Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/La2Bx3Kg3yNgjzXlOayck9yYHYs.roa
File: La2Bx3Kg3yNgjzXlOayck9yYHYs.roa (raw, json)
Hash identifier: RlSJSM6obvvJNVAHyjc4ol2rPsLp9JSNr1eJ2DwTo2Q=
Subject key identifier: 2D:AD:81:C7:72:A0:DF:23:60:8F:35:E5:39:AC:9C:93:DC:98:1D:8B
Certificate issuer: /CN=a694f005f5977c323ecdbea9c5f8cca369e65c67
Certificate serial: 0195C8727CE7DBBD0B8F73DB2F7092254481
Authority key identifier: A6:94:F0:05:F5:97:7C:32:3E:CD:BE:A9:C5:F8:CC:A3:69:E6:5C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/La2Bx3Kg3yNgjzXlOayck9yYHYs.roa
Signing time: Mon 24 Mar 2025 13:58:20 +0000
ROA not before: Mon 24 Mar 2025 13:58:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50324
IP address blocks: 176.126.216.0/22 maxlen: 32
178.19.208.0/20 maxlen: 32
185.28.184.0/22 maxlen: 32
2a04:a40::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:72:7c:e7:db:bd:0b:8f:73:db:2f:70:92:25:44:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a694f005f5977c323ecdbea9c5f8cca369e65c67
Validity
Not Before: Mar 24 13:58:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dad81c772a0df23608f35e539ac9c93dc981d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ef:2b:c2:ea:2d:b1:39:0f:51:6f:ff:7a:fb:
98:21:36:ed:a0:99:04:0e:f8:0e:ce:27:a8:94:94:
de:60:af:89:a0:c2:40:6d:c8:7e:54:75:db:f6:9a:
0f:a0:71:c2:8a:ca:20:fa:68:b6:0b:cd:25:61:db:
f8:2e:cb:8c:6e:73:bc:3d:d7:06:30:c3:cc:61:31:
5e:97:94:d4:22:53:8d:a4:36:cc:44:8e:c5:2f:5a:
e8:0a:8f:eb:ae:f8:f2:b0:ee:38:15:b0:40:9c:47:
f0:98:44:c4:18:56:23:2f:58:be:f5:5b:d5:b3:5e:
bc:f6:c2:14:75:f7:3a:68:30:1c:27:bf:61:89:39:
87:39:91:fd:2d:fc:3b:90:a6:03:04:e7:17:a3:36:
05:70:9b:ea:48:be:6f:d2:26:f0:8d:10:50:54:3b:
25:19:43:db:98:f2:bb:b1:34:6f:6d:30:6a:63:0a:
73:83:95:10:26:bd:1a:0d:90:14:2d:0e:6c:b9:03:
de:74:62:54:f2:9a:d1:34:14:eb:28:38:ad:dd:46:
1b:d5:ba:3e:12:e2:9d:5e:2a:04:3a:40:1b:68:18:
f5:9e:5a:1d:61:fd:a3:d2:8e:cb:b8:46:2d:a5:1b:
b2:d4:34:56:af:fd:45:0f:c4:c8:97:1f:bd:66:d6:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:AD:81:C7:72:A0:DF:23:60:8F:35:E5:39:AC:9C:93:DC:98:1D:8B
X509v3 Authority Key Identifier:
keyid:A6:94:F0:05:F5:97:7C:32:3E:CD:BE:A9:C5:F8:CC:A3:69:E6:5C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/La2Bx3Kg3yNgjzXlOayck9yYHYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/ppTwBfWXfDI-zb6pxfjMo2nmXGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.216.0/22
178.19.208.0/20
185.28.184.0/22
IPv6:
2a04:a40::/29
Signature Algorithm: sha256WithRSAEncryption
9c:eb:0e:92:2b:6b:e4:e7:13:79:ee:06:f1:fd:75:c4:71:e5:
ef:08:af:a9:cd:e8:8b:e3:0e:fd:ea:7a:dc:11:15:a7:69:60:
08:d4:82:69:91:c5:71:bf:f9:f3:f8:42:3e:29:b9:70:7f:28:
97:58:13:99:3e:a8:a6:ab:a0:fd:ec:a3:c8:a4:59:14:d9:8e:
17:7a:8e:f9:f5:e3:dd:04:6e:25:3f:96:5d:78:4d:ae:3a:99:
ec:78:07:7e:e2:3d:8c:61:58:b6:08:e8:6f:7a:8e:01:b5:09:
da:43:8d:fd:4e:d2:d8:72:5a:d4:3e:15:2a:88:d6:c1:9f:17:
6e:59:c9:5f:9c:2b:74:15:8b:8e:6f:77:66:53:35:2c:fe:70:
8a:57:42:3e:72:2d:7f:48:cb:4f:28:9e:cb:4d:5f:0e:ed:a8:
ea:ad:c0:73:b6:1c:04:88:34:ce:0b:45:0b:98:5e:9d:e7:47:
be:9b:35:b9:06:24:ab:d2:e9:8d:c4:9f:44:fe:69:79:15:79:
61:3d:32:8b:9a:06:42:e6:88:dd:f0:c7:0f:20:6d:23:f7:a4:
42:c9:22:91:4c:ca:d8:50:62:00:1d:6d:0b:78:dc:59:2c:d5:
e4:c6:24:36:13:1e:f7:a5:3d:57:de:4e:f8:1b:e3:35:a1:a8:
e1:9c:a0:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZXIcnzn270Lj3PbL3CSJUSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTRmMDA1ZjU5NzdjMzIzZWNkYmVhOWM1ZjhjY2EzNjll
NjVjNjcwHhcNMjUwMzI0MTM1ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGFkODFjNzcyYTBkZjIzNjA4ZjM1ZTUzOWFjOWM5M2RjOTgxZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe8rwuotsTkPUW//evuYITbtoJkE
DvgOzieolJTeYK+JoMJAbch+VHXb9poPoHHCisog+mi2C80lYdv4LsuMbnO8PdcG
MMPMYTFel5TUIlONpDbMRI7FL1roCo/rrvjysO44FbBAnEfwmETEGFYjL1i+9VvV
s1689sIUdfc6aDAcJ79hiTmHOZH9Lfw7kKYDBOcXozYFcJvqSL5v0ibwjRBQVDsl
GUPbmPK7sTRvbTBqYwpzg5UQJr0aDZAULQ5suQPedGJU8prRNBTrKDit3UYb1bo+
EuKdXioEOkAbaBj1nlodYf2j0o7LuEYtpRuy1DRWr/1FD8TIlx+9ZtbfEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC2tgcdyoN8jYI815TmsnJPcmB2LMB8GA1UdIwQY
MBaAFKaU8AX1l3wyPs2+qcX4zKNp5lxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBUd0JmV1hmREktemI2cHhmak1vMm5tWEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jNzkxODctMGQ3YS00OTBiLTkyYjAt
MWI1MjdjZTE2NTExLzEvTGEyQngzS2czeU5nanpYbE9heWNrOXlZSFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jNzkxODctMGQ3YS00OTBiLTkyYjAtMWI1MjdjZTE2NTEx
LzEvcHBUd0JmV1hmREktemI2cHhmak1vMm5tWEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCsH7YAwQE
shPQAwQCuRy4MA0EAgACMAcDBQMqBApAMA0GCSqGSIb3DQEBCwUAA4IBAQCc6w6S
K2vk5xN57gbx/XXEceXvCK+pzeiL4w796nrcERWnaWAI1IJpkcVxv/nz+EI+Kblw
fyiXWBOZPqimq6D97KPIpFkU2Y4Xeo759ePdBG4lP5ZdeE2uOpnseAd+4j2MYVi2
COhveo4BtQnaQ439TtLYclrUPhUqiNbBnxduWclfnCt0FYuOb3dmUzUs/nCKV0I+
ci1/SMtPKJ7LTV8O7ajqrcBzthwEiDTOC0ULmF6d50e+mzW5BiSr0umNxJ9E/ml5
FXlhPTKLmgZC5ojd8McPIG0j96RCySKRTMrYUGIAHW0LeNxZLNXkxiQ2Ex73pT1X
3k74G+M1oajhnKC/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net