Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/8072Aeh0vfDGSJ8vyXnId-hQKJc.roa
File: 8072Aeh0vfDGSJ8vyXnId-hQKJc.roa (raw, json)
Hash identifier: 5j4g+dxrUkP8XBx9ZA5/gKCWYOvbCcLIrcUnkZa+hD0=
Subject key identifier: F3:4E:F6:01:E8:74:BD:F0:C6:48:9F:2F:C9:79:C8:77:E8:50:28:97
Certificate issuer: /CN=a0cef1caa3459b8b039c217813648dcabce8c2d3
Certificate serial: 0195F45D9AC4481EECC6EA82B54D866269D8
Authority key identifier: A0:CE:F1:CA:A3:45:9B:8B:03:9C:21:78:13:64:8D:CA:BC:E8:C2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oM7xyqNFm4sDnCF4E2SNyrzowtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/8072Aeh0vfDGSJ8vyXnId-hQKJc.roa
Signing time: Wed 02 Apr 2025 02:38:49 +0000
ROA not before: Wed 02 Apr 2025 02:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3205
IP address blocks: 81.161.120.0/21 maxlen: 22
109.197.162.0/23 maxlen: 23
193.0.168.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f4:5d:9a:c4:48:1e:ec:c6:ea:82:b5:4d:86:62:69:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0cef1caa3459b8b039c217813648dcabce8c2d3
Validity
Not Before: Apr 2 02:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f34ef601e874bdf0c6489f2fc979c877e8502897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:05:f0:4d:25:bf:d8:26:21:ce:7e:db:cd:63:
12:c3:62:a5:2c:7d:fd:60:c3:b0:ec:49:e6:90:65:
b4:d6:63:01:eb:4d:5e:1c:74:d2:be:e1:c2:85:ca:
28:46:50:4a:d4:42:13:0a:41:ee:48:ba:23:a1:a1:
26:8a:b1:f6:01:47:27:89:1e:8d:1a:4e:96:56:3b:
42:d2:02:0a:2d:b1:a4:2a:c6:d8:ca:1c:50:dd:d4:
e2:36:c4:c2:1b:1e:6b:14:c1:54:21:fe:9c:cb:1b:
ed:8a:a7:f1:45:ab:ac:4b:47:e5:a3:07:cd:c8:80:
f8:36:76:9a:54:a1:e4:dc:9c:b5:f0:78:bf:c7:20:
01:cb:23:3f:65:a8:41:e8:2f:c7:be:9c:13:23:99:
7f:88:85:77:b4:ca:e5:d6:12:a2:29:4f:e0:29:90:
9d:07:1d:41:0f:0c:17:ad:41:8c:19:5d:94:54:6f:
02:24:91:ef:b0:ad:c1:64:06:12:9e:e9:c3:d2:16:
de:ca:3d:16:46:f1:11:fa:79:9a:85:bc:7c:74:4f:
b5:7d:5a:59:4b:e7:6a:89:de:e6:07:24:0f:fc:46:
ff:b2:a0:16:53:5c:0f:ee:43:1d:25:19:63:86:05:
00:11:1b:82:ba:80:89:56:fd:4d:68:df:07:e4:ba:
71:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4E:F6:01:E8:74:BD:F0:C6:48:9F:2F:C9:79:C8:77:E8:50:28:97
X509v3 Authority Key Identifier:
keyid:A0:CE:F1:CA:A3:45:9B:8B:03:9C:21:78:13:64:8D:CA:BC:E8:C2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oM7xyqNFm4sDnCF4E2SNyrzowtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/8072Aeh0vfDGSJ8vyXnId-hQKJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/oM7xyqNFm4sDnCF4E2SNyrzowtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.120.0/21
109.197.162.0/23
193.0.168.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:e1:29:c2:93:a6:3f:50:53:90:71:fd:f6:d8:19:9d:d3:8c:
6e:30:b8:52:be:53:09:b5:f3:5b:9d:97:31:18:8a:62:f1:48:
c1:f3:8b:2b:50:d0:23:27:a5:9c:69:30:36:a7:0b:04:1e:34:
dc:ee:85:50:59:09:d2:44:47:c3:49:53:50:c1:e1:f2:9d:b1:
31:e0:41:bf:cb:45:38:34:fe:67:de:9b:03:cc:a9:eb:36:e2:
c7:cb:0d:86:c8:36:1c:b0:08:a1:5d:5c:f7:3d:01:e3:5a:bf:
ee:ea:31:c6:1a:90:1f:b5:d5:76:de:17:5d:13:7c:a2:88:7d:
7f:2a:2a:aa:ea:2d:d7:9b:19:2f:f4:d8:80:df:8e:ac:7e:d7:
db:8a:18:de:6d:c8:43:eb:1e:14:3c:3e:4c:46:43:ea:bc:d9:
da:a5:6c:c2:86:85:69:42:1c:27:35:bb:20:86:58:fb:fc:60:
24:6d:f2:4e:9e:ce:9d:cc:98:9d:45:39:b2:f5:bc:58:fd:4c:
54:b5:0a:c4:ff:7e:96:3a:f5:4f:b5:3d:2a:38:37:8a:8d:90:
c5:3b:c8:64:03:7d:9b:9b:d7:b1:05:91:02:d7:f2:e6:0b:15:
3e:ac:e5:81:cc:33:63:60:5b:fa:5d:6b:89:d9:82:85:a5:df:
6e:b7:07:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZX0XZrESB7sxuqCtU2GYmnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2VmMWNhYTM0NTliOGIwMzljMjE3ODEzNjQ4ZGNhYmNl
OGMyZDMwHhcNMjUwNDAyMDIzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRlZjYwMWU4NzRiZGYwYzY0ODlmMmZjOTc5Yzg3N2U4NTAyODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AXwTSW/2CYhzn7bzWMSw2KlLH39
YMOw7EnmkGW01mMB601eHHTSvuHChcooRlBK1EITCkHuSLojoaEmirH2AUcniR6N
Gk6WVjtC0gIKLbGkKsbYyhxQ3dTiNsTCGx5rFMFUIf6cyxvtiqfxRausS0flowfN
yID4NnaaVKHk3Jy18Hi/xyAByyM/ZahB6C/HvpwTI5l/iIV3tMrl1hKiKU/gKZCd
Bx1BDwwXrUGMGV2UVG8CJJHvsK3BZAYSnunD0hbeyj0WRvER+nmahbx8dE+1fVpZ
S+dqid7mByQP/Eb/sqAWU1wP7kMdJRljhgUAERuCuoCJVv1NaN8H5LpxsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNO9gHodL3wxkifL8l5yHfoUCiXMB8GA1UdIwQY
MBaAFKDO8cqjRZuLA5wheBNkjcq86MLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb003eHlxTkZtNHNEbkNGNEUyU055cnpvd3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84NThlZDgtNzMxYS00NzYxLTgyYzAt
NmIwMTc5ZWUxZGQ5LzEvODA3MkFlaDB2ZkRHU0o4dnlYbklkLWhRS0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84NThlZDgtNzMxYS00NzYxLTgyYzAtNmIwMTc5ZWUxZGQ5
LzEvb003eHlxTkZtNHNEbkNGNEUyU055cnpvd3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUaF4AwQB
bcWiAwQBwQCoMA0GCSqGSIb3DQEBCwUAA4IBAQBd4SnCk6Y/UFOQcf322Bmd04xu
MLhSvlMJtfNbnZcxGIpi8UjB84srUNAjJ6WcaTA2pwsEHjTc7oVQWQnSREfDSVNQ
weHynbEx4EG/y0U4NP5n3psDzKnrNuLHyw2GyDYcsAihXVz3PQHjWr/u6jHGGpAf
tdV23hddE3yiiH1/Kiqq6i3Xmxkv9NiA346sftfbihjebchD6x4UPD5MRkPqvNna
pWzChoVpQhwnNbsghlj7/GAkbfJOns6dzJidRTmy9bxY/UxUtQrE/36WOvVPtT0q
ODeKjZDFO8hkA32bm9exBZEC1/LmCxU+rOWBzDNjYFv6XWuJ2YKFpd9utwcz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net