Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/L_f_G_DAS-PndMSomCegEakGUXo.roa
File: L_f_G_DAS-PndMSomCegEakGUXo.roa (raw, json)
Hash identifier: MKZgnF0UjBLWLCCPlTkl22mDtPBHewVcfvCoOfEvyCg=
Subject key identifier: 2F:F7:FF:1B:F0:C0:4B:E3:E7:74:C4:A8:98:27:A0:11:A9:06:51:7A
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 01942521CE22CF728CA0F478F8063BB20FE3
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/L_f_G_DAS-PndMSomCegEakGUXo.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60267
IP address blocks: 185.87.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ce:22:cf:72:8c:a0:f4:78:f8:06:3b:b2:0f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ff7ff1bf0c04be3e774c4a89827a011a906517a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ed:5f:90:76:2c:e7:e0:5d:4e:79:63:fe:ae:
61:00:20:6b:0d:93:3a:5b:e2:54:52:e8:f6:d9:d2:
93:fa:37:55:9a:a9:11:a7:ab:0b:5c:ec:3c:b0:2e:
cf:03:fe:46:24:b2:0b:49:e0:be:80:2b:64:e1:a8:
77:28:6e:fd:40:4a:68:e5:1f:26:0f:43:06:06:d5:
e2:1a:f0:5b:29:a4:fb:c3:a4:d7:05:cc:9d:8d:4b:
24:1d:1d:7c:14:d9:61:07:ce:24:37:c7:2f:0a:ca:
65:4b:8d:d4:00:fa:73:8f:96:67:ca:bf:28:ad:39:
66:85:91:32:40:38:e6:80:37:77:71:17:b5:23:56:
27:fe:a1:01:ea:aa:b4:0a:10:05:f6:83:c9:69:6d:
fc:fb:f7:3a:71:e2:55:81:f9:61:ef:3f:1d:0f:19:
78:e3:b8:4f:21:9c:04:62:b9:cd:ea:7c:a5:43:a0:
b6:9f:31:87:5e:50:df:cf:ab:48:39:fd:cb:d3:b3:
b1:83:cd:d2:9c:4e:08:ef:24:60:cc:4f:67:4b:3c:
32:8c:17:d1:ea:b1:3a:4b:b7:34:8c:9d:29:0d:84:
e2:10:d9:c5:6c:94:58:9e:1a:b2:20:2c:59:11:bd:
54:1a:1a:0a:1f:3e:1e:99:97:cb:b9:f4:ba:3f:6a:
e7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F7:FF:1B:F0:C0:4B:E3:E7:74:C4:A8:98:27:A0:11:A9:06:51:7A
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/L_f_G_DAS-PndMSomCegEakGUXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.96.0/22
Signature Algorithm: sha256WithRSAEncryption
77:40:4d:a5:d1:2b:50:ce:87:07:61:cf:b3:1f:5d:fd:aa:38:
9d:fa:6b:6d:e4:de:72:55:a7:40:77:bf:35:4c:6f:02:c9:15:
cd:12:77:f8:84:de:06:12:04:b0:0e:91:d8:d2:84:d8:1f:e3:
24:99:63:4d:a0:50:52:65:c7:af:12:08:b8:ff:48:6d:2f:34:
d0:11:eb:6a:95:c7:04:eb:91:dc:86:5b:8d:d6:12:40:74:9b:
4c:0d:3c:c0:26:3e:e3:95:ae:4d:0f:ff:4a:a3:9a:97:a2:ab:
48:51:1a:dd:52:c2:9a:4e:de:9b:66:4e:0a:32:ac:fc:89:2c:
84:d5:9e:ee:66:de:af:96:dc:aa:07:19:5f:b6:6c:3b:98:4c:
db:f2:7e:9c:2c:f3:b9:fc:6f:f1:f9:1b:6f:5f:a0:66:e4:6a:
cd:19:e4:48:0b:26:40:7e:ba:90:e2:3f:65:ab:f9:2a:04:77:
ff:47:e6:56:f0:cd:f4:6f:0b:6f:9c:09:6e:b1:2c:16:4e:22:
c2:bc:7a:4c:66:38:6f:91:85:63:0f:a5:dd:70:13:e5:da:36:
94:db:82:c1:81:e5:ff:51:9c:ba:11:61:d3:fb:12:5e:3f:bf:
3b:0c:0e:d6:be:44:65:b5:bc:94:f9:57:25:db:75:3e:1f:43:
3c:46:11:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIc4iz3KMoPR4+AY7sg/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZDZmZjEzNGJkNjU2ZjBjZTE0ZDQxMGIwMmJlYzU1MWVi
NjlhMmMwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY3ZmYxYmYwYzA0YmUzZTc3NGM0YTg5ODI3YTAxMWE5MDY1MTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7u1fkHYs5+BdTnlj/q5hACBrDZM6
W+JUUuj22dKT+jdVmqkRp6sLXOw8sC7PA/5GJLILSeC+gCtk4ah3KG79QEpo5R8m
D0MGBtXiGvBbKaT7w6TXBcydjUskHR18FNlhB84kN8cvCsplS43UAPpzj5Znyr8o
rTlmhZEyQDjmgDd3cRe1I1Yn/qEB6qq0ChAF9oPJaW38+/c6ceJVgflh7z8dDxl4
47hPIZwEYrnN6nylQ6C2nzGHXlDfz6tIOf3L07Oxg83SnE4I7yRgzE9nSzwyjBfR
6rE6S7c0jJ0pDYTiENnFbJRYnhqyICxZEb1UGhoKHz4emZfLufS6P2rncQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/3/xvwwEvj53TEqJgnoBGpBlF6MB8GA1UdIwQY
MBaAFFTW/xNL1lbwzhTUELAr7FUetposMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDIt
NjQyNzhjMGQ4ZWJmLzEvTF9mX0dfREFTLVBuZE1Tb21DZWdFYWtHVVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDItNjQyNzhjMGQ4ZWJm
LzEvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVdgMA0G
CSqGSIb3DQEBCwUAA4IBAQB3QE2l0StQzocHYc+zH139qjid+mtt5N5yVadAd781
TG8CyRXNEnf4hN4GEgSwDpHY0oTYH+MkmWNNoFBSZcevEgi4/0htLzTQEetqlccE
65HchluN1hJAdJtMDTzAJj7jla5ND/9Ko5qXoqtIURrdUsKaTt6bZk4KMqz8iSyE
1Z7uZt6vltyqBxlftmw7mEzb8n6cLPO5/G/x+RtvX6Bm5GrNGeRICyZAfrqQ4j9l
q/kqBHf/R+ZW8M30bwtvnAlusSwWTiLCvHpMZjhvkYVjD6XdcBPl2jaU24LBgeX/
UZy6EWHT+xJeP787DA7WvkRltbyU+Vcl23U+H0M8RhFg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net