Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/LCemnTpczFtE1g2ATCfFhWPHCtg.roa
File: LCemnTpczFtE1g2ATCfFhWPHCtg.roa (raw, json)
Hash identifier: wLYUpeyO+aDMwYaauYXgUyYpdv9PkxI35CV9X5ARxFE=
Subject key identifier: 2C:27:A6:9D:3A:5C:CC:5B:44:D6:0D:80:4C:27:C5:85:63:C7:0A:D8
Certificate issuer: /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial: 0195CD8BC5909EC1DE199B3838202B7A1BBD
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/LCemnTpczFtE1g2ATCfFhWPHCtg.roa
Signing time: Tue 25 Mar 2025 13:44:04 +0000
ROA not before: Tue 25 Mar 2025 13:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210021
IP address blocks: 194.127.109.0/24 maxlen: 24
194.127.111.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:8b:c5:90:9e:c1:de:19:9b:38:38:20:2b:7a:1b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
Validity
Not Before: Mar 25 13:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c27a69d3a5ccc5b44d60d804c27c58563c70ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:55:b9:e1:2f:f4:a4:99:9f:38:9b:08:c4:bd:
8b:0c:77:c8:7b:b7:f5:b4:71:59:b0:d0:f7:88:fb:
24:c9:81:26:97:41:55:67:42:d4:73:b2:72:b0:73:
24:81:d4:12:7c:39:10:c3:a7:53:24:f3:3b:b6:32:
56:43:cf:9c:13:5e:77:96:11:40:c1:47:04:dd:d6:
f6:c6:29:a3:21:9b:ed:2a:70:ed:d2:55:39:91:ef:
19:3e:29:09:c4:25:41:cd:d1:51:63:66:42:39:f3:
c7:ed:8b:f4:92:10:bb:e7:38:b8:0e:26:11:37:97:
a7:91:07:87:66:a5:31:41:85:18:8e:e5:da:b1:2e:
9d:34:df:c0:16:bb:99:4a:87:a9:78:db:16:9a:2f:
c9:70:ef:44:5d:c8:09:db:7e:61:0e:5d:4f:7e:67:
2c:9a:a6:50:3f:d5:65:bf:e3:f6:4e:79:1b:2c:b6:
ae:ff:c1:81:f5:48:d9:09:db:5f:b4:e3:50:11:03:
46:cb:80:85:aa:03:90:42:83:89:4b:7d:36:db:b0:
c0:05:05:38:e1:70:a6:ce:fb:dc:ea:25:9d:24:a5:
f7:5d:59:32:5b:c1:af:6c:af:92:c6:e4:54:33:6a:
bd:0d:ad:48:17:da:f2:80:50:9c:47:51:f6:a4:29:
be:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:27:A6:9D:3A:5C:CC:5B:44:D6:0D:80:4C:27:C5:85:63:C7:0A:D8
X509v3 Authority Key Identifier:
keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/LCemnTpczFtE1g2ATCfFhWPHCtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.109.0/24
194.127.111.0/24
Signature Algorithm: sha256WithRSAEncryption
45:64:03:91:65:67:d7:a6:18:60:f6:1d:6b:df:3c:25:ef:22:
77:8d:02:ff:08:eb:2b:8e:e2:ad:db:69:f1:5a:f3:00:67:f2:
0d:f4:d8:ee:8d:60:88:59:c2:7d:2b:86:63:73:eb:4e:53:cc:
60:75:70:c9:a0:6d:ed:ff:6c:03:45:bc:3c:ee:d9:09:b0:0f:
8d:ed:cc:57:07:e3:1c:15:66:11:4d:d4:9c:6f:17:64:24:f0:
ca:11:35:72:ae:5a:19:44:7e:22:c5:34:8f:4e:47:4d:bc:48:
4b:59:13:5e:38:9a:a7:fc:d5:d9:62:a3:f5:4c:06:3d:c5:4b:
91:62:55:56:a4:96:c9:7d:3c:1c:80:9b:d9:cf:a9:04:4b:9c:
70:c4:3b:c3:bf:45:e1:11:76:69:82:94:0a:1a:ca:bd:89:ef:
6b:c2:fa:59:43:ec:2c:b1:61:cb:d4:d6:14:e5:08:95:2a:80:
56:6d:1a:9c:bd:e3:05:ac:4c:50:b4:6b:66:65:7e:fa:ab:aa:
16:c0:47:26:72:0b:2b:1b:06:be:7e:8f:af:80:e4:e7:66:26:
6f:fd:f9:a3:d8:72:2a:c1:0f:c9:f3:bd:9e:10:3c:6b:95:c9:
93:3d:76:2e:6f:6f:01:ec:5c:b0:40:99:60:d3:46:ba:40:01:
17:a1:c6:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXNi8WQnsHeGZs4OCArehu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjUwMzI1MTM0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzI3YTY5ZDNhNWNjYzViNDRkNjBkODA0YzI3YzU4NTYzYzcwYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVW54S/0pJmfOJsIxL2LDHfIe7f1
tHFZsND3iPskyYEml0FVZ0LUc7JysHMkgdQSfDkQw6dTJPM7tjJWQ8+cE153lhFA
wUcE3db2ximjIZvtKnDt0lU5ke8ZPikJxCVBzdFRY2ZCOfPH7Yv0khC75zi4DiYR
N5enkQeHZqUxQYUYjuXasS6dNN/AFruZSoepeNsWmi/JcO9EXcgJ235hDl1Pfmcs
mqZQP9Vlv+P2TnkbLLau/8GB9UjZCdtftONQEQNGy4CFqgOQQoOJS30227DABQU4
4XCmzvvc6iWdJKX3XVkyW8GvbK+SxuRUM2q9Da1IF9rygFCcR1H2pCm+nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCwnpp06XMxbRNYNgEwnxYVjxwrYMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvTENlbW5UcGN6RnRFMWcyQVRDZkZoV1BIQ3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn9tAwQA
wn9vMA0GCSqGSIb3DQEBCwUAA4IBAQBFZAORZWfXphhg9h1r3zwl7yJ3jQL/COsr
juKt22nxWvMAZ/IN9NjujWCIWcJ9K4Zjc+tOU8xgdXDJoG3t/2wDRbw87tkJsA+N
7cxXB+McFWYRTdScbxdkJPDKETVyrloZRH4ixTSPTkdNvEhLWRNeOJqn/NXZYqP1
TAY9xUuRYlVWpJbJfTwcgJvZz6kES5xwxDvDv0XhEXZpgpQKGsq9ie9rwvpZQ+ws
sWHL1NYU5QiVKoBWbRqcveMFrExQtGtmZX76q6oWwEcmcgsrGwa+fo+vgOTnZiZv
/fmj2HIqwQ/J872eEDxrlcmTPXYub28B7FywQJlg00a6QAEXocaR
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:32:07 2025 by rpki-client on console.sobornost.net