Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/LDfn0M5v99IHnOQFUNXp12Nf90k.roa
File: LDfn0M5v99IHnOQFUNXp12Nf90k.roa (raw, json)
Hash identifier: do0pH7tAz4W21wYBRY5jEznU82Zdd3DteyiFEbjbCqA=
Subject key identifier: 2C:37:E7:D0:CE:6F:F7:D2:07:9C:E4:05:50:D5:E9:D7:63:5F:F7:49
Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Certificate serial: 019426D96C1AED57139569BEFAE44C708DF8
Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/LDfn0M5v99IHnOQFUNXp12Nf90k.roa
Signing time: Thu 02 Jan 2025 11:49:30 +0000
ROA not before: Thu 02 Jan 2025 11:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48095
IP address blocks: 31.40.224.0/23 maxlen: 23
31.40.226.0/23 maxlen: 23
77.247.112.0/23 maxlen: 23
77.247.114.0/23 maxlen: 23
87.101.80.0/22 maxlen: 22
185.158.68.0/23 maxlen: 23
185.158.70.0/23 maxlen: 23
185.222.132.0/22 maxlen: 22
188.65.16.0/22 maxlen: 22
193.9.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6c:1a:ed:57:13:95:69:be:fa:e4:4c:70:8d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Validity
Not Before: Jan 2 11:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c37e7d0ce6ff7d2079ce40550d5e9d7635ff749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:dd:b7:eb:88:09:88:3c:ba:69:a0:29:3e:38:
24:ad:8d:a3:25:2a:a5:93:96:21:6a:c5:77:34:af:
ba:5a:c2:47:6f:d8:7b:a9:45:0e:f0:2e:b8:50:9a:
62:e6:a8:26:b1:b7:9a:fe:13:b9:0c:6a:86:ce:2e:
5b:b7:dc:53:96:84:f8:22:9a:7b:77:70:c2:8a:be:
3d:ae:07:dd:db:49:4d:06:c5:f0:ee:0d:f5:6f:1f:
8b:8b:b2:67:48:f3:0e:46:74:a7:64:9b:45:01:d6:
a7:91:b4:db:e5:7f:8e:11:65:8e:bd:26:04:3b:d5:
8d:cd:25:72:8f:82:33:2a:df:18:24:b2:67:17:a7:
a9:39:f5:d8:41:fe:d7:2a:4a:6c:ec:b0:48:75:c9:
6c:e1:64:ea:63:dc:09:5c:cb:d4:2d:c5:0c:22:2e:
66:7c:6e:fa:24:48:62:85:68:47:96:41:d4:05:14:
65:22:29:4e:b6:4c:5f:aa:70:04:43:df:28:0b:d3:
67:45:bd:e1:4b:d4:cc:76:61:44:ee:75:3a:2e:7e:
eb:75:27:04:70:94:55:a7:0d:d8:e4:f5:d0:bb:34:
fb:57:ad:dc:e9:2b:b9:c4:d1:37:64:0d:bb:c3:e5:
ad:78:cc:d7:69:f5:ca:24:28:dd:77:ee:14:2d:75:
c0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:37:E7:D0:CE:6F:F7:D2:07:9C:E4:05:50:D5:E9:D7:63:5F:F7:49
X509v3 Authority Key Identifier:
keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/LDfn0M5v99IHnOQFUNXp12Nf90k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.224.0/22
77.247.112.0/22
87.101.80.0/22
185.158.68.0/22
185.222.132.0/22
188.65.16.0/22
193.9.152.0/22
Signature Algorithm: sha256WithRSAEncryption
56:8c:a5:de:8f:61:30:8f:16:e8:fb:59:a3:46:2a:3a:d8:ce:
ab:0d:18:85:05:35:93:67:c4:87:7d:6f:e2:ff:fb:5e:7c:57:
8a:6b:b2:29:1f:66:37:82:a1:ed:5e:63:9f:79:e7:69:00:97:
c7:91:35:68:75:95:e3:71:19:ed:5b:ab:1b:bc:1f:e4:0a:f9:
96:4a:76:71:fa:ad:8a:39:ef:7b:66:2d:ae:94:ee:85:bc:92:
fe:10:0f:37:80:80:3f:15:ce:13:31:41:c1:46:b1:ef:6b:d1:
ef:dc:74:56:70:b7:4a:10:dd:69:3a:1b:bb:e7:c1:d5:a2:39:
ac:e4:53:bc:30:b4:32:00:73:15:82:ab:25:d8:b5:f0:05:85:
6f:e5:22:5a:00:f4:cb:59:ea:f3:4d:47:cb:99:7d:0c:8c:f2:
d9:ac:44:03:a6:c1:09:ff:b5:a3:ec:7f:9b:26:05:17:d8:64:
bb:5d:8a:30:7b:54:29:8c:3c:1e:09:ea:d8:75:d5:67:c8:b6:
fb:c3:9a:40:56:3c:a1:8c:7c:93:e5:2f:c4:c2:57:14:b6:fc:
e6:3f:22:61:ef:c9:65:8e:29:3f:dd:e2:49:7a:88:b7:c3:55:
9a:9c:72:79:2e:4e:30:e4:6e:eb:63:9f:33:ab:5d:dc:8d:00:
e9:64:ed:e9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2Wwa7VcTlWm++uRMcI34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZjg3NzlhM2M4MmYwMGZjMTQ0MzVlZTdkOGQwYjhkNmRk
ODIwNGUwHhcNMjUwMTAyMTE0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM3ZTdkMGNlNmZmN2QyMDc5Y2U0MDU1MGQ1ZTlkNzYzNWZmNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t2364gJiDy6aaApPjgkrY2jJSql
k5YhasV3NK+6WsJHb9h7qUUO8C64UJpi5qgmsbea/hO5DGqGzi5bt9xTloT4Ipp7
d3DCir49rgfd20lNBsXw7g31bx+Li7JnSPMORnSnZJtFAdankbTb5X+OEWWOvSYE
O9WNzSVyj4IzKt8YJLJnF6epOfXYQf7XKkps7LBIdcls4WTqY9wJXMvULcUMIi5m
fG76JEhihWhHlkHUBRRlIilOtkxfqnAEQ98oC9NnRb3hS9TMdmFE7nU6Ln7rdScE
cJRVpw3Y5PXQuzT7V63c6Su5xNE3ZA27w+WteMzXafXKJCjdd+4ULXXAqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCw359DOb/fSB5zkBVDV6ddjX/dJMB8GA1UdIwQY
MBaAFC34d5o8gvAPwUQ17n2NC41t2CBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4Yjct
ZTJhZTA1NWVjZWQxLzEvTERmbjBNNXY5OUlIbk9RRlVOWHAxMk5mOTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4YjctZTJhZTA1NWVjZWQx
LzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCHyjgAwQC
TfdwAwQCV2VQAwQCuZ5EAwQCud6EAwQCvEEQAwQCwQmYMA0GCSqGSIb3DQEBCwUA
A4IBAQBWjKXej2Ewjxbo+1mjRio62M6rDRiFBTWTZ8SHfW/i//tefFeKa7IpH2Y3
gqHtXmOfeedpAJfHkTVodZXjcRntW6sbvB/kCvmWSnZx+q2KOe97Zi2ulO6FvJL+
EA83gIA/Fc4TMUHBRrHva9Hv3HRWcLdKEN1pOhu758HVojms5FO8MLQyAHMVgqsl
2LXwBYVv5SJaAPTLWerzTUfLmX0MjPLZrEQDpsEJ/7Wj7H+bJgUX2GS7XYowe1Qp
jDweCerYddVnyLb7w5pAVjyhjHyT5S/EwlcUtvzmPyJh78lljik/3eJJeoi3w1Wa
nHJ5Lk4w5G7rY58zq13cjQDpZO3p
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:49:29 2025 by rpki-client