Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/LD2O6uW_t2oXz03g6EamK5CZh8g.roa
File: LD2O6uW_t2oXz03g6EamK5CZh8g.roa (raw, json)
Hash identifier: uRgxLELFMeUvttOBeDlSLLnT7X25XOyK92tWvP0DKvk=
Subject key identifier: 2C:3D:8E:EA:E5:BF:B7:6A:17:CF:4D:E0:E8:46:A6:2B:90:99:87:C8
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01948421AAD76A2DFC17342F677AFCBC277C
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/LD2O6uW_t2oXz03g6EamK5CZh8g.roa
Signing time: Mon 20 Jan 2025 14:33:06 +0000
ROA not before: Mon 20 Jan 2025 14:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61159
IP address blocks: 185.158.208.0/22 maxlen: 24
195.234.112.0/22 maxlen: 24
2a02:2278:ff00::/40 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:21:aa:d7:6a:2d:fc:17:34:2f:67:7a:fc:bc:27:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Jan 20 14:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c3d8eeae5bfb76a17cf4de0e846a62b909987c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:94:51:8a:5a:a2:23:f4:f5:b8:3d:a8:ba:3f:
f9:c4:10:23:ed:26:a4:40:be:8a:b2:0c:6d:7a:0d:
f5:6d:18:ec:6d:ed:82:c2:f0:98:dc:35:35:41:c7:
49:30:3c:4f:61:79:93:c3:b7:7f:a4:e4:ce:a0:3f:
6f:25:5e:1f:fb:56:6b:85:a1:9a:65:61:e7:2b:5c:
f7:51:2f:4e:15:61:32:74:07:11:c4:97:b5:8f:a2:
12:bb:61:a7:91:f5:16:59:26:60:8a:dc:a8:f3:b1:
56:6e:af:47:b4:96:be:72:1b:82:1d:f1:c3:ac:5d:
6d:03:ca:65:ea:7c:0b:dc:f9:3e:db:ae:70:50:8e:
5b:63:4e:da:bd:7f:50:7f:db:63:36:34:2b:ce:9f:
6a:c0:3a:e4:21:d6:c8:44:df:9d:d7:86:ae:0a:db:
37:ac:29:8a:36:44:6b:f9:8c:d1:14:95:7f:02:57:
a7:f2:04:05:25:95:e9:70:ef:63:00:40:95:02:8d:
83:6b:c2:62:52:38:d2:5d:04:3f:28:7e:00:37:28:
65:1b:23:5d:9a:26:97:f0:ea:2e:ae:76:88:5e:5f:
b2:a9:36:1d:a9:56:01:db:2f:0c:bb:76:0b:d2:b5:
c3:69:bc:b0:43:4c:e1:3f:94:8d:b1:a4:50:07:44:
5a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3D:8E:EA:E5:BF:B7:6A:17:CF:4D:E0:E8:46:A6:2B:90:99:87:C8
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/LD2O6uW_t2oXz03g6EamK5CZh8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
d8:53:3b:58:81:1b:18:ac:e5:d3:ed:87:2f:60:0a:84:0c:b0:
19:aa:9a:0b:9c:d4:83:78:7f:93:a2:d1:69:bf:ad:d8:98:09:
60:ec:da:92:52:51:79:34:f2:e8:48:a2:6e:98:ba:46:2e:69:
78:46:aa:87:27:86:28:93:9b:e1:e8:9e:32:0d:7c:ec:9a:1c:
b4:d5:5c:3a:68:80:30:e2:51:89:a1:21:db:87:29:60:77:7b:
ce:a6:9f:16:7c:47:78:03:c8:9d:36:75:fc:17:99:59:8b:58:
bf:58:eb:48:0f:51:18:83:54:a6:99:f2:c2:88:4a:d4:76:80:
83:eb:a5:a4:e1:cb:c5:1c:24:e0:a0:fb:40:7b:33:58:b9:64:
fc:da:a3:ec:6d:e9:77:73:d6:58:d3:12:a5:24:97:0b:46:ef:
c0:53:02:13:67:fc:56:9b:8c:d8:66:e7:ca:ea:3e:d3:c1:84:
e9:c1:b3:10:3d:c1:d4:3f:02:64:23:7b:0b:e9:46:84:1e:f4:
39:49:21:43:b8:cd:7d:45:37:39:87:af:96:ba:8c:a7:ea:9d:
f2:74:c6:79:69:05:81:f1:bc:59:79:7f:7c:d4:0e:26:4e:4c:
ce:91:71:03:c3:9c:a6:fa:0e:f8:1e:52:d9:98:9e:56:74:d9:
f3:3e:b1:91
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZSEIarXai38FzQvZ3r8vCd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjUwMTIwMTQzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNkOGVlYWU1YmZiNzZhMTdjZjRkZTBlODQ2YTYyYjkwOTk4N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZRRilqiI/T1uD2ouj/5xBAj7Sak
QL6Ksgxteg31bRjsbe2CwvCY3DU1QcdJMDxPYXmTw7d/pOTOoD9vJV4f+1ZrhaGa
ZWHnK1z3US9OFWEydAcRxJe1j6ISu2GnkfUWWSZgityo87FWbq9HtJa+chuCHfHD
rF1tA8pl6nwL3Pk+265wUI5bY07avX9Qf9tjNjQrzp9qwDrkIdbIRN+d14auCts3
rCmKNkRr+YzRFJV/Alen8gQFJZXpcO9jAECVAo2Da8JiUjjSXQQ/KH4ANyhlGyNd
miaX8OournaIXl+yqTYdqVYB2y8Mu3YL0rXDabywQ0zhP5SNsaRQB0RapwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCw9jurlv7dqF89N4OhGpiuQmYfIMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvTEQyTzZ1V190Mm9YejAzZzZFYW1LNUNaaDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuZ7QAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEA2FM7WIEbGKzl
0+2HL2AKhAywGaqaC5zUg3h/k6LRab+t2JgJYOzaklJReTTy6Eiibpi6Ri5peEaq
hyeGKJOb4eieMg187JoctNVcOmiAMOJRiaEh24cpYHd7zqafFnxHeAPInTZ1/BeZ
WYtYv1jrSA9RGINUppnywohK1HaAg+ulpOHLxRwk4KD7QHszWLlk/Nqj7G3pd3PW
WNMSpSSXC0bvwFMCE2f8VpuM2Gbnyuo+08GE6cGzED3B1D8CZCN7C+lGhB70OUkh
Q7jNfUU3OYevlrqMp+qd8nTGeWkFgfG8WXl/fNQOJk5MzpFxA8OcpvoO+B5S2Zie
VnTZ8z6xkQ==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:14:13 2025 by rpki-client on console.sobornost.net