Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/GxtnJ7yterlOhxFZS6xnGanYSSc.roa
File: GxtnJ7yterlOhxFZS6xnGanYSSc.roa (raw, json)
Hash identifier: tcAsoBvhFHmv9BnDm7rj7vxdX4+/sYHuOScxE2OpNR8=
Subject key identifier: 1B:1B:67:27:BC:AD:7A:B9:4E:87:11:59:4B:AC:67:19:A9:D8:49:27
Certificate issuer: /CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Certificate serial: 019424448A8A78C5CEDD72002398385B1175
Authority key identifier: A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/GxtnJ7yterlOhxFZS6xnGanYSSc.roa
Signing time: Wed 01 Jan 2025 23:47:38 +0000
ROA not before: Wed 01 Jan 2025 23:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39684
IP address blocks: 81.88.80.0/22 maxlen: 22
81.88.84.0/24 maxlen: 24
81.88.85.0/24 maxlen: 24
81.88.86.0/24 maxlen: 24
81.88.87.0/24 maxlen: 24
81.88.88.0/24 maxlen: 24
81.88.94.0/24 maxlen: 24
81.88.95.0/24 maxlen: 24
185.200.140.0/24 maxlen: 24
185.200.141.0/24 maxlen: 24
185.200.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8a:8a:78:c5:ce:dd:72:00:23:98:38:5b:11:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Validity
Not Before: Jan 1 23:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b1b6727bcad7ab94e8711594bac6719a9d84927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8d:d9:ca:2e:47:ae:73:89:49:a4:86:7c:b8:
32:d5:85:9a:44:b7:67:48:51:58:16:66:bc:9d:36:
3e:a9:3a:4d:5b:8e:4b:05:05:c5:eb:fc:59:93:5f:
bf:d5:1a:e5:e5:95:51:f8:b1:02:c9:6b:27:36:8f:
59:31:28:92:4b:54:3c:12:94:06:4d:97:0d:62:2f:
16:fd:2f:31:cf:00:dd:d7:89:44:0b:24:09:d5:03:
9d:83:0c:d2:c6:9d:2b:4d:f4:24:70:1c:c8:0d:2f:
ba:73:90:cd:4d:cf:cf:f6:ef:3b:d0:a8:04:02:6e:
f1:d4:a2:2e:1b:da:63:de:cf:0b:5a:6b:1d:55:f5:
04:a6:ee:8d:93:2a:c4:18:14:1a:a2:58:08:c6:c2:
e4:93:fb:7d:0b:5a:60:10:2b:35:9d:67:87:70:7e:
49:e9:3c:d5:24:9d:52:31:73:3a:4b:f0:57:e3:50:
86:7c:17:81:8e:1d:26:9d:36:15:d8:98:d5:85:98:
0f:fb:99:b9:7e:b9:33:31:d4:0a:86:b7:64:37:5b:
92:97:45:19:01:0e:31:d2:62:b2:09:95:0a:7d:78:
c9:77:5e:e1:09:7d:79:ba:5d:e8:95:d5:4c:f0:14:
76:9e:37:ea:7a:7d:1e:cb:33:4d:e3:99:42:0f:f6:
af:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1B:67:27:BC:AD:7A:B9:4E:87:11:59:4B:AC:67:19:A9:D8:49:27
X509v3 Authority Key Identifier:
keyid:A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/GxtnJ7yterlOhxFZS6xnGanYSSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/qIXNvd_X0TFoRb609zmPPOZPrNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.80.0-81.88.88.255
81.88.94.0/23
185.200.140.0-185.200.142.255
Signature Algorithm: sha256WithRSAEncryption
d8:1b:66:ed:7f:17:d3:a8:9f:bd:4b:50:c9:92:4e:71:fe:20:
d1:89:38:d6:a9:19:a1:85:6d:bd:e3:0c:e8:f7:be:80:7f:76:
1b:3f:76:5f:da:32:41:3e:08:8d:5c:91:3a:43:e7:19:e0:96:
8b:80:bd:55:8e:96:9b:4e:8f:88:f1:ff:b6:fc:fd:42:ff:a0:
dd:2f:4b:c9:8b:ec:61:d7:f1:36:5a:7b:9c:04:a3:c8:48:4e:
68:b5:8f:3c:7f:f0:fd:1c:6f:e0:b8:eb:6d:a0:01:dd:72:8d:
8c:f1:2a:df:dc:59:bb:67:92:28:7e:6b:fd:7a:b6:ff:a3:24:
5d:c2:49:f5:89:3d:17:99:a5:a2:ab:ac:b0:26:53:4d:e5:f2:
4a:12:f7:2e:72:ff:2d:f0:66:69:25:f0:6d:29:78:80:5d:3f:
fd:1d:b1:d2:c6:a9:44:b0:46:10:49:94:90:82:74:6f:f1:34:
b5:7f:9b:41:7d:b8:86:a7:b1:83:99:13:1a:7a:04:a9:5e:b1:
dc:ab:37:32:3c:4c:2b:ce:a8:c3:dc:5e:f0:64:82:1b:f8:e7:
64:bd:c5:fc:ab:8e:8a:83:65:ba:2f:a4:fc:92:fa:61:ba:61:
a8:e4:aa:cb:4f:38:55:1e:a6:d2:75:51:97:ed:19:cb:09:57:
f4:47:50:8e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQkRIqKeMXO3XIAI5g4WxF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODVjZGJkZGZkN2QxMzE2ODQ1YmViNGY3Mzk4ZjNjZTY0
ZmFjZDAwHhcNMjUwMTAxMjM0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjFiNjcyN2JjYWQ3YWI5NGU4NzExNTk0YmFjNjcxOWE5ZDg0OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI3Zyi5HrnOJSaSGfLgy1YWaRLdn
SFFYFma8nTY+qTpNW45LBQXF6/xZk1+/1Rrl5ZVR+LECyWsnNo9ZMSiSS1Q8EpQG
TZcNYi8W/S8xzwDd14lECyQJ1QOdgwzSxp0rTfQkcBzIDS+6c5DNTc/P9u870KgE
Am7x1KIuG9pj3s8LWmsdVfUEpu6NkyrEGBQaolgIxsLkk/t9C1pgECs1nWeHcH5J
6TzVJJ1SMXM6S/BX41CGfBeBjh0mnTYV2JjVhZgP+5m5frkzMdQKhrdkN1uSl0UZ
AQ4x0mKyCZUKfXjJd17hCX15ul3oldVM8BR2njfqen0eyzNN45lCD/avTwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBsbZye8rXq5TocRWUusZxmp2EknMB8GA1UdIwQY
MBaAFKiFzb3f19ExaEW+tPc5jzzmT6zQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEt
ZjQ4Mjc4MDBiMGM4LzEvR3h0bko3eXRlcmxPaHhGWlM2eG5HYW5ZU1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEtZjQ4Mjc4MDBiMGM4
LzEvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARRWFAD
BABRWFgDBAFRWF4wDAMEArnIjAMEALnIjjANBgkqhkiG9w0BAQsFAAOCAQEA2Btm
7X8X06ifvUtQyZJOcf4g0Yk41qkZoYVtveMM6Pe+gH92Gz92X9oyQT4IjVyROkPn
GeCWi4C9VY6Wm06PiPH/tvz9Qv+g3S9LyYvsYdfxNlp7nASjyEhOaLWPPH/w/Rxv
4LjrbaAB3XKNjPEq39xZu2eSKH5r/Xq2/6MkXcJJ9Yk9F5mloqussCZTTeXyShL3
LnL/LfBmaSXwbSl4gF0//R2x0sapRLBGEEmUkIJ0b/E0tX+bQX24hqexg5kTGnoE
qV6x3Ks3MjxMK86ow9xe8GSCG/jnZL3F/KuOioNlui+k/JL6YbphqOSqy084VR6m
0nVRl+0ZywlX9EdQjg==
-----END CERTIFICATE-----
Generated at Wed Jan 22 17:22:25 2025 by rpki-client on console.sobornost.net