Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/LSDLxpYG9vUS-ynb5NuKXC0hxwk.roa
File: LSDLxpYG9vUS-ynb5NuKXC0hxwk.roa (raw, json)
Hash identifier: iU/GAJxLreLcqJkb0jyy5NFNWuEEVZB548A5w51V+6U=
Subject key identifier: 2D:20:CB:C6:96:06:F6:F5:12:FB:29:DB:E4:DB:8A:5C:2D:21:C7:09
Certificate issuer: /CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Certificate serial: 0194266BA627C7883E820974D3CCA3408079
Authority key identifier: F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/LSDLxpYG9vUS-ynb5NuKXC0hxwk.roa
Signing time: Thu 02 Jan 2025 09:49:36 +0000
ROA not before: Thu 02 Jan 2025 09:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205823
IP address blocks: 185.205.56.0/22 maxlen: 22
185.205.56.0/24 maxlen: 24
185.205.57.0/24 maxlen: 24
185.205.58.0/24 maxlen: 24
185.205.59.0/24 maxlen: 24
193.32.104.0/23 maxlen: 23
193.32.104.0/24 maxlen: 24
193.32.105.0/24 maxlen: 24
193.32.116.0/23 maxlen: 23
193.32.116.0/24 maxlen: 24
193.32.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a6:27:c7:88:3e:82:09:74:d3:cc:a3:40:80:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Validity
Not Before: Jan 2 09:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d20cbc69606f6f512fb29dbe4db8a5c2d21c709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b4:19:b5:c1:3e:e2:02:fa:43:fb:7e:ba:1f:
2e:41:c1:9e:c2:c2:14:38:4d:26:6a:7d:53:8c:0c:
c3:d9:a9:c4:f8:67:dc:c7:f3:d9:aa:20:37:c2:22:
bc:cd:14:8e:bd:5c:ac:1c:a4:d3:d5:8c:fe:a1:70:
32:71:7a:6b:b8:e4:f5:79:09:f2:9b:7b:e6:46:be:
6f:77:42:cb:2f:c5:af:ec:73:2a:c8:77:99:1a:cd:
7d:7b:a2:24:89:dd:81:8d:d6:51:79:5f:14:11:15:
27:0f:aa:d5:d5:3b:7b:64:de:e3:37:b9:5e:2e:98:
cd:35:8a:02:06:35:63:8e:47:11:43:dc:44:b6:db:
12:da:1f:f1:ab:65:80:00:ef:99:40:fa:e7:59:cc:
fa:f4:5a:b9:37:da:b4:c4:2d:7b:72:9b:f5:52:da:
a7:53:9a:58:4f:1b:db:db:72:81:98:d0:e9:e6:69:
dd:0d:5e:b7:cd:aa:a1:a8:19:47:ce:f0:50:0b:d0:
49:3b:d2:2a:23:80:df:83:4d:78:1c:64:bd:1e:f8:
81:06:f3:1f:c1:bb:ca:83:3d:90:ab:af:db:a3:9f:
f9:97:1d:44:ba:ac:2f:29:c8:a1:f2:13:f0:c3:54:
e1:c7:0a:0f:1c:ab:00:16:f9:41:8f:d7:db:b1:f9:
79:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:20:CB:C6:96:06:F6:F5:12:FB:29:DB:E4:DB:8A:5C:2D:21:C7:09
X509v3 Authority Key Identifier:
keyid:F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/LSDLxpYG9vUS-ynb5NuKXC0hxwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.56.0/22
193.32.104.0/23
193.32.116.0/23
Signature Algorithm: sha256WithRSAEncryption
27:66:96:ab:49:43:73:38:3a:19:63:44:4f:7a:08:cc:31:a5:
fb:17:90:e0:8b:9f:56:11:60:7f:e1:ab:88:ec:81:49:d1:0d:
04:0f:9a:66:b3:83:49:15:59:ba:51:86:17:82:38:18:9c:32:
4a:cb:58:2c:df:9b:2c:1a:df:21:33:94:ab:b5:10:68:33:0d:
58:92:63:27:bb:57:38:f5:ac:75:3a:8f:d8:74:61:7e:10:11:
f8:75:ca:82:65:d6:0b:1c:7b:97:32:2e:4b:98:c8:20:e5:0e:
19:2b:6f:0c:14:7f:39:a2:7d:f6:ba:bb:78:6e:5a:de:c7:88:
7a:8c:29:43:f5:43:35:9f:ef:c6:10:ef:30:54:f5:7e:e4:80:
a2:5d:3d:d1:60:15:85:05:42:f5:24:0e:89:f4:4a:11:83:dc:
9b:a7:72:71:a6:1f:81:00:12:38:05:fa:63:19:57:38:13:fe:
5d:e0:28:4c:86:64:46:94:36:14:71:34:2c:f9:28:ff:75:98:
8f:fd:14:97:76:3c:cb:72:5f:6b:db:97:c7:c5:c1:3f:8c:9f:
8b:f3:c3:d0:ca:58:8c:b2:36:f7:8b:9b:84:4b:8a:ab:67:e8:
65:3c:e6:17:59:78:23:c7:aa:8e:10:aa:c6:0b:f5:3e:34:ed:
3a:23:0b:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma6Ynx4g+ggl008yjQIB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNThiM2E5NzQxYjQzMWQ3YmVjZDY0Mjg2YjllNmJjZTBl
OTc1ZGEwHhcNMjUwMTAyMDk0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDIwY2JjNjk2MDZmNmY1MTJmYjI5ZGJlNGRiOGE1YzJkMjFjNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7QZtcE+4gL6Q/t+uh8uQcGewsIU
OE0man1TjAzD2anE+Gfcx/PZqiA3wiK8zRSOvVysHKTT1Yz+oXAycXpruOT1eQny
m3vmRr5vd0LLL8Wv7HMqyHeZGs19e6Ikid2BjdZReV8UERUnD6rV1Tt7ZN7jN7le
LpjNNYoCBjVjjkcRQ9xEttsS2h/xq2WAAO+ZQPrnWcz69Fq5N9q0xC17cpv1Utqn
U5pYTxvb23KBmNDp5mndDV63zaqhqBlHzvBQC9BJO9IqI4Dfg014HGS9HviBBvMf
wbvKgz2Qq6/bo5/5lx1EuqwvKcih8hPww1ThxwoPHKsAFvlBj9fbsfl5ZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC0gy8aWBvb1Evsp2+TbilwtIccJMB8GA1UdIwQY
MBaAFPJYs6l0G0Mde+zWQoa55rzg6XXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTct
Y2RhOTRmYjc5NmQxLzEvTFNETHhwWUc5dlVTLXluYjVOdUtYQzBoeHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTctY2RhOTRmYjc5NmQx
LzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuc04AwQB
wSBoAwQBwSB0MA0GCSqGSIb3DQEBCwUAA4IBAQAnZparSUNzODoZY0RPegjMMaX7
F5Dgi59WEWB/4auI7IFJ0Q0ED5pms4NJFVm6UYYXgjgYnDJKy1gs35ssGt8hM5Sr
tRBoMw1YkmMnu1c49ax1Oo/YdGF+EBH4dcqCZdYLHHuXMi5LmMgg5Q4ZK28MFH85
on32urt4blrex4h6jClD9UM1n+/GEO8wVPV+5ICiXT3RYBWFBUL1JA6J9EoRg9yb
p3Jxph+BABI4BfpjGVc4E/5d4ChMhmRGlDYUcTQs+Sj/dZiP/RSXdjzLcl9r25fH
xcE/jJ+L88PQyliMsjb3i5uES4qrZ+hlPOYXWXgjx6qOEKrGC/U+NO06Iwv7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net