Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/857d9c-596e-4b89-9f1c-f92128be8b79/1/h8Gl2OsdLuWPWtrNcU8n0JlSjzU.roa
File: h8Gl2OsdLuWPWtrNcU8n0JlSjzU.roa (raw, json)
Hash identifier: evSWiyr6r/rxtz4+EcFa39VIdmSuUvtGUXcbAAeqm0k=
Subject key identifier: 87:C1:A5:D8:EB:1D:2E:E5:8F:5A:DA:CD:71:4F:27:D0:99:52:8F:35
Certificate issuer: /CN=df7f5eb8817f2da97f665507683b5c45a74d0ca0
Certificate serial: 01942444E80D180E3B285BCC23D8327A1746
Authority key identifier: DF:7F:5E:B8:81:7F:2D:A9:7F:66:55:07:68:3B:5C:45:A7:4D:0C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/339euIF_Lal_ZlUHaDtcRadNDKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/857d9c-596e-4b89-9f1c-f92128be8b79/1/h8Gl2OsdLuWPWtrNcU8n0JlSjzU.roa
Signing time: Wed 01 Jan 2025 23:48:03 +0000
ROA not before: Wed 01 Jan 2025 23:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35635
IP address blocks: 80.243.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e8:0d:18:0e:3b:28:5b:cc:23:d8:32:7a:17:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7f5eb8817f2da97f665507683b5c45a74d0ca0
Validity
Not Before: Jan 1 23:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87c1a5d8eb1d2ee58f5adacd714f27d099528f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:98:df:70:d5:1b:b3:55:fa:02:7b:bf:dc:27:
1d:c6:90:ea:0a:73:c3:c6:17:2c:d2:7a:99:4c:24:
ac:85:1a:ff:8f:02:ff:4a:a3:23:25:5c:60:cb:25:
f2:ab:da:b0:eb:2c:80:9c:e9:57:0e:b6:88:7d:9c:
90:3a:66:c8:dc:be:42:54:cb:ce:39:21:3f:18:20:
ca:6f:15:9a:ae:45:e2:50:7d:74:39:ef:e6:ce:b2:
b0:1a:8f:70:b8:01:4d:83:51:bc:55:b4:51:7f:05:
e9:82:07:c9:35:9b:a4:23:f8:3b:68:7b:9b:95:9b:
b5:86:8a:26:db:8e:63:c9:27:99:e2:7e:d1:36:73:
6e:59:c5:f3:f9:40:00:6c:6d:7b:24:7f:f4:74:67:
07:24:61:03:59:44:f7:33:de:4e:7f:18:2c:49:ba:
aa:ba:d3:8f:b5:a7:2e:e6:a3:24:38:10:b4:e4:68:
cf:7f:1d:a5:37:51:36:58:b4:f6:dc:9e:b9:79:0d:
91:3b:6b:cb:f6:46:15:d6:dc:8a:48:a1:f1:a9:81:
46:e7:63:68:3a:f3:fe:28:59:ff:ea:9e:6b:ef:5d:
69:3b:f6:d2:c8:59:a0:7e:43:44:3d:72:5d:4d:8f:
64:9b:62:73:b1:2e:53:61:84:a4:1f:4a:91:62:e8:
52:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C1:A5:D8:EB:1D:2E:E5:8F:5A:DA:CD:71:4F:27:D0:99:52:8F:35
X509v3 Authority Key Identifier:
keyid:DF:7F:5E:B8:81:7F:2D:A9:7F:66:55:07:68:3B:5C:45:A7:4D:0C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/339euIF_Lal_ZlUHaDtcRadNDKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/857d9c-596e-4b89-9f1c-f92128be8b79/1/h8Gl2OsdLuWPWtrNcU8n0JlSjzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/857d9c-596e-4b89-9f1c-f92128be8b79/1/339euIF_Lal_ZlUHaDtcRadNDKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.208.0/20
Signature Algorithm: sha256WithRSAEncryption
81:51:ab:40:1b:61:7e:40:99:d9:79:e3:56:21:59:e7:e6:77:
6b:a1:57:ee:db:5c:75:3f:88:ea:52:7c:c2:48:11:38:bf:2a:
9a:cb:82:d6:68:7c:31:37:b3:b4:b3:d8:b0:cf:55:72:3c:57:
9f:31:1b:02:9b:b4:e1:40:4f:6c:58:35:e3:02:e2:e5:5c:15:
db:01:c0:5e:e6:5e:f6:b2:cd:4a:07:f0:4e:9d:cc:ba:97:1b:
cf:49:19:13:34:a1:83:f5:90:38:ac:83:9b:30:d5:20:82:5b:
ba:ef:26:88:2f:5c:b6:e7:69:3e:a6:1b:2e:7d:a9:53:b7:3a:
5d:a4:c0:0c:d5:8d:51:62:c0:7b:76:61:b0:78:38:95:8a:59:
28:1c:51:82:08:ed:72:34:eb:68:76:57:90:d2:d9:80:c8:db:
ac:98:15:3c:24:02:f0:ce:79:09:18:e8:61:61:20:93:14:f5:
ec:e0:f9:62:8f:4c:65:d5:5e:5e:38:9a:d2:3d:41:39:2c:10:
f9:d0:80:17:14:24:59:68:4d:ee:cd:9c:f9:b8:30:94:e9:8d:
23:c9:7e:70:3a:60:fe:29:44:b8:31:50:ff:e8:a9:f9:50:98:
11:e0:77:d9:26:8b:ab:f9:ac:1d:dc:3a:7d:13:17:72:b0:98:
0e:c0:65:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkROgNGA47KFvMI9gyehdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmN2Y1ZWI4ODE3ZjJkYTk3ZjY2NTUwNzY4M2I1YzQ1YTc0
ZDBjYTAwHhcNMjUwMTAxMjM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MxYTVkOGViMWQyZWU1OGY1YWRhY2Q3MTRmMjdkMDk5NTI4ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspjfcNUbs1X6Anu/3CcdxpDqCnPD
xhcs0nqZTCSshRr/jwL/SqMjJVxgyyXyq9qw6yyAnOlXDraIfZyQOmbI3L5CVMvO
OSE/GCDKbxWarkXiUH10Oe/mzrKwGo9wuAFNg1G8VbRRfwXpggfJNZukI/g7aHub
lZu1hoom245jySeZ4n7RNnNuWcXz+UAAbG17JH/0dGcHJGEDWUT3M95OfxgsSbqq
utOPtacu5qMkOBC05GjPfx2lN1E2WLT23J65eQ2RO2vL9kYV1tyKSKHxqYFG52No
OvP+KFn/6p5r711pO/bSyFmgfkNEPXJdTY9km2JzsS5TYYSkH0qRYuhSQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfBpdjrHS7lj1razXFPJ9CZUo81MB8GA1UdIwQY
MBaAFN9/XriBfy2pf2ZVB2g7XEWnTQygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzM5ZXVJRl9MYWxfWmxVSGFEdGNSYWROREtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84NTdkOWMtNTk2ZS00Yjg5LTlmMWMt
ZjkyMTI4YmU4Yjc5LzEvaDhHbDJPc2RMdVdQV3RyTmNVOG4wSmxTanpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC84NTdkOWMtNTk2ZS00Yjg5LTlmMWMtZjkyMTI4YmU4Yjc5
LzEvMzM5ZXVJRl9MYWxfWmxVSGFEdGNSYWROREtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUPPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCBUatAG2F+QJnZeeNWIVnn5ndroVfu21x1P4jqUnzC
SBE4vyqay4LWaHwxN7O0s9iwz1VyPFefMRsCm7ThQE9sWDXjAuLlXBXbAcBe5l72
ss1KB/BOncy6lxvPSRkTNKGD9ZA4rIObMNUgglu67yaIL1y252k+phsufalTtzpd
pMAM1Y1RYsB7dmGweDiVilkoHFGCCO1yNOtodleQ0tmAyNusmBU8JALwznkJGOhh
YSCTFPXs4Plij0xl1V5eOJrSPUE5LBD50IAXFCRZaE3uzZz5uDCU6Y0jyX5wOmD+
KUS4MVD/6Kn5UJgR4HfZJour+awd3Dp9ExdysJgOwGWS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net