLi7Nf
5+edCURTlZTjeBZRuqbhrtx2lAkptvc8FDLNKo9EdNbrW5jkBgmaTsaZ0RZ9kia4
bKJw3o3IL/VZGlwXFPYr8NbeuKKYXKpl9LD/aRt5+Huge6xmMFq6LhpQbm1AgDcL
OnfPjCz3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net