Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/luNvLtKD-DOQJpBUeL1aF_d3VP0.roa
File: luNvLtKD-DOQJpBUeL1aF_d3VP0.roa (raw, json)
Hash identifier: Q2ygPEhYS7ZGt1PTIM6raLUf+Ho8MzUsRUXw4zHyNlc=
Subject key identifier: 96:E3:6F:2E:D2:83:F8:33:90:26:90:54:78:BD:5A:17:F7:77:54:FD
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3B9A73213E86B8FDF8E5EED3EB007
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/luNvLtKD-DOQJpBUeL1aF_d3VP0.roa
Signing time: Thu 02 Jan 2025 01:49:05 +0000
ROA not before: Thu 02 Jan 2025 01:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 266827
IP address blocks: 95.164.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b9:a7:32:13:e8:6b:8f:df:8e:5e:ed:3e:b0:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96e36f2ed283f8339026905478bd5a17f77754fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fc:0f:b5:8a:bd:89:c2:3f:84:7b:c6:d4:77:
90:9c:95:d3:7d:37:1c:09:0e:33:e2:68:01:83:f8:
44:44:83:73:09:e7:f0:7b:ee:24:ec:43:a2:09:86:
e5:f3:c5:68:86:db:65:b1:06:6e:52:3f:ce:a0:58:
32:bf:65:f1:de:07:9c:dc:e6:87:ed:5f:a1:aa:1f:
5a:f2:12:9a:e6:64:8d:c7:3d:c3:a2:45:9c:0a:d3:
b7:b7:92:77:84:3d:7c:c7:06:c4:4a:f9:ae:09:a0:
67:d8:44:ea:f8:2f:21:dd:20:4f:ec:7b:b4:fb:96:
9a:aa:47:7d:6d:de:6c:61:97:0e:97:93:40:bd:f5:
b0:13:41:67:ed:dc:7c:f3:1a:14:c5:ee:c0:fc:0d:
3a:32:8a:40:86:dc:cd:3b:7a:af:89:6f:ba:fc:ae:
27:8c:e3:82:a3:88:68:c0:d3:eb:df:b7:08:be:09:
f5:b2:e2:a5:2b:35:b0:a8:de:28:df:db:2e:e2:04:
8d:9d:20:18:10:34:32:72:2c:4e:75:5d:3c:62:9b:
38:2c:7b:73:e9:b6:d6:4b:9b:c6:74:a7:37:0f:3b:
ba:84:70:c7:8f:44:40:3b:23:80:98:96:7c:05:97:
36:dd:77:d7:41:ff:09:2c:a6:c8:8f:81:6d:ae:a7:
d4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E3:6F:2E:D2:83:F8:33:90:26:90:54:78:BD:5A:17:F7:77:54:FD
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/luNvLtKD-DOQJpBUeL1aF_d3VP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.149.0/24
Signature Algorithm: sha256WithRSAEncryption
07:47:69:85:0e:8b:20:c5:20:f0:7b:6e:43:a0:22:df:96:11:
c0:68:e3:67:aa:62:3c:c5:47:47:b4:5d:3a:65:61:97:18:49:
0a:f1:7a:0e:6e:f1:82:1f:aa:8c:ab:d5:4c:92:1b:a6:05:58:
b7:a0:37:7e:c1:b5:97:b2:cc:9c:8a:db:4b:c7:f9:6e:11:76:
7a:76:e9:bb:6c:9a:87:26:a4:21:42:c5:ca:0c:09:2d:d7:3b:
ac:e5:58:04:05:52:63:34:d3:1a:53:31:93:12:cb:a2:cc:23:
9f:46:8c:dc:3b:55:ca:84:66:f7:e9:bf:4d:19:56:d4:84:a0:
4e:d4:05:08:6e:a1:98:b5:99:b8:67:f3:3d:bd:e5:c5:fc:56:
be:ab:ff:e1:3d:78:3e:9e:36:cf:0d:6f:2f:1e:f9:28:eb:9b:
1b:7c:07:4e:8c:0d:03:4d:24:48:16:af:98:2e:0d:46:cf:e8:
57:eb:50:06:30:0b:ba:ee:e5:d8:6d:f1:fd:08:d5:be:d7:ae:
d1:36:a0:68:af:ca:4e:62:e9:82:a0:a4:b8:64:cb:4d:80:b7:
64:4a:75:72:92:43:48:f7:74:69:49:c6:1a:8d:59:6a:3a:04:
ca:d6:29:26:da:62:f9:97:f2:c6:e8:00:11:11:2c:f6:74:66:
aa:99:d2:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks7mnMhPoa4/fjl7tPrAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmUzNmYyZWQyODNmODMzOTAyNjkwNTQ3OGJkNWExN2Y3Nzc1NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/wPtYq9icI/hHvG1HeQnJXTfTcc
CQ4z4mgBg/hERINzCefwe+4k7EOiCYbl88VohttlsQZuUj/OoFgyv2Xx3gec3OaH
7V+hqh9a8hKa5mSNxz3DokWcCtO3t5J3hD18xwbESvmuCaBn2ETq+C8h3SBP7Hu0
+5aaqkd9bd5sYZcOl5NAvfWwE0Fn7dx88xoUxe7A/A06MopAhtzNO3qviW+6/K4n
jOOCo4howNPr37cIvgn1suKlKzWwqN4o39su4gSNnSAYEDQycixOdV08Yps4LHtz
6bbWS5vGdKc3Dzu6hHDHj0RAOyOAmJZ8BZc23XfXQf8JLKbIj4FtrqfUeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbjby7Sg/gzkCaQVHi9Whf3d1T9MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbHVOdkx0S0QtRE9RSnBCVWVMMWFGX2QzVlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6SVMA0G
CSqGSIb3DQEBCwUAA4IBAQAHR2mFDosgxSDwe25DoCLflhHAaONnqmI8xUdHtF06
ZWGXGEkK8XoObvGCH6qMq9VMkhumBVi3oDd+wbWXssycittLx/luEXZ6dum7bJqH
JqQhQsXKDAkt1zus5VgEBVJjNNMaUzGTEsuizCOfRozcO1XKhGb36b9NGVbUhKBO
1AUIbqGYtZm4Z/M9veXF/Fa+q//hPXg+njbPDW8vHvko65sbfAdOjA0DTSRIFq+Y
Lg1Gz+hX61AGMAu67uXYbfH9CNW+167RNqBor8pOYumCoKS4ZMtNgLdkSnVykkNI
93RpScYajVlqOgTK1ikm2mL5l/LG6AARESz2dGaqmdJH
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:32:10 2025 by rpki-client