Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/lcfR_JsPJRj5rRx87P4nWrH8YqQ.roa
File: lcfR_JsPJRj5rRx87P4nWrH8YqQ.roa (raw, json)
Hash identifier: BkBySxEgH50Xsxv2N8O4jEf8j0p6ZCPZJbJ1L+6t1zE=
Subject key identifier: 95:C7:D1:FC:9B:0F:25:18:F9:AD:1C:7C:EC:FE:27:5A:B1:FC:62:A4
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5C99A274A7971A979E70649DED11E
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/lcfR_JsPJRj5rRx87P4nWrH8YqQ.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43278
IP address blocks: 85.8.186.0/24 maxlen: 24
91.220.80.0/24 maxlen: 24
194.147.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c9:9a:27:4a:79:71:a9:79:e7:06:49:de:d1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95c7d1fc9b0f2518f9ad1c7cecfe275ab1fc62a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:52:df:6f:37:8e:ce:ae:a9:a2:37:67:0a:0b:
a6:bb:ce:43:be:9f:ff:0a:72:4b:08:5a:73:b5:c7:
d5:fa:16:57:b4:e9:75:db:79:45:21:41:9b:a8:02:
38:f8:e6:29:a2:37:79:5e:16:6f:ee:e0:d4:82:8d:
c8:db:e7:06:de:dd:90:bd:43:2e:1b:a4:8b:44:9b:
92:9a:5b:84:c7:8c:ad:d4:3c:df:51:65:38:5e:23:
02:1b:b4:61:1d:3a:9f:b4:a0:1c:0e:1a:af:d7:57:
29:dd:a1:be:bc:ad:47:9f:f6:4f:81:8d:81:63:c8:
b1:50:97:2e:da:1c:d7:d6:85:7e:90:f6:2f:60:4f:
b0:67:e7:e5:5d:5c:51:f2:be:b7:d9:72:92:48:33:
a7:54:72:71:07:13:bf:b4:43:25:87:69:29:3e:3a:
0f:24:92:d4:86:7f:06:88:71:4c:eb:38:5a:de:88:
81:1a:43:b0:a6:36:c2:c3:3e:68:5b:b6:5e:09:41:
bf:7c:72:86:b3:e8:98:b8:f3:85:59:33:55:5c:4b:
09:07:1d:3a:e4:52:52:a0:10:ba:84:08:c0:27:c5:
94:da:74:65:69:fb:59:e1:ef:7b:48:c8:d1:71:9b:
81:16:7f:24:6d:62:1d:d1:d4:03:a9:70:39:1a:46:
f7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C7:D1:FC:9B:0F:25:18:F9:AD:1C:7C:EC:FE:27:5A:B1:FC:62:A4
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/lcfR_JsPJRj5rRx87P4nWrH8YqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.186.0/24
91.220.80.0/24
194.147.90.0/24
Signature Algorithm: sha256WithRSAEncryption
30:46:28:67:55:07:79:80:47:1e:44:d7:0c:7c:a6:68:87:57:
3b:9c:06:b4:5f:55:8c:c8:02:7a:ed:e9:e3:14:ee:36:fb:45:
ef:d6:58:d8:2d:d0:b6:86:ba:72:ef:e9:60:bb:01:7d:1d:e0:
8e:3d:76:e1:b7:0c:94:3a:18:53:51:56:87:c5:b3:b2:dc:6d:
6c:10:45:5b:da:3c:de:ca:27:0f:83:5e:11:87:e3:0c:90:2f:
b7:4e:55:92:d9:b1:98:f1:af:01:5d:e1:27:de:24:ba:ea:32:
75:cd:38:b2:28:55:af:1e:85:e3:d8:19:d1:dd:0f:60:bd:62:
a5:1c:f1:10:0c:83:78:cf:b0:75:1a:f3:5a:44:aa:a6:4c:79:
8e:23:ac:60:b4:3e:b4:41:86:ce:d3:70:a3:7a:ad:70:2e:49:
a0:69:48:5b:29:2d:ca:30:00:06:8f:6b:56:31:bc:c0:b7:bc:
eb:71:a2:32:fd:0b:2e:49:79:bf:c9:4d:de:c4:d5:46:ac:65:
16:60:f9:ab:d1:2c:bf:a5:89:0e:a3:12:40:74:50:6e:5f:69:
9e:13:cd:f0:c3:cf:98:0a:14:d0:2d:69:53:f9:ec:c9:9e:55:
92:36:92:de:c2:4f:86:2d:d9:ee:c5:f4:f8:4d:fb:7d:74:9d:
b8:3f:f5:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1cmaJ0p5cal55wZJ3tEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM3ZDFmYzliMGYyNTE4ZjlhZDFjN2NlY2ZlMjc1YWIxZmM2MmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lLfbzeOzq6pojdnCgumu85Dvp//
CnJLCFpztcfV+hZXtOl123lFIUGbqAI4+OYpojd5XhZv7uDUgo3I2+cG3t2QvUMu
G6SLRJuSmluEx4yt1DzfUWU4XiMCG7RhHTqftKAcDhqv11cp3aG+vK1Hn/ZPgY2B
Y8ixUJcu2hzX1oV+kPYvYE+wZ+flXVxR8r632XKSSDOnVHJxBxO/tEMlh2kpPjoP
JJLUhn8GiHFM6zha3oiBGkOwpjbCwz5oW7ZeCUG/fHKGs+iYuPOFWTNVXEsJBx06
5FJSoBC6hAjAJ8WU2nRlaftZ4e97SMjRcZuBFn8kbWId0dQDqXA5Gkb3+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJXH0fybDyUY+a0cfOz+J1qx/GKkMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvbGNmUl9Kc1BKUmo1clJ4ODdQNG5Xckg4WXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQi6AwQA
W9xQAwQAwpNaMA0GCSqGSIb3DQEBCwUAA4IBAQAwRihnVQd5gEceRNcMfKZoh1c7
nAa0X1WMyAJ67enjFO42+0Xv1ljYLdC2hrpy7+lguwF9HeCOPXbhtwyUOhhTUVaH
xbOy3G1sEEVb2jzeyicPg14Rh+MMkC+3TlWS2bGY8a8BXeEn3iS66jJ1zTiyKFWv
HoXj2BnR3Q9gvWKlHPEQDIN4z7B1GvNaRKqmTHmOI6xgtD60QYbO03Cjeq1wLkmg
aUhbKS3KMAAGj2tWMbzAt7zrcaIy/QsuSXm/yU3exNVGrGUWYPmr0Sy/pYkOoxJA
dFBuX2meE83ww8+YChTQLWlT+ezJnlWSNpLewk+GLdnuxfT4Tft9dJ24P/UQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:35:24 2025 by rpki-client