Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/lORzWHU6eGYpOrdQljnnSnCRifg.roa
File: lORzWHU6eGYpOrdQljnnSnCRifg.roa (raw, json)
Hash identifier: xLrnA9heu6FGOjlUwaShNEgWikO8uHVdramvVkQsIMM=
Subject key identifier: 94:E4:73:58:75:3A:78:66:29:3A:B7:50:96:39:E7:4A:70:91:89:F8
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 018CC87151603A5655BFEBF9A3BBD0589119
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/lORzWHU6eGYpOrdQljnnSnCRifg.roa
Signing time: Tue 02 Jan 2024 04:31:58 +0000
ROA not before: Tue 02 Jan 2024 04:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50214
IP address blocks: 185.12.125.0/24 maxlen: 24
185.12.124.0/24 maxlen: 24
185.12.126.0/24 maxlen: 24
185.12.127.0/24 maxlen: 24
95.181.150.0/24 maxlen: 24
95.181.152.0/24 maxlen: 24
95.181.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:51:60:3a:56:55:bf:eb:f9:a3:bb:d0:58:91:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Jan 2 04:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94e47358753a7866293ab7509639e74a709189f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d4:2e:3d:3d:4c:06:fd:b1:90:68:70:fa:55:
2d:d1:a9:9a:ad:be:4f:d7:1a:55:73:4d:a6:34:20:
48:57:22:71:fc:54:96:33:6f:89:a1:ec:c3:88:95:
13:55:47:32:48:75:30:e5:8c:b1:13:bb:af:e9:9e:
05:41:6b:4b:a2:6c:01:3f:8f:4f:b3:03:da:34:4a:
b9:30:a5:31:26:07:5a:9e:39:64:bf:73:bb:ec:55:
45:42:13:2c:12:5f:7d:74:8c:31:2d:69:ad:35:44:
67:02:6d:3a:d4:0d:a2:f6:44:41:56:25:32:26:02:
33:b6:83:3a:f0:9c:b2:44:5b:3c:33:16:bf:bc:ae:
57:64:5d:ec:8b:e6:9c:5f:0b:74:c3:3b:89:4a:03:
3a:40:5a:3a:6e:c0:95:3d:ae:22:04:c4:ae:c1:73:
87:e2:ea:45:d2:28:27:c8:db:51:7a:e9:e1:e6:0c:
54:c0:d2:a9:09:e6:99:7c:3a:dd:19:e4:3f:36:4c:
ee:3b:3e:02:ea:b8:d2:b8:89:a4:02:1e:d0:f0:35:
18:e4:02:dd:76:70:1b:43:4c:bb:2b:77:bc:60:7f:
85:62:54:fd:12:9e:f6:36:af:86:e1:db:84:04:44:
12:96:09:99:99:6e:4f:d9:ed:39:ca:65:54:4c:a3:
6f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E4:73:58:75:3A:78:66:29:3A:B7:50:96:39:E7:4A:70:91:89:F8
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/lORzWHU6eGYpOrdQljnnSnCRifg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.150.0/24
95.181.152.0/24
95.181.171.0/24
185.12.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:66:4b:b5:ac:b5:eb:8e:d4:26:86:be:3c:55:c8:5d:0f:7b:
54:9e:a1:7c:fd:88:ef:9a:9d:5b:cd:07:4c:1c:c1:34:29:dd:
7f:16:62:eb:41:f8:42:5a:9e:7a:55:f1:29:38:40:4a:ae:11:
a4:60:76:c4:74:ea:6d:48:ac:b6:ca:9f:10:a0:38:f9:83:bb:
a8:56:12:77:5c:52:a1:18:60:36:6a:f5:a0:b5:5e:6d:27:9c:
25:b6:60:8d:94:cd:7a:1b:9b:fd:8e:be:19:8b:54:e2:83:96:
32:4f:5b:aa:f0:3d:e3:2c:85:35:61:bc:7d:a8:e8:ac:a3:92:
70:97:93:9e:3d:e3:93:a4:80:8f:58:eb:69:d0:16:3f:61:23:
19:7b:4b:57:9a:91:fd:0b:03:98:2c:26:41:a1:7e:02:ab:26:
36:67:b0:05:d4:06:8e:85:04:ed:6b:dc:77:b1:70:b8:6f:84:
3d:4e:28:53:4b:d4:56:b2:df:b9:95:a8:5b:f3:e0:42:02:3d:
2b:c5:ed:48:68:ce:69:3b:f0:42:81:df:86:3b:14:29:98:7c:
15:5f:34:43:2a:30:f2:ce:f3:14:07:c4:39:3b:f4:a4:07:bf:
8f:ef:e1:d0:f1:04:04:41:06:a2:1a:95:67:60:e7:9d:89:88:
32:b5:30:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcVFgOlZVv+v5o7vQWJEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQwMTAyMDQzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU0NzM1ODc1M2E3ODY2MjkzYWI3NTA5NjM5ZTc0YTcwOTE4OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtQuPT1MBv2xkGhw+lUt0amarb5P
1xpVc02mNCBIVyJx/FSWM2+JoezDiJUTVUcySHUw5YyxE7uv6Z4FQWtLomwBP49P
swPaNEq5MKUxJgdanjlkv3O77FVFQhMsEl99dIwxLWmtNURnAm061A2i9kRBViUy
JgIztoM68JyyRFs8Mxa/vK5XZF3si+acXwt0wzuJSgM6QFo6bsCVPa4iBMSuwXOH
4upF0ignyNtReunh5gxUwNKpCeaZfDrdGeQ/NkzuOz4C6rjSuImkAh7Q8DUY5ALd
dnAbQ0y7K3e8YH+FYlT9Ep72Nq+G4duEBEQSlgmZmW5P2e05ymVUTKNvdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJTkc1h1OnhmKTq3UJY550pwkYn4MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvbE9SeldIVTZlR1lwT3JkUWxqbm5TbkNSaWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX7WWAwQA
X7WYAwQAX7WrAwQCuQx8MA0GCSqGSIb3DQEBCwUAA4IBAQAKZku1rLXrjtQmhr48
VchdD3tUnqF8/Yjvmp1bzQdMHME0Kd1/FmLrQfhCWp56VfEpOEBKrhGkYHbEdOpt
SKy2yp8QoDj5g7uoVhJ3XFKhGGA2avWgtV5tJ5wltmCNlM16G5v9jr4Zi1Tig5Yy
T1uq8D3jLIU1Ybx9qOiso5Jwl5OePeOTpICPWOtp0BY/YSMZe0tXmpH9CwOYLCZB
oX4CqyY2Z7AF1AaOhQTta9x3sXC4b4Q9TihTS9RWst+5lahb8+BCAj0rxe1IaM5p
O/BCgd+GOxQpmHwVXzRDKjDyzvMUB8Q5O/SkB7+P7+HQ8QQEQQaiGpVnYOediYgy
tTBY
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:47 2025 by rpki-client