Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/LF7l95kGKNm3QeT2Qx4rsVG6q2c.roa
File: LF7l95kGKNm3QeT2Qx4rsVG6q2c.roa (raw, json)
Hash identifier: jKT9RAPhg+2vhp/aPlK2AWW9oSPYGTYBnXz2ZpVTPS4=
Subject key identifier: 2C:5E:E5:F7:99:06:28:D9:B7:41:E4:F6:43:1E:2B:B1:51:BA:AB:67
Certificate issuer: /CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Certificate serial: 019424B3C3798D2C52814F5F1B5C12C63004
Authority key identifier: 96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/LF7l95kGKNm3QeT2Qx4rsVG6q2c.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40975
IP address blocks: 86.104.254.0/23 maxlen: 23
86.107.192.0/24 maxlen: 24
89.35.6.0/23 maxlen: 23
185.84.64.0/23 maxlen: 23
185.84.66.0/24 maxlen: 24
217.19.14.0/23 maxlen: 23
2a03:6fe0::/32 maxlen: 32
2a03:6fe0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c3:79:8d:2c:52:81:4f:5f:1b:5c:12:c6:30:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c5ee5f7990628d9b741e4f6431e2bb151baab67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6b:68:25:b6:87:37:34:ab:7b:ba:62:8a:af:
bd:d5:92:ad:67:39:19:43:36:f7:16:b5:6c:35:3a:
9b:0f:38:7e:24:b8:38:cf:f7:61:98:ac:bf:54:7e:
2f:c7:df:19:45:7a:d1:32:36:67:db:f7:0c:68:d7:
bd:08:51:31:da:7e:15:8d:e9:c8:ce:3f:10:12:f7:
ad:a6:3b:df:da:43:70:81:0e:ed:cd:72:5a:84:0e:
35:7e:cc:47:58:cf:76:d9:4b:6f:bd:94:d3:0b:c8:
35:28:9a:31:bb:85:aa:df:bc:5f:94:f1:43:96:e1:
e5:e9:a3:53:46:6a:42:01:18:ad:58:b8:ce:58:f5:
44:a5:d3:17:0b:89:08:4d:f8:01:38:56:08:15:5d:
a7:82:db:99:cf:e0:ae:44:6e:eb:67:48:73:93:4e:
ba:19:b7:08:95:d1:86:fb:ba:0a:7c:46:c3:29:1a:
a9:79:95:53:56:a7:05:32:ca:24:31:c5:f0:7e:80:
f1:f9:74:7c:02:87:e6:87:77:d7:71:fc:8c:83:e4:
8c:af:88:91:8a:bf:17:e4:eb:04:4a:b0:ad:44:15:
2c:74:f4:9f:ce:fc:28:96:cd:ef:ee:a6:cb:07:b9:
a3:93:93:db:e1:5a:c2:35:f0:cf:9b:2a:58:f0:8a:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5E:E5:F7:99:06:28:D9:B7:41:E4:F6:43:1E:2B:B1:51:BA:AB:67
X509v3 Authority Key Identifier:
keyid:96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/LF7l95kGKNm3QeT2Qx4rsVG6q2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.254.0/23
86.107.192.0/24
89.35.6.0/23
185.84.64.0-185.84.66.255
217.19.14.0/23
IPv6:
2a03:6fe0::/32
Signature Algorithm: sha256WithRSAEncryption
49:b0:58:bd:7b:62:7f:41:cc:ef:9e:fb:62:55:35:ac:43:c0:
97:d2:f4:43:d1:f6:65:d7:0e:48:26:80:8a:07:68:25:64:7d:
82:fc:00:8f:cb:35:ad:50:de:58:72:fc:f5:5b:7f:4b:b4:63:
90:c2:07:dc:82:86:b6:19:c2:88:9d:71:1d:06:e2:41:08:e0:
fb:99:db:59:2d:b1:da:1d:2f:88:aa:5b:c6:77:77:d1:cd:a9:
5e:d9:46:82:4f:56:11:b0:8e:43:0d:bd:51:84:98:ac:1c:99:
42:05:66:db:80:c3:ad:36:41:46:74:ee:48:98:6b:ee:5f:46:
f3:e9:5b:7d:1e:cf:b7:28:4c:43:30:bb:f9:7f:52:8e:54:77:
df:be:ec:1f:ec:1c:e4:f2:07:c9:4c:fe:a2:b4:5e:36:3d:46:
26:7f:0d:b3:70:55:88:f7:3b:80:37:86:36:27:61:71:4f:6b:
8b:35:58:78:1b:bc:34:69:3d:15:48:84:67:aa:2e:c3:09:52:
61:10:6a:e1:74:0b:62:fd:80:5f:a1:5f:41:f3:15:f0:42:4c:
40:90:d2:98:9d:1a:28:80:b2:85:74:5d:ec:71:6e:69:12:6c:
2d:9b:25:ab:19:fb:af:54:ef:e3:f7:c5:a5:0c:4b:c5:64:7f:
32:6e:ca:77
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQks8N5jSxSgU9fG1wSxjAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFlMzQ2MzkzOGIyNmY4M2I3NmYwYzRkZjgxZGZhYmIx
NWE0ZWIwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVlZTVmNzk5MDYyOGQ5Yjc0MWU0ZjY0MzFlMmJiMTUxYmFhYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GtoJbaHNzSre7piiq+91ZKtZzkZ
Qzb3FrVsNTqbDzh+JLg4z/dhmKy/VH4vx98ZRXrRMjZn2/cMaNe9CFEx2n4VjenI
zj8QEvetpjvf2kNwgQ7tzXJahA41fsxHWM922UtvvZTTC8g1KJoxu4Wq37xflPFD
luHl6aNTRmpCARitWLjOWPVEpdMXC4kITfgBOFYIFV2ngtuZz+CuRG7rZ0hzk066
GbcIldGG+7oKfEbDKRqpeZVTVqcFMsokMcXwfoDx+XR8Aofmh3fXcfyMg+SMr4iR
ir8X5OsESrCtRBUsdPSfzvwols3v7qbLB7mjk5Pb4VrCNfDPmypY8IoPuQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCxe5feZBijZt0Hk9kMeK7FRuqtnMB8GA1UdIwQY
MBaAFJYq40Y5OLJvg7dvDE34Hfq7FaTrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMt
OWVkZjBkMTdmYjkxLzEvTEY3bDk1a0dLTm0zUWVUMlF4NHJzVkc2cTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMtOWVkZjBkMTdmYjkx
LzEvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQBVmj+AwQA
VmvAAwQBWSMGMAwDBAa5VEADBAC5VEIDBAHZEw4wDQQCAAIwBwMFACoDb+AwDQYJ
KoZIhvcNAQELBQADggEBAEmwWL17Yn9BzO+e+2JVNaxDwJfS9EPR9mXXDkgmgIoH
aCVkfYL8AI/LNa1Q3lhy/PVbf0u0Y5DCB9yChrYZwoidcR0G4kEI4PuZ21ktsdod
L4iqW8Z3d9HNqV7ZRoJPVhGwjkMNvVGEmKwcmUIFZtuAw602QUZ07kiYa+5fRvPp
W30ez7coTEMwu/l/Uo5Ud9++7B/sHOTyB8lM/qK0XjY9RiZ/DbNwVYj3O4A3hjYn
YXFPa4s1WHgbvDRpPRVIhGeqLsMJUmEQauF0C2L9gF+hX0HzFfBCTECQ0pidGiiA
soV0XexxbmkSbC2bJasZ+69U7+P3xaUMS8VkfzJuync=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:49 2025 by rpki-client