Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/lBvtRmrC68CyqkDDaX9q7iM1fqk.roa
File: lBvtRmrC68CyqkDDaX9q7iM1fqk.roa (raw, json)
Hash identifier: QH6lN3Gw9cyb6g2dDlZDiBnyElb0DjJFI+B0oG5arYk=
Subject key identifier: 94:1B:ED:46:6A:C2:EB:C0:B2:AA:40:C3:69:7F:6A:EE:23:35:7E:A9
Certificate issuer: /CN=a0cef1caa3459b8b039c217813648dcabce8c2d3
Certificate serial: 019420682AD0C7AA8A9A9B3505AFDB12B260
Authority key identifier: A0:CE:F1:CA:A3:45:9B:8B:03:9C:21:78:13:64:8D:CA:BC:E8:C2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oM7xyqNFm4sDnCF4E2SNyrzowtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/lBvtRmrC68CyqkDDaX9q7iM1fqk.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59475
IP address blocks: 81.161.120.0/21 maxlen: 21
109.197.162.0/23 maxlen: 23
193.0.168.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2a:d0:c7:aa:8a:9a:9b:35:05:af:db:12:b2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0cef1caa3459b8b039c217813648dcabce8c2d3
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=941bed466ac2ebc0b2aa40c3697f6aee23357ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:59:74:bc:c8:8e:b7:51:40:43:58:a7:45:37:
50:58:38:0b:a6:0b:4a:be:51:b5:74:1d:9d:50:b6:
4c:69:6c:ba:7d:59:bc:c7:28:2c:f4:13:cd:a8:5e:
85:37:eb:00:d9:f1:2d:1b:a2:0d:38:d7:49:db:73:
00:fd:c4:60:f2:62:ac:57:cb:da:60:e8:9e:0f:85:
df:9d:bb:c7:ca:d0:24:08:a8:33:f1:f8:ef:1f:1b:
90:c8:58:68:48:49:ce:a4:5c:4e:75:92:b1:b7:e2:
ae:7c:95:29:61:3a:88:28:93:91:22:e5:ef:bc:ed:
17:75:2c:28:d7:2f:2f:84:19:b8:4f:55:09:8b:61:
72:ac:d2:ec:65:a1:5a:4d:c1:12:a6:ff:7c:6c:11:
52:8c:63:a1:98:46:5f:b2:86:95:50:7b:38:d5:c2:
71:12:a0:df:47:08:05:36:6d:a8:77:0d:27:6e:3b:
7d:2c:30:8e:11:df:13:b2:25:c1:1c:a6:9c:4c:1a:
4f:5f:b3:51:27:47:f4:33:65:6f:b4:bc:5c:19:5b:
75:49:df:b2:e0:23:bc:b6:e3:f7:3e:8c:12:64:fa:
69:b8:46:49:f3:72:62:27:38:2a:45:60:2d:c9:46:
59:c4:f4:11:64:10:ba:6e:8e:9c:0a:4a:e1:92:95:
85:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1B:ED:46:6A:C2:EB:C0:B2:AA:40:C3:69:7F:6A:EE:23:35:7E:A9
X509v3 Authority Key Identifier:
keyid:A0:CE:F1:CA:A3:45:9B:8B:03:9C:21:78:13:64:8D:CA:BC:E8:C2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oM7xyqNFm4sDnCF4E2SNyrzowtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/lBvtRmrC68CyqkDDaX9q7iM1fqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/858ed8-731a-4761-82c0-6b0179ee1dd9/1/oM7xyqNFm4sDnCF4E2SNyrzowtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.120.0/21
109.197.162.0/23
193.0.168.0/23
Signature Algorithm: sha256WithRSAEncryption
16:71:7f:77:2f:16:f2:f3:cc:93:d6:2a:e0:22:06:d3:c3:b0:
3a:67:2e:9c:e1:0a:d1:03:e8:44:07:23:bd:02:5d:29:d8:76:
81:83:2b:60:77:f9:0f:94:9c:98:2b:ed:50:31:da:35:4a:54:
c6:66:e9:ef:74:92:38:f0:77:3d:78:9f:70:e0:58:a3:89:b9:
95:a2:b4:8f:6f:f1:fc:53:e1:7d:88:2c:fe:c4:40:c3:64:e6:
a4:52:0e:06:c7:6f:9d:3d:2f:c8:a3:cf:d2:f0:ea:8a:ed:1d:
17:f3:aa:38:10:7a:89:05:5d:59:e2:c0:c1:f5:af:d7:2f:6a:
53:6d:f7:93:3a:0f:c3:4a:45:58:c1:48:aa:ab:3c:c6:9c:92:
b3:01:d3:3e:4e:85:99:c1:55:49:45:2e:9e:af:2d:44:43:3b:
3c:51:18:8c:bc:f2:2d:9c:a8:3d:22:9a:77:7f:e3:37:85:35:
d0:6b:bd:6a:5e:40:1f:7f:be:c5:1c:e2:ec:9f:c5:24:83:eb:
44:7f:8c:67:86:9c:80:95:89:69:76:ae:62:55:a9:ef:e4:f4:
df:33:94:38:34:f8:aa:66:78:53:c9:89:06:b5:83:8c:b4:d1:
cb:fd:c2:f1:51:60:43:72:92:55:3d:18:94:7e:e7:53:d3:1f:
a4:55:5d:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaCrQx6qKmps1Ba/bErJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwY2VmMWNhYTM0NTliOGIwMzljMjE3ODEzNjQ4ZGNhYmNl
OGMyZDMwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFiZWQ0NjZhYzJlYmMwYjJhYTQwYzM2OTdmNmFlZTIzMzU3ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFl0vMiOt1FAQ1inRTdQWDgLpgtK
vlG1dB2dULZMaWy6fVm8xygs9BPNqF6FN+sA2fEtG6INONdJ23MA/cRg8mKsV8va
YOieD4XfnbvHytAkCKgz8fjvHxuQyFhoSEnOpFxOdZKxt+KufJUpYTqIKJORIuXv
vO0XdSwo1y8vhBm4T1UJi2FyrNLsZaFaTcESpv98bBFSjGOhmEZfsoaVUHs41cJx
EqDfRwgFNm2odw0nbjt9LDCOEd8TsiXBHKacTBpPX7NRJ0f0M2VvtLxcGVt1Sd+y
4CO8tuP3PowSZPppuEZJ83JiJzgqRWAtyUZZxPQRZBC6bo6cCkrhkpWFzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJQb7UZqwuvAsqpAw2l/au4jNX6pMB8GA1UdIwQY
MBaAFKDO8cqjRZuLA5wheBNkjcq86MLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb003eHlxTkZtNHNEbkNGNEUyU055cnpvd3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84NThlZDgtNzMxYS00NzYxLTgyYzAt
NmIwMTc5ZWUxZGQ5LzEvbEJ2dFJtckM2OEN5cWtERGFYOXE3aU0xZnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84NThlZDgtNzMxYS00NzYxLTgyYzAtNmIwMTc5ZWUxZGQ5
LzEvb003eHlxTkZtNHNEbkNGNEUyU055cnpvd3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUaF4AwQB
bcWiAwQBwQCoMA0GCSqGSIb3DQEBCwUAA4IBAQAWcX93Lxby88yT1irgIgbTw7A6
Zy6c4QrRA+hEByO9Al0p2HaBgytgd/kPlJyYK+1QMdo1SlTGZunvdJI48Hc9eJ9w
4FijibmVorSPb/H8U+F9iCz+xEDDZOakUg4Gx2+dPS/Io8/S8OqK7R0X86o4EHqJ
BV1Z4sDB9a/XL2pTbfeTOg/DSkVYwUiqqzzGnJKzAdM+ToWZwVVJRS6ery1EQzs8
URiMvPItnKg9Ipp3f+M3hTXQa71qXkAff77FHOLsn8Ukg+tEf4xnhpyAlYlpdq5i
Vanv5PTfM5Q4NPiqZnhTyYkGtYOMtNHL/cLxUWBDcpJVPRiUfudT0x+kVV3r
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:48:44 2025 by rpki-client on console.sobornost.net