Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/LWXmlZUU3ecfqvwZHXpe4N13PwE.roa
File: LWXmlZUU3ecfqvwZHXpe4N13PwE.roa (raw, json)
Hash identifier: 4NYVwWGAs7YF0X626zcPKU0/2BhITxR5hdojEVCb7vQ=
Subject key identifier: 2D:65:E6:95:95:14:DD:E7:1F:AA:FC:19:1D:7A:5E:E0:DD:77:3F:01
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 019427481707C8B5E94B65C42FDF5500B703
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/LWXmlZUU3ecfqvwZHXpe4N13PwE.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6846
IP address blocks: 195.230.128.0/19 maxlen: 24
212.1.64.0/18 maxlen: 24
212.1.96.0/22 maxlen: 22
2a02:f1c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:17:07:c8:b5:e9:4b:65:c4:2f:df:55:00:b7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d65e6959514dde71faafc191d7a5ee0dd773f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:05:e8:29:20:25:bb:57:86:99:40:9e:df:30:
aa:75:e0:a7:d9:d4:38:ef:a1:e2:d0:ad:2e:f3:85:
70:41:f8:88:9b:95:e2:2b:78:c4:0a:0b:67:95:39:
77:76:00:20:b6:8d:f3:fb:c3:97:66:74:4b:49:3e:
50:83:9d:b9:a3:b0:f7:a3:ce:8f:00:b1:2e:98:52:
36:22:85:0f:11:09:90:b5:77:c2:f5:ba:1e:9e:d3:
19:2d:47:02:d4:42:6f:c2:e0:bb:5c:6a:ce:e8:60:
56:11:e3:26:de:08:12:8a:75:5f:3d:03:5a:19:51:
e8:ae:8e:b8:cf:e3:90:a0:7e:04:17:3f:c6:8e:0b:
05:5b:ca:bc:73:8d:35:70:4e:69:ac:11:ed:de:0d:
0f:b5:d6:1f:50:26:f3:0b:07:2d:cf:32:ff:06:e8:
80:97:e6:82:f9:10:34:85:a0:af:e8:2b:e0:4a:af:
5a:3c:fe:e6:2b:79:9d:b1:d6:2f:e2:64:82:84:9f:
95:78:da:16:0a:f5:c0:2c:7a:50:89:d4:3a:6d:4c:
4a:97:f8:38:af:a6:a1:d7:c3:fd:3b:02:51:56:26:
05:96:bd:80:82:57:4c:85:64:5f:61:45:e8:e0:24:
de:07:56:e7:82:89:34:b0:49:05:7e:22:81:22:29:
07:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:65:E6:95:95:14:DD:E7:1F:AA:FC:19:1D:7A:5E:E0:DD:77:3F:01
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/LWXmlZUU3ecfqvwZHXpe4N13PwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.128.0/19
212.1.64.0/18
IPv6:
2a02:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:42:4d:80:15:32:69:ce:92:a9:cc:a9:c4:6f:c2:65:af:7b:
da:53:e5:6a:b5:e4:89:4b:b5:17:d6:31:3d:7f:f1:82:58:56:
c3:77:a2:e0:f9:ee:44:31:bc:02:90:af:68:8b:2d:0a:8d:85:
17:41:6d:79:2c:bf:3a:73:de:23:fe:c8:c3:9a:02:aa:e9:1d:
84:c7:78:22:7b:06:d1:7b:1e:af:f7:7e:b6:01:17:56:3d:58:
a1:5d:27:77:d8:5b:c7:e9:4f:71:8b:df:1c:dc:90:12:57:dc:
7e:a4:8a:0a:70:ab:dc:ea:50:20:b3:9a:da:c9:a6:fb:65:af:
8a:ef:36:4b:65:39:40:53:dc:1d:c5:4a:f9:f6:ec:bb:f2:e4:
ae:e6:b1:af:ce:df:f4:af:28:a5:eb:a4:06:0b:d5:a1:d3:31:
a6:4b:84:7d:46:99:4b:89:73:2b:47:cd:3a:2c:38:e8:c0:3d:
e2:45:bf:63:79:dd:90:77:b8:da:9c:0f:19:38:d1:e1:77:80:
72:b9:b1:e3:51:0a:e3:64:78:a9:5c:1e:24:c9:ca:f3:ca:2e:
41:58:79:df:0b:a4:1d:34:fb:d4:55:9e:84:25:ed:59:95:9f:
36:34:08:e1:9f:d5:89:f8:4e:f3:82:20:f9:b4:34:47:96:7f:
79:08:56:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSBcHyLXpS2XEL99VALcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDY1ZTY5NTk1MTRkZGU3MWZhYWZjMTkxZDdhNWVlMGRkNzczZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwXoKSAlu1eGmUCe3zCqdeCn2dQ4
76Hi0K0u84VwQfiIm5XiK3jECgtnlTl3dgAgto3z+8OXZnRLST5Qg525o7D3o86P
ALEumFI2IoUPEQmQtXfC9boentMZLUcC1EJvwuC7XGrO6GBWEeMm3ggSinVfPQNa
GVHoro64z+OQoH4EFz/GjgsFW8q8c401cE5prBHt3g0PtdYfUCbzCwctzzL/BuiA
l+aC+RA0haCv6CvgSq9aPP7mK3mdsdYv4mSChJ+VeNoWCvXALHpQidQ6bUxKl/g4
r6ah18P9OwJRViYFlr2AgldMhWRfYUXo4CTeB1bngok0sEkFfiKBIikHBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC1l5pWVFN3nH6r8GR16XuDddz8BMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvTFdYbWxaVVUzZWNmcXZ3WkhYcGU0TjEzUHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFw+aAAwQG
1AFAMA0EAgACMAcDBQMqAvHAMA0GCSqGSIb3DQEBCwUAA4IBAQCaQk2AFTJpzpKp
zKnEb8Jlr3vaU+VqteSJS7UX1jE9f/GCWFbDd6Lg+e5EMbwCkK9oiy0KjYUXQW15
LL86c94j/sjDmgKq6R2Ex3giewbRex6v9362ARdWPVihXSd32FvH6U9xi98c3JAS
V9x+pIoKcKvc6lAgs5rayab7Za+K7zZLZTlAU9wdxUr59uy78uSu5rGvzt/0ryil
66QGC9Wh0zGmS4R9RplLiXMrR806LDjowD3iRb9jed2Qd7janA8ZONHhd4ByubHj
UQrjZHipXB4kycrzyi5BWHnfC6QdNPvUVZ6EJe1ZlZ82NAjhn9WJ+E7zgiD5tDRH
ln95CFYx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net