Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/Oo8Lhh4RlCa7xttIyBwx5LDEUoc.roa
File: Oo8Lhh4RlCa7xttIyBwx5LDEUoc.roa (raw, json)
Hash identifier: wrOx7qjHfGVS+J5guJXeAV7Who7QhhesA0WvqwwUSt0=
Subject key identifier: 3A:8F:0B:86:1E:11:94:26:BB:C6:DB:48:C8:1C:31:E4:B0:C4:52:87
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 0195DBBB73AAADD2BF66C3F157627D62CE75
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/Oo8Lhh4RlCa7xttIyBwx5LDEUoc.roa
Signing time: Fri 28 Mar 2025 07:50:49 +0000
ROA not before: Fri 28 Mar 2025 07:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50818
IP address blocks: 82.196.16.0/22 maxlen: 24
82.196.16.0/24 maxlen: 24
82.196.17.0/24 maxlen: 24
82.196.18.0/24 maxlen: 24
82.196.19.0/24 maxlen: 24
82.196.20.0/22 maxlen: 22
82.196.20.0/24 maxlen: 24
185.9.21.0/24 maxlen: 24
185.20.42.0/24 maxlen: 24
217.18.82.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:bb:73:aa:ad:d2:bf:66:c3:f1:57:62:7d:62:ce:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Mar 28 07:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a8f0b861e119426bbc6db48c81c31e4b0c45287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:60:d4:52:1f:28:5e:d7:d4:7a:61:fd:4b:be:
56:cc:a2:a4:89:0d:44:6f:a3:b3:dc:aa:86:97:e6:
fb:6b:0b:62:d7:24:5d:85:8a:cc:c5:ab:27:a1:75:
ad:58:ed:2f:47:4d:8a:31:fa:fd:f9:ce:5f:26:4c:
f3:b6:2e:6f:c6:7c:cf:a4:97:73:07:fa:40:06:76:
99:c3:3d:18:4a:f3:c4:1f:49:a8:fb:27:80:ea:a7:
e7:f1:d3:fc:6f:2c:3f:53:a1:15:ac:b8:38:b9:bd:
e5:0f:4e:f1:a0:54:f8:10:07:d2:db:33:3f:70:89:
b7:45:b5:47:b4:d2:1f:7a:dc:fd:ad:d9:a7:5b:3b:
e1:b4:70:20:2f:6e:ee:70:85:90:67:f5:03:8e:6d:
cd:5f:8c:b3:d2:df:f6:c4:f8:de:f8:1f:3e:67:97:
4e:8f:dd:11:e2:59:a3:80:44:72:a1:9f:4a:c7:35:
a5:78:83:66:f2:77:00:05:86:46:f3:e8:48:a6:bb:
d1:5d:4c:0d:c3:b4:0a:d4:60:1b:ab:18:77:f2:8a:
6b:fd:7e:78:06:3d:5a:f0:0b:74:29:2b:16:7a:fb:
fc:c9:b2:88:c6:f0:14:44:fb:88:06:88:e3:d6:94:
4a:59:86:fe:49:33:9f:94:60:2f:d6:c8:cd:fc:62:
3d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8F:0B:86:1E:11:94:26:BB:C6:DB:48:C8:1C:31:E4:B0:C4:52:87
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/Oo8Lhh4RlCa7xttIyBwx5LDEUoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
185.9.21.0/24
185.20.42.0/24
217.18.82.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:74:ea:98:67:e7:08:f2:37:22:d5:81:cb:82:d7:34:f2:1e:
93:96:15:4c:17:80:7e:45:1f:ec:79:1e:c0:47:f2:cd:1a:8a:
0f:00:90:2e:e0:be:ee:c3:3b:38:4c:e9:bb:40:02:a2:8a:ea:
bf:e1:d1:43:4c:df:6c:13:d8:f3:67:24:91:99:ff:c4:3e:37:
14:71:02:21:08:3b:38:d5:4e:30:78:9c:03:6b:38:b3:79:42:
1b:db:61:bc:68:aa:ae:1c:29:b7:a6:57:20:85:60:3f:68:ba:
44:4c:c6:10:fa:d2:b3:55:fa:6a:05:53:15:0b:cc:86:6b:41:
2a:df:e8:92:f8:2a:23:aa:09:a8:35:c7:34:06:be:e0:de:57:
5e:79:6c:eb:5d:05:5e:7b:c4:91:e0:06:63:89:bb:7f:bc:66:
7f:27:b0:4e:fb:32:3a:3b:ba:d2:1e:72:ae:ac:f1:d6:27:f2:
ac:e2:92:5b:67:03:31:55:4c:f9:dd:f8:9f:56:f3:6a:fe:94:
e6:5d:21:31:7c:82:1c:9d:53:1c:28:ea:94:91:cb:4a:04:4c:
79:0a:de:d6:de:df:8b:b7:c1:fe:38:e1:fe:48:54:c1:08:74:
9a:22:5f:e4:3e:4d:0e:c7:06:06:4b:70:a8:c3:62:d8:2e:e6:
93:40:f9:c5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZXbu3OqrdK/ZsPxV2J9Ys51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjUwMzI4MDc1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYThmMGI4NjFlMTE5NDI2YmJjNmRiNDhjODFjMzFlNGIwYzQ1Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGDUUh8oXtfUemH9S75WzKKkiQ1E
b6Oz3KqGl+b7awti1yRdhYrMxasnoXWtWO0vR02KMfr9+c5fJkzzti5vxnzPpJdz
B/pABnaZwz0YSvPEH0mo+yeA6qfn8dP8byw/U6EVrLg4ub3lD07xoFT4EAfS2zM/
cIm3RbVHtNIfetz9rdmnWzvhtHAgL27ucIWQZ/UDjm3NX4yz0t/2xPje+B8+Z5dO
j90R4lmjgERyoZ9KxzWleINm8ncABYZG8+hIprvRXUwNw7QK1GAbqxh38opr/X54
Bj1a8At0KSsWevv8ybKIxvAURPuIBojj1pRKWYb+STOflGAv1sjN/GI9FQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDqPC4YeEZQmu8bbSMgcMeSwxFKHMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvT284TGhoNFJsQ2E3eHR0SXlCd3g1TERFVW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDUsQQAwQA
uQkVAwQAuRQqAwQA2RJSMA0EAgACMAcDBQAqA0LAMA0GCSqGSIb3DQEBCwUAA4IB
AQB3dOqYZ+cI8jci1YHLgtc08h6TlhVMF4B+RR/seR7AR/LNGooPAJAu4L7uwzs4
TOm7QAKiiuq/4dFDTN9sE9jzZySRmf/EPjcUcQIhCDs41U4weJwDazizeUIb22G8
aKquHCm3plcghWA/aLpETMYQ+tKzVfpqBVMVC8yGa0Eq3+iS+CojqgmoNcc0Br7g
3ldeeWzrXQVee8SR4AZjibt/vGZ/J7BO+zI6O7rSHnKurPHWJ/Ks4pJbZwMxVUz5
3fifVvNq/pTmXSExfIIcnVMcKOqUkctKBEx5Ct7W3t+Lt8H+OOH+SFTBCHSaIl/k
Pk0OxwYGS3Cow2LYLuaTQPnF
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:54 2025 by rpki-client on console.sobornost.net