Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/LLdZ4ZmvZnpaRNlUA2Kyl5H7LqM.roa
File: LLdZ4ZmvZnpaRNlUA2Kyl5H7LqM.roa (raw, json)
Hash identifier: m+2gRWKKIJVlNnRQffV0OjxoUkQXdmJESbLTKwvuZh0=
Subject key identifier: 2C:B7:59:E1:99:AF:66:7A:5A:44:D9:54:03:62:B2:97:91:FB:2E:A3
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424451250A69FA629D83EAAD78D765830
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/LLdZ4ZmvZnpaRNlUA2Kyl5H7LqM.roa
Signing time: Wed 01 Jan 2025 23:48:13 +0000
ROA not before: Wed 01 Jan 2025 23:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35048
IP address blocks: 2.59.50.0/24 maxlen: 24
5.183.130.0/24 maxlen: 24
45.11.20.0/24 maxlen: 24
45.11.21.0/24 maxlen: 24
45.15.236.0/24 maxlen: 24
45.15.237.0/24 maxlen: 24
45.84.176.0/24 maxlen: 24
45.84.177.0/24 maxlen: 24
45.90.196.0/24 maxlen: 24
45.135.32.0/24 maxlen: 24
45.135.33.0/24 maxlen: 24
92.119.193.0/24 maxlen: 24
94.158.190.0/24 maxlen: 24
193.53.168.0/24 maxlen: 24
193.58.168.0/24 maxlen: 24
193.58.169.0/24 maxlen: 24
194.32.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:12:50:a6:9f:a6:29:d8:3e:aa:d7:8d:76:58:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2cb759e199af667a5a44d9540362b29791fb2ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:78:26:f9:99:94:3a:21:f6:97:86:cc:f7:f6:
ea:bf:f4:a6:98:bc:62:e8:d3:bd:fa:6e:dc:41:2a:
0f:6b:68:59:db:b1:1a:65:fc:0f:0c:17:b0:df:73:
f2:9e:c7:51:b5:35:ff:ee:43:ab:17:52:ab:52:9f:
83:76:b2:20:30:7b:23:23:2d:53:ad:58:a8:43:00:
ed:af:bf:99:08:12:14:f6:09:34:fa:d8:c3:cb:d1:
26:37:39:12:d2:69:15:48:6e:6f:16:e2:55:22:04:
f9:d7:89:fd:57:f4:c7:29:9a:30:f2:f7:32:30:a4:
b8:54:3b:23:be:af:4d:39:36:bf:a6:cd:d5:06:e6:
76:05:4b:7a:99:f6:16:ad:32:d9:3a:5a:14:52:22:
44:b2:41:91:9d:36:48:89:16:4d:48:bf:3e:ea:50:
5f:fb:bf:88:01:22:ac:b9:ea:4c:29:f2:f5:73:3a:
97:73:58:36:ea:91:51:8c:3f:c2:f5:64:4d:ed:a2:
a4:aa:b9:63:21:e0:18:57:c1:34:ab:e4:71:7e:2e:
ac:3d:79:f2:25:c8:9d:d4:ed:4e:4c:81:ce:07:f0:
c7:43:8c:fd:e5:b4:0e:d4:60:18:6e:0b:62:cb:4d:
8b:72:18:96:37:08:2e:5f:e3:64:5e:07:1f:91:a5:
cf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B7:59:E1:99:AF:66:7A:5A:44:D9:54:03:62:B2:97:91:FB:2E:A3
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/LLdZ4ZmvZnpaRNlUA2Kyl5H7LqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.50.0/24
5.183.130.0/24
45.11.20.0/23
45.15.236.0/23
45.84.176.0/23
45.90.196.0/24
45.135.32.0/23
92.119.193.0/24
94.158.190.0/24
193.53.168.0/24
193.58.168.0/23
194.32.237.0/24
Signature Algorithm: sha256WithRSAEncryption
25:78:f6:49:31:81:ad:fb:94:a7:fb:e2:bf:16:ac:2d:50:61:
fe:ff:48:0b:3f:1c:ca:e6:a0:6d:44:da:84:cb:4b:fc:49:a0:
4a:4b:25:63:b0:ae:13:8c:e4:66:3e:2d:18:bd:d2:c1:a8:ed:
85:3f:87:68:d9:9f:23:95:03:ea:d0:36:a2:ff:be:ce:eb:b6:
f9:1a:8d:0d:9b:5e:f9:1c:db:04:cb:09:4c:c7:b3:23:f5:f9:
f7:a7:e9:ef:64:c6:c7:9f:0d:d8:39:dc:57:99:94:2b:e3:83:
18:79:8b:fa:7c:13:b9:c8:95:1d:49:20:24:60:94:33:33:60:
2a:f9:0e:47:bf:87:41:fb:1b:5c:91:a0:67:63:81:3c:8f:cc:
b4:7f:71:b5:ff:f6:98:57:dd:99:1e:a6:91:7b:d0:44:d7:89:
4d:15:1e:91:e5:86:04:f8:fe:cc:e8:ae:d5:ec:03:8d:cb:88:
b1:82:a3:7f:e5:9b:ac:72:39:64:fd:ae:50:fb:4b:53:15:b0:
2b:db:7f:c0:3e:f4:0b:c7:21:07:ee:12:1a:a4:ce:5c:30:a6:
37:c1:16:ba:e0:51:07:64:51:da:d9:a0:6b:fe:85:62:89:48:
0f:51:29:ea:8b:ac:c4:8d:0f:9c:3a:81:db:0c:d9:1f:04:1e:
d1:e2:c6:ad
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQkRRJQpp+mKdg+qteNdlgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2I3NTllMTk5YWY2NjdhNWE0NGQ5NTQwMzYyYjI5NzkxZmIyZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHgm+ZmUOiH2l4bM9/bqv/SmmLxi
6NO9+m7cQSoPa2hZ27EaZfwPDBew33PynsdRtTX/7kOrF1KrUp+DdrIgMHsjIy1T
rVioQwDtr7+ZCBIU9gk0+tjDy9EmNzkS0mkVSG5vFuJVIgT514n9V/THKZow8vcy
MKS4VDsjvq9NOTa/ps3VBuZ2BUt6mfYWrTLZOloUUiJEskGRnTZIiRZNSL8+6lBf
+7+IASKsuepMKfL1czqXc1g26pFRjD/C9WRN7aKkqrljIeAYV8E0q+Rxfi6sPXny
Jcid1O1OTIHOB/DHQ4z95bQO1GAYbgtiy02LchiWNwguX+NkXgcfkaXPRwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCy3WeGZr2Z6WkTZVANispeR+y6jMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvTExkWjRabXZabnBhUk5sVUEyS3lsNUg3THFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAjsyAwQA
BbeCAwQBLQsUAwQBLQ/sAwQBLVSwAwQALVrEAwQBLYcgAwQAXHfBAwQAXp6+AwQA
wTWoAwQBwTqoAwQAwiDtMA0GCSqGSIb3DQEBCwUAA4IBAQAlePZJMYGt+5Sn++K/
FqwtUGH+/0gLPxzK5qBtRNqEy0v8SaBKSyVjsK4TjORmPi0YvdLBqO2FP4do2Z8j
lQPq0Dai/77O67b5Go0Nm175HNsEywlMx7Mj9fn3p+nvZMbHnw3YOdxXmZQr44MY
eYv6fBO5yJUdSSAkYJQzM2Aq+Q5Hv4dB+xtckaBnY4E8j8y0f3G1//aYV92ZHqaR
e9BE14lNFR6R5YYE+P7M6K7V7AONy4ixgqN/5Zuscjlk/a5Q+0tTFbAr23/APvQL
xyEH7hIapM5cMKY3wRa64FEHZFHa2aBr/oViiUgPUSnqi6zEjQ+cOoHbDNkfBB7R
4sat
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:05:44 2025 by rpki-client