Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/TKlbM4JoTI14SvlWl9KxKwEmigw.roa
File: TKlbM4JoTI14SvlWl9KxKwEmigw.roa (raw, json)
Hash identifier: YEHXScxruB3ZAlC0fbNpVAnfjw2qlaMRSrlrmf/M0XY=
Subject key identifier: 4C:A9:5B:33:82:68:4C:8D:78:4A:F9:56:97:D2:B1:2B:01:26:8A:0C
Certificate issuer: /CN=c285a1474e38627e301a551be34efa4582a5cf39
Certificate serial: 019423D6BBFF6EB0F1303B1E4C8B5C4F89FB
Authority key identifier: C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/TKlbM4JoTI14SvlWl9KxKwEmigw.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201822
IP address blocks: 81.173.42.0/24 maxlen: 24
185.62.160.0/23 maxlen: 23
2a03:521::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bb:ff:6e:b0:f1:30:3b:1e:4c:8b:5c:4f:89:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c285a1474e38627e301a551be34efa4582a5cf39
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ca95b3382684c8d784af95697d2b12b01268a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c1:3b:6c:bf:c2:f5:dc:67:c7:00:9b:61:0d:
83:80:fe:4c:2b:fb:c7:45:0c:38:e7:56:9a:ce:0f:
3d:bd:44:af:15:85:49:1d:87:37:6d:6c:78:f2:85:
67:c6:01:8e:30:e2:60:ef:e6:62:a0:a8:9a:b0:98:
b8:22:bf:16:5b:b7:e2:ea:b8:8c:59:55:d9:12:db:
b9:ab:68:44:a2:19:70:21:6d:53:1b:e1:0f:29:4f:
2d:a4:af:15:f4:e8:12:c4:a7:3e:cf:e0:28:39:88:
95:22:e4:ee:c0:64:90:2b:2e:46:de:09:d5:bf:f2:
eb:13:b8:6b:6a:7e:ce:22:f8:dd:f6:96:27:28:1b:
0f:38:11:c4:df:2d:d3:27:80:3b:06:46:48:df:b2:
55:25:dc:84:ed:80:d0:31:22:21:ad:b1:f6:76:e7:
66:53:a2:8d:94:47:44:20:79:a0:12:e9:d5:9d:a6:
8c:1f:8d:05:1c:88:0e:ef:8f:de:6f:e4:69:23:10:
22:d1:99:86:63:8e:37:58:bf:d0:87:11:2c:99:fb:
c9:31:60:9b:bf:34:96:c0:06:08:06:9d:83:2b:08:
94:22:e2:39:f8:98:27:17:d0:e4:3e:3f:7b:91:59:
51:bd:97:e4:ec:7f:9d:d0:66:60:0c:a3:05:f9:cf:
84:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A9:5B:33:82:68:4C:8D:78:4A:F9:56:97:D2:B1:2B:01:26:8A:0C
X509v3 Authority Key Identifier:
keyid:C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/TKlbM4JoTI14SvlWl9KxKwEmigw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.42.0/24
185.62.160.0/23
IPv6:
2a03:521::/32
Signature Algorithm: sha256WithRSAEncryption
43:9d:f3:80:32:c9:db:f7:f0:85:6a:e3:21:9d:a8:7c:00:ba:
2f:39:cf:0e:b7:8e:e6:b8:74:cb:25:fd:50:f9:ae:71:31:46:
6c:2d:12:07:43:83:c3:6b:2c:bc:34:6d:d2:a1:6c:45:7a:34:
8c:9f:8a:13:c3:c0:36:44:9b:14:85:80:a5:4c:0c:0d:c5:8a:
99:3c:d3:d7:14:a1:2c:3a:fc:a1:b0:f9:9c:08:9c:83:f4:e7:
94:3d:a7:51:fe:55:09:0d:07:44:ae:1c:e6:ed:bb:5e:92:13:
81:28:0d:78:44:76:22:ad:4d:e0:8c:df:44:19:53:c2:fc:13:
09:5c:9c:be:d0:85:f8:ab:7d:52:64:4c:e6:e2:05:96:e5:6a:
82:24:be:0a:e2:2b:84:cd:64:95:05:db:78:eb:75:7a:18:1e:
59:e3:e7:e2:d7:a2:a2:e1:b4:e6:25:70:e3:72:bb:4c:e5:52:
c9:40:54:67:19:90:19:7e:ff:dc:a5:a1:22:a2:b6:65:3c:db:
4e:6a:75:4c:d5:1b:af:e9:62:e6:23:e6:9f:a4:d1:4f:77:3c:
93:8b:1e:71:40:95:ba:a9:46:55:ba:f0:e8:b0:ca:e6:42:18:
eb:b4:63:d7:3b:c0:96:20:f1:0b:3a:14:b1:36:49:74:4e:3f:
0a:e5:f6:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj1rv/brDxMDseTItcT4n7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyODVhMTQ3NGUzODYyN2UzMDFhNTUxYmUzNGVmYTQ1ODJh
NWNmMzkwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E5NWIzMzgyNjg0YzhkNzg0YWY5NTY5N2QyYjEyYjAxMjY4YTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cE7bL/C9dxnxwCbYQ2DgP5MK/vH
RQw451aazg89vUSvFYVJHYc3bWx48oVnxgGOMOJg7+ZioKiasJi4Ir8WW7fi6riM
WVXZEtu5q2hEohlwIW1TG+EPKU8tpK8V9OgSxKc+z+AoOYiVIuTuwGSQKy5G3gnV
v/LrE7hran7OIvjd9pYnKBsPOBHE3y3TJ4A7BkZI37JVJdyE7YDQMSIhrbH2dudm
U6KNlEdEIHmgEunVnaaMH40FHIgO74/eb+RpIxAi0ZmGY443WL/QhxEsmfvJMWCb
vzSWwAYIBp2DKwiUIuI5+JgnF9DkPj97kVlRvZfk7H+d0GZgDKMF+c+ERQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEypWzOCaEyNeEr5VpfSsSsBJooMMB8GA1UdIwQY
MBaAFMKFoUdOOGJ+MBpVG+NO+kWCpc85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYt
ZDVlNjM4NTZkNTVkLzEvVEtsYk00Sm9USTE0U3ZsV2w5S3hLd0VtaWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYtZDVlNjM4NTZkNTVk
LzEvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUa0qAwQB
uT6gMA0EAgACMAcDBQAqAwUhMA0GCSqGSIb3DQEBCwUAA4IBAQBDnfOAMsnb9/CF
auMhnah8ALovOc8Ot47muHTLJf1Q+a5xMUZsLRIHQ4PDayy8NG3SoWxFejSMn4oT
w8A2RJsUhYClTAwNxYqZPNPXFKEsOvyhsPmcCJyD9OeUPadR/lUJDQdErhzm7bte
khOBKA14RHYirU3gjN9EGVPC/BMJXJy+0IX4q31SZEzm4gWW5WqCJL4K4iuEzWSV
Bdt463V6GB5Z4+fi16Ki4bTmJXDjcrtM5VLJQFRnGZAZfv/cpaEiorZlPNtOanVM
1Ruv6WLmI+afpNFPdzyTix5xQJW6qUZVuvDosMrmQhjrtGPXO8CWIPELOhSxNkl0
Tj8K5fYx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net