Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/mDeAGVyiWAF47pXY_yRjdrhBIJc.roa
File: mDeAGVyiWAF47pXY_yRjdrhBIJc.roa (raw, json)
Hash identifier: yHPdV/sdxT3kKE70fyJDmdwrcaFh24i7D2+vtQY7LN8=
Subject key identifier: 98:37:80:19:5C:A2:58:01:78:EE:95:D8:FF:24:63:76:B8:41:20:97
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 019422FC31D4E3649C99A0DF3FC1FD885A8C
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/mDeAGVyiWAF47pXY_yRjdrhBIJc.roa
Signing time: Wed 01 Jan 2025 17:49:00 +0000
ROA not before: Wed 01 Jan 2025 17:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.31.234.0/23 maxlen: 24
81.31.242.0/23 maxlen: 23
81.31.244.0/22 maxlen: 24
185.84.160.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:31:d4:e3:64:9c:99:a0:df:3f:c1:fd:88:5a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jan 1 17:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=983780195ca2580178ee95d8ff246376b8412097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fa:0a:50:c1:33:88:34:9a:33:df:04:ab:bd:
be:9c:38:d1:87:fa:67:fa:d5:12:62:12:72:21:55:
6a:d3:ef:ed:9d:ff:a0:96:17:2e:e4:aa:35:3b:09:
1b:76:88:29:23:23:88:de:ef:ed:85:74:61:0b:ae:
24:a2:90:7b:1d:cf:85:17:cc:40:b6:a7:0e:73:10:
f8:33:d1:f8:70:d9:79:ac:fe:a1:b1:0f:d8:d8:72:
12:af:42:84:49:c9:8b:77:e2:b3:4e:09:3a:15:0b:
fd:5f:42:b8:14:ed:f8:4a:29:ff:0a:62:c6:7c:04:
b9:03:31:9b:8b:68:01:a9:3c:8e:55:44:fb:91:02:
f6:cd:93:05:e3:c5:52:d9:cb:94:e5:e3:e7:6c:f9:
5a:2d:17:7f:b8:69:7b:b4:f5:56:2f:57:39:70:03:
00:e2:b6:c0:82:85:7b:76:95:c7:2e:a3:35:59:2e:
9e:46:d4:c1:08:9b:d0:ee:0c:48:ca:1f:05:68:07:
b8:aa:d9:68:00:3f:a8:b0:c6:b7:2b:7e:f9:66:07:
9a:c3:82:e4:db:65:36:d7:0d:92:35:d8:bf:51:a5:
15:5c:87:07:ab:05:d1:ab:e0:16:7e:9e:ea:2f:d2:
0e:5b:ff:2c:54:42:1c:ad:fd:1a:84:e2:3c:b7:7d:
a7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:37:80:19:5C:A2:58:01:78:EE:95:D8:FF:24:63:76:B8:41:20:97
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/mDeAGVyiWAF47pXY_yRjdrhBIJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.234.0/23
81.31.242.0-81.31.247.255
185.84.160.0/23
Signature Algorithm: sha256WithRSAEncryption
48:31:a5:b1:ca:1e:ca:5d:ab:ab:0e:73:76:39:60:57:73:08:
ec:d3:1e:f4:fb:31:9f:f1:0c:e4:fc:48:4b:f8:26:e2:ba:87:
6a:9d:16:f4:6a:74:ae:2d:4e:90:41:9d:aa:91:c8:52:ad:fa:
74:5c:88:f3:2e:78:5e:e7:b4:c8:93:d9:5b:9f:9d:83:a4:ae:
47:1d:57:b6:56:d8:cd:54:bc:5c:88:ad:0f:bd:bb:a3:0d:1d:
0f:dd:f5:04:b8:71:d7:25:a5:de:04:75:73:c2:e7:58:a8:a4:
d5:ca:ba:a9:d1:ac:8f:e0:d1:2c:ca:87:ae:2e:41:31:d2:ae:
75:a9:2b:94:84:6c:d2:23:98:05:31:8f:a7:54:53:b5:9e:54:
60:52:d1:a0:b4:2c:c1:21:9a:8e:46:bd:d9:7c:7a:bd:d5:4f:
7d:ec:41:7e:36:22:5c:b7:88:a1:0f:4e:56:9b:81:6b:a5:ea:
a8:e9:3e:8a:07:be:7d:24:8c:8a:08:17:57:ca:86:11:8c:6a:
f9:fb:00:df:d0:de:cb:de:28:36:de:4e:7d:79:52:20:a0:25:
68:25:d3:9a:36:2a:a8:80:f2:c8:fc:7b:03:9a:34:5a:6e:81:
75:7a:7e:a9:cf:e4:fc:1f:2c:c1:7a:00:45:cd:51:8e:a7:d3:
0c:8c:1f:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQi/DHU42ScmaDfP8H9iFqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjUwMTAxMTc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM3ODAxOTVjYTI1ODAxNzhlZTk1ZDhmZjI0NjM3NmI4NDEyMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/oKUMEziDSaM98Eq72+nDjRh/pn
+tUSYhJyIVVq0+/tnf+glhcu5Ko1OwkbdogpIyOI3u/thXRhC64kopB7Hc+FF8xA
tqcOcxD4M9H4cNl5rP6hsQ/Y2HISr0KEScmLd+KzTgk6FQv9X0K4FO34Sin/CmLG
fAS5AzGbi2gBqTyOVUT7kQL2zZMF48VS2cuU5ePnbPlaLRd/uGl7tPVWL1c5cAMA
4rbAgoV7dpXHLqM1WS6eRtTBCJvQ7gxIyh8FaAe4qtloAD+osMa3K375Zgeaw4Lk
22U21w2SNdi/UaUVXIcHqwXRq+AWfp7qL9IOW/8sVEIcrf0ahOI8t32nJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJg3gBlcolgBeO6V2P8kY3a4QSCXMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvbURlQUdWeWlXQUY0N3BYWV95UmpkcmhCSUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUR/qMAwD
BAFRH/IDBANRH/ADBAG5VKAwDQYJKoZIhvcNAQELBQADggEBAEgxpbHKHspdq6sO
c3Y5YFdzCOzTHvT7MZ/xDOT8SEv4JuK6h2qdFvRqdK4tTpBBnaqRyFKt+nRciPMu
eF7ntMiT2VufnYOkrkcdV7ZW2M1UvFyIrQ+9u6MNHQ/d9QS4cdclpd4EdXPC51io
pNXKuqnRrI/g0SzKh64uQTHSrnWpK5SEbNIjmAUxj6dUU7WeVGBS0aC0LMEhmo5G
vdl8er3VT33sQX42Ily3iKEPTlabgWul6qjpPooHvn0kjIoIF1fKhhGMavn7AN/Q
3sveKDbeTn15UiCgJWgl05o2KqiA8sj8ewOaNFpugXV6fqnP5PwfLMF6AEXNUY6n
0wyMH+Q=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net