Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/80rJ34jhy8u5tGpa5pDpV9ZY_3M.roa
File: 80rJ34jhy8u5tGpa5pDpV9ZY_3M.roa (raw, json)
Hash identifier: DSVlVBDi+HUemIMmohE8CiZbywAeWePDrOLcKXJaFNc=
Subject key identifier: F3:4A:C9:DF:88:E1:CB:CB:B9:B4:6A:5A:E6:90:E9:57:D6:58:FF:73
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 019421B1811BF4C0FF011EBDBE57F287CDEC
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/80rJ34jhy8u5tGpa5pDpV9ZY_3M.roa
Signing time: Wed 01 Jan 2025 11:47:48 +0000
ROA not before: Wed 01 Jan 2025 11:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43131
IP address blocks: 81.161.226.0/24 maxlen: 24
2a03:e842::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:81:1b:f4:c0:ff:01:1e:bd:be:57:f2:87:cd:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 11:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f34ac9df88e1cbcbb9b46a5ae690e957d658ff73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:d4:27:ee:05:73:8a:43:13:03:05:cb:03:
3e:7a:36:85:f5:50:14:02:6f:2e:1d:9f:45:36:fe:
c8:32:72:7d:8f:7b:ff:18:55:c7:36:17:4f:22:0b:
df:7b:1e:15:9d:46:89:79:67:24:72:48:4f:14:1d:
1b:e4:5d:6e:58:e6:d6:52:fd:ea:e6:d1:40:ae:6e:
35:b0:80:d5:b9:40:8d:75:89:57:b2:29:4f:6f:6c:
2f:8b:bd:5e:51:1f:1f:05:ba:ec:9d:38:91:f8:d4:
1c:03:55:d8:45:28:fc:66:19:8d:2d:6f:c1:ef:9d:
f3:bb:14:0f:84:52:01:14:08:07:30:0f:c4:e4:34:
97:e6:8c:95:f4:55:50:c7:4a:74:1b:db:e2:c7:10:
c5:95:72:f5:58:b4:a0:6d:72:f4:92:4a:a3:53:23:
ac:f3:50:39:cb:9d:95:e0:54:d7:d1:79:be:73:f7:
b5:51:fe:dc:ff:09:59:f8:80:ff:89:73:e4:9c:6e:
4e:8e:c4:78:0a:93:4e:d0:e1:0a:d2:a2:98:45:ee:
39:25:2c:47:fc:89:64:1c:4c:4f:eb:65:30:47:bd:
c0:d4:9d:67:14:b8:0f:32:ff:d7:56:0a:c9:f3:02:
a7:cc:b1:4d:f4:ed:95:52:6b:a2:d2:fd:ad:f4:98:
3f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4A:C9:DF:88:E1:CB:CB:B9:B4:6A:5A:E6:90:E9:57:D6:58:FF:73
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/80rJ34jhy8u5tGpa5pDpV9ZY_3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.226.0/24
IPv6:
2a03:e842::/44
Signature Algorithm: sha256WithRSAEncryption
0c:ed:34:a9:c1:af:da:8a:34:c5:9d:6d:df:7a:41:47:1d:69:
4c:b9:b2:08:9e:05:1a:cc:a8:08:c5:1f:be:4e:48:3c:2e:f1:
25:67:97:13:e7:6d:03:30:37:73:3c:15:cb:9c:33:91:2b:e4:
28:c4:c2:29:52:1c:b0:ff:94:96:e9:2e:aa:33:d6:94:ea:49:
d5:0f:99:47:f9:a3:c4:01:db:85:73:bc:fc:f7:7f:1b:9f:c6:
be:ff:b3:45:8b:0a:75:09:d3:cd:0c:a9:2f:d3:35:ce:99:a4:
3a:ae:29:58:59:8f:04:09:49:1e:db:45:c0:7a:c9:46:bc:00:
51:84:32:4b:35:09:26:1d:e2:5c:07:3a:b0:ad:cc:68:17:62:
87:0d:5c:40:38:9b:89:30:fc:99:a3:cb:b8:89:0a:93:31:88:
0b:ab:af:10:a9:d4:71:a2:24:b1:cb:b4:08:86:51:8d:49:88:
e6:fa:be:7c:1b:c7:fe:d4:35:30:81:54:67:5d:48:3f:bb:5e:
b3:fc:b3:27:43:72:3d:9a:7c:3c:56:ae:97:06:fc:88:64:99:
e8:a2:62:88:1f:ad:45:2f:4f:5f:5c:d4:ec:82:6a:46:ba:d1:
38:a2:ef:b5:e9:ab:65:e1:5e:07:ca:b1:b7:3e:ac:2d:13:d7:
33:a0:36:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhsYEb9MD/AR69vlfyh83sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGM3MzUzMGJiNjg0ZmQ1NjlkZmM0MzI3MDQ2NzU3MDQx
ODM0MjkwHhcNMjUwMTAxMTE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRhYzlkZjg4ZTFjYmNiYjliNDZhNWFlNjkwZTk1N2Q2NThmZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGLUJ+4Fc4pDEwMFywM+ejaF9VAU
Am8uHZ9FNv7IMnJ9j3v/GFXHNhdPIgvfex4VnUaJeWckckhPFB0b5F1uWObWUv3q
5tFArm41sIDVuUCNdYlXsilPb2wvi71eUR8fBbrsnTiR+NQcA1XYRSj8ZhmNLW/B
753zuxQPhFIBFAgHMA/E5DSX5oyV9FVQx0p0G9vixxDFlXL1WLSgbXL0kkqjUyOs
81A5y52V4FTX0Xm+c/e1Uf7c/wlZ+ID/iXPknG5OjsR4CpNO0OEK0qKYRe45JSxH
/IlkHExP62UwR73A1J1nFLgPMv/XVgrJ8wKnzLFN9O2VUmui0v2t9Jg/5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNKyd+I4cvLubRqWuaQ6VfWWP9zMB8GA1UdIwQY
MBaAFKEMc1MLtoT9Vp38QycEZ1cEGDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAt
N2QwODI5MWE3NjYyLzEvODBySjM0amh5OHU1dEdwYTVwRHBWOVpZXzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAtN2QwODI5MWE3NjYy
LzEvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUaHiMA8E
AgACMAkDBwQqA+hCAAAwDQYJKoZIhvcNAQELBQADggEBAAztNKnBr9qKNMWdbd96
QUcdaUy5sgieBRrMqAjFH75OSDwu8SVnlxPnbQMwN3M8FcucM5Er5CjEwilSHLD/
lJbpLqoz1pTqSdUPmUf5o8QB24VzvPz3fxufxr7/s0WLCnUJ080MqS/TNc6ZpDqu
KVhZjwQJSR7bRcB6yUa8AFGEMks1CSYd4lwHOrCtzGgXYocNXEA4m4kw/Jmjy7iJ
CpMxiAurrxCp1HGiJLHLtAiGUY1JiOb6vnwbx/7UNTCBVGddSD+7XrP8sydDcj2a
fDxWrpcG/IhkmeiiYogfrUUvT19c1OyCaka60Tii77Xpq2XhXgfKsbc+rC0T1zOg
NpU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:34 2025 by rpki-client on console.sobornost.net