Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/LFGeCWEJqK41lBLfNDSrvcd-R7M.roa
File: LFGeCWEJqK41lBLfNDSrvcd-R7M.roa (raw, json)
Hash identifier: D3t7Jj+dB85c4h6RAmcwzdWk3BwbQNg/lUXAv4WmqH0=
Subject key identifier: 2C:51:9E:09:61:09:A8:AE:35:94:12:DF:34:34:AB:BD:C7:7E:47:B3
Certificate issuer: /CN=f7420520f8a41bb04d6d1b0f40140e553f8af36f
Certificate serial: 01941FFA9009A92427433E6EE64F014E4784
Authority key identifier: F7:42:05:20:F8:A4:1B:B0:4D:6D:1B:0F:40:14:0E:55:3F:8A:F3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/LFGeCWEJqK41lBLfNDSrvcd-R7M.roa
Signing time: Wed 01 Jan 2025 03:48:21 +0000
ROA not before: Wed 01 Jan 2025 03:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39821
IP address blocks: 89.107.120.0/21 maxlen: 21
109.233.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:90:09:a9:24:27:43:3e:6e:e6:4f:01:4e:47:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7420520f8a41bb04d6d1b0f40140e553f8af36f
Validity
Not Before: Jan 1 03:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c519e096109a8ae359412df3434abbdc77e47b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:93:af:e3:6c:ba:6f:d9:1b:35:6a:dc:c7:61:
0a:17:70:4a:6e:98:2d:ed:21:47:d3:15:a8:60:50:
9d:66:5d:29:fa:a4:69:c6:4b:e4:ba:51:dc:1c:21:
ce:cf:5f:3a:45:52:cb:7f:32:cf:72:75:4e:94:17:
56:66:51:a0:a4:98:64:b6:08:d4:2e:e3:4d:5c:a5:
58:c3:d0:55:47:e8:af:d6:54:7a:97:39:a7:bb:d3:
59:7a:9e:bd:d0:74:b9:09:1a:bc:db:be:07:9d:6b:
ad:6e:52:e5:00:c1:cf:5a:d4:a1:b0:3f:4f:cc:ec:
0e:e9:0b:ce:d9:fd:a5:f9:b2:c9:67:24:97:a8:7c:
b8:51:8d:7b:2c:da:96:89:7c:19:aa:1c:3d:61:c0:
4d:56:83:c7:60:e2:a4:bd:b7:fd:b5:e5:ed:ed:c5:
f7:fa:7d:9f:c5:1e:0c:a6:16:28:b3:27:ec:d7:a5:
48:76:17:c5:7c:f6:d0:55:e3:75:02:4e:9b:24:49:
fc:ec:38:3e:d4:78:7d:39:5e:09:aa:db:df:7b:75:
70:b0:73:6a:88:48:1a:46:34:cf:cb:a1:11:1d:0b:
d5:ff:1f:eb:8c:53:62:34:45:1a:59:71:88:69:f2:
23:36:d2:04:3d:e7:2d:0c:e7:4b:21:b7:52:9e:4e:
99:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:51:9E:09:61:09:A8:AE:35:94:12:DF:34:34:AB:BD:C7:7E:47:B3
X509v3 Authority Key Identifier:
keyid:F7:42:05:20:F8:A4:1B:B0:4D:6D:1B:0F:40:14:0E:55:3F:8A:F3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/LFGeCWEJqK41lBLfNDSrvcd-R7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/90IFIPikG7BNbRsPQBQOVT-K828.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.120.0/21
109.233.240.0/21
Signature Algorithm: sha256WithRSAEncryption
62:fc:60:75:13:74:04:4f:71:ac:b0:24:7f:a9:7a:37:38:ea:
61:fb:e7:2d:e1:8e:8e:88:8e:86:d8:68:92:16:cd:04:e9:e2:
55:16:23:93:7a:cc:78:3b:10:79:0e:27:89:64:68:a4:96:dc:
b5:fa:ab:03:34:06:ae:91:f9:fc:16:1e:e9:f6:b7:52:11:dc:
f6:ba:0b:ec:1a:35:32:88:59:89:76:66:d8:f5:0b:a1:7c:df:
72:bc:9b:a6:d6:55:ea:1c:a5:e1:72:e8:80:ab:b3:c7:35:63:
32:bd:02:b5:57:28:09:dd:25:6b:ce:7a:02:08:5e:5a:c5:6a:
cc:17:24:87:d1:70:7c:e0:52:82:01:df:27:73:99:7c:cc:45:
47:08:48:74:2b:78:d0:d7:b6:40:db:58:84:59:d9:b7:66:93:
62:62:31:85:83:2f:4e:6a:70:d4:0c:51:60:97:53:cd:dd:52:
a2:4f:df:66:ac:16:87:c7:2f:05:81:d2:bb:20:bd:7f:fc:d4:
66:09:38:9e:83:59:f3:06:75:a4:bd:a5:36:e2:85:63:82:ea:
90:dd:f3:7a:b9:aa:ab:39:68:3e:6d:26:99:22:7c:89:09:55:
36:8a:13:98:4f:01:a6:e4:53:26:94:86:7e:af:c8:26:b8:97:
9d:49:e8:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+pAJqSQnQz5u5k8BTkeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NDIwNTIwZjhhNDFiYjA0ZDZkMWIwZjQwMTQwZTU1M2Y4
YWYzNmYwHhcNMjUwMTAxMDM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzUxOWUwOTYxMDlhOGFlMzU5NDEyZGYzNDM0YWJiZGM3N2U0N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7pOv42y6b9kbNWrcx2EKF3BKbpgt
7SFH0xWoYFCdZl0p+qRpxkvkulHcHCHOz186RVLLfzLPcnVOlBdWZlGgpJhktgjU
LuNNXKVYw9BVR+iv1lR6lzmnu9NZep690HS5CRq8274HnWutblLlAMHPWtShsD9P
zOwO6QvO2f2l+bLJZySXqHy4UY17LNqWiXwZqhw9YcBNVoPHYOKkvbf9teXt7cX3
+n2fxR4MphYosyfs16VIdhfFfPbQVeN1Ak6bJEn87Dg+1Hh9OV4Jqtvfe3VwsHNq
iEgaRjTPy6ERHQvV/x/rjFNiNEUaWXGIafIjNtIEPectDOdLIbdSnk6ZeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCxRnglhCaiuNZQS3zQ0q73HfkezMB8GA1UdIwQY
MBaAFPdCBSD4pBuwTW0bD0AUDlU/ivNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTBJRklQaWtHN0JOYlJzUFFCUU9WVC1LODI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yYWI5YzgtMDQ0Ni00MTA1LThiZmYt
MDhiZTNlZTZkOGFhLzEvTEZHZUNXRUpxSzQxbEJMZk5EU3J2Y2QtUjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yYWI5YzgtMDQ0Ni00MTA1LThiZmYtMDhiZTNlZTZkOGFh
LzEvOTBJRklQaWtHN0JOYlJzUFFCUU9WVC1LODI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWWt4AwQD
benwMA0GCSqGSIb3DQEBCwUAA4IBAQBi/GB1E3QET3GssCR/qXo3OOph++ct4Y6O
iI6G2GiSFs0E6eJVFiOTesx4OxB5DieJZGiklty1+qsDNAaukfn8Fh7p9rdSEdz2
ugvsGjUyiFmJdmbY9QuhfN9yvJum1lXqHKXhcuiAq7PHNWMyvQK1VygJ3SVrznoC
CF5axWrMFySH0XB84FKCAd8nc5l8zEVHCEh0K3jQ17ZA21iEWdm3ZpNiYjGFgy9O
anDUDFFgl1PN3VKiT99mrBaHxy8FgdK7IL1//NRmCTieg1nzBnWkvaU24oVjguqQ
3fN6uaqrOWg+bSaZInyJCVU2ihOYTwGm5FMmlIZ+r8gmuJedSehM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net