Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/uGW4wsIIh4UfRdPgdZPrknwT0_s.roa
File: uGW4wsIIh4UfRdPgdZPrknwT0_s.roa (raw, json)
Hash identifier: DewiqU6mTjj3HeFVXlyQsAjNkoAtpsCRp10m8FffrLA=
Subject key identifier: B8:65:B8:C2:C2:08:87:85:1F:45:D3:E0:75:93:EB:92:7C:13:D3:FB
Certificate issuer: /CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Certificate serial: 019423D70FA2E9373C69B81C893F1416F3BC
Authority key identifier: E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/uGW4wsIIh4UfRdPgdZPrknwT0_s.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21437
IP address blocks: 81.17.128.0/24 maxlen: 24
81.17.131.0/24 maxlen: 24
81.17.132.0/24 maxlen: 24
81.17.133.0/24 maxlen: 24
81.17.134.0/24 maxlen: 24
81.17.135.0/24 maxlen: 24
81.17.136.0/24 maxlen: 24
81.17.138.0/24 maxlen: 24
81.17.139.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0f:a2:e9:37:3c:69:b8:1c:89:3f:14:16:f3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b865b8c2c20887851f45d3e07593eb927c13d3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:12:45:c9:5b:d0:ae:7a:40:0e:15:e9:53:1f:
21:b2:1d:80:64:d9:81:18:47:c6:88:d3:38:9f:5c:
29:bf:52:20:86:f0:bf:8d:5a:f5:4a:57:76:25:41:
a7:3a:7f:4f:36:12:f4:54:13:e1:4b:9a:41:70:b7:
0a:00:a2:b9:a4:62:3a:9d:54:08:34:12:15:b8:bb:
47:f1:0b:90:e6:fa:44:08:a5:f0:1f:14:f1:75:0e:
37:ee:f3:33:2b:9d:5b:96:32:d2:5f:12:03:2e:9f:
42:5b:65:02:6a:55:81:6c:34:b4:a1:ef:93:10:85:
cd:f2:0c:3e:0a:25:13:de:44:a2:41:80:c3:05:73:
df:8b:62:93:80:d4:ec:4e:91:d5:51:9d:22:7c:e6:
79:2c:ca:d5:19:73:3d:fd:12:91:25:95:f4:fb:d9:
3d:39:01:e7:5a:09:c4:b8:83:5d:e9:c4:c4:f0:c5:
cb:17:7f:66:f9:d3:a2:59:d9:c0:58:7e:6a:01:16:
8d:a0:6f:f4:0c:64:60:f0:70:6d:9a:79:32:6b:d4:
a6:ec:fe:a9:90:3c:44:71:6d:9c:6b:f6:57:4c:38:
e9:5d:ed:02:d7:eb:66:0b:68:16:45:7c:57:89:ac:
48:de:dd:60:d2:b1:0e:c1:b5:77:59:5d:97:da:2c:
4b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:65:B8:C2:C2:08:87:85:1F:45:D3:E0:75:93:EB:92:7C:13:D3:FB
X509v3 Authority Key Identifier:
keyid:E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/uGW4wsIIh4UfRdPgdZPrknwT0_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.128.0/24
81.17.131.0-81.17.136.255
81.17.138.0/23
Signature Algorithm: sha256WithRSAEncryption
08:15:6b:e2:18:a2:3a:ac:fb:23:23:a3:b4:25:2b:7c:4e:9c:
85:99:89:17:d2:3b:75:a6:17:fb:98:0e:77:e7:c2:31:06:8a:
29:0b:05:cd:2b:4f:03:84:e6:22:ac:16:29:ee:6b:7c:d3:64:
27:33:5d:44:32:30:43:56:79:b6:d3:3a:de:f8:12:03:fb:c0:
c1:69:07:2c:e3:9e:cc:7f:80:bc:4c:7b:7a:56:ae:d5:b3:96:
ca:a6:77:79:c8:0e:ae:37:b4:b8:d4:51:27:7e:43:f1:40:e6:
e5:08:d8:b1:5d:20:05:e3:08:4f:1c:55:09:f4:56:f3:db:c4:
23:64:2a:b8:f8:0e:36:28:32:d7:71:6d:26:b7:c9:d0:98:96:
bc:6b:f8:77:d5:27:ab:08:31:b5:f1:fa:01:e3:5b:c0:9d:98:
d9:60:57:b0:f3:41:59:a9:43:c4:c7:86:d4:21:d1:54:fc:24:
67:92:45:c0:8a:24:62:0d:a8:0a:d5:32:c5:eb:8f:8a:96:fc:
17:47:82:50:03:32:e3:30:c0:7a:5d:56:b9:4c:ad:5d:49:f1:
c1:d2:37:40:9c:de:d7:f2:0d:9a:1a:c7:54:04:28:d6:4b:0c:
d2:94:c4:82:92:44:47:c6:fb:e1:0e:89:e4:27:78:5c:6d:d7:
8c:10:39:5e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQj1w+i6Tc8abgciT8UFvO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTc0YzI4NzhkNmI1MzYxMzliODk1ZjA4YzljNmRiMThl
MTJhOWIwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODY1YjhjMmMyMDg4Nzg1MWY0NWQzZTA3NTkzZWI5MjdjMTNkM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihJFyVvQrnpADhXpUx8hsh2AZNmB
GEfGiNM4n1wpv1IghvC/jVr1Sld2JUGnOn9PNhL0VBPhS5pBcLcKAKK5pGI6nVQI
NBIVuLtH8QuQ5vpECKXwHxTxdQ437vMzK51bljLSXxIDLp9CW2UCalWBbDS0oe+T
EIXN8gw+CiUT3kSiQYDDBXPfi2KTgNTsTpHVUZ0ifOZ5LMrVGXM9/RKRJZX0+9k9
OQHnWgnEuINd6cTE8MXLF39m+dOiWdnAWH5qARaNoG/0DGRg8HBtmnkya9Sm7P6p
kDxEcW2ca/ZXTDjpXe0C1+tmC2gWRXxXiaxI3t1g0rEOwbV3WV2X2ixLAwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLhluMLCCIeFH0XT4HWT65J8E9P7MB8GA1UdIwQY
MBaAFOBXTCh41rU2E5uJXwjJxtsY4SqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUt
NDQ2MDE5OTY2YTE5LzEvdUdXNHdzSUloNFVmUmRQZ2RaUHJrbndUMF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUtNDQ2MDE5OTY2YTE5
LzEvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURGAMAwD
BABREYMDBABREYgDBAFREYowDQYJKoZIhvcNAQELBQADggEBAAgVa+IYojqs+yMj
o7QlK3xOnIWZiRfSO3WmF/uYDnfnwjEGiikLBc0rTwOE5iKsFinua3zTZCczXUQy
MENWebbTOt74EgP7wMFpByzjnsx/gLxMe3pWrtWzlsqmd3nIDq43tLjUUSd+Q/FA
5uUI2LFdIAXjCE8cVQn0VvPbxCNkKrj4DjYoMtdxbSa3ydCYlrxr+HfVJ6sIMbXx
+gHjW8CdmNlgV7DzQVmpQ8THhtQh0VT8JGeSRcCKJGINqArVMsXrj4qW/BdHglAD
MuMwwHpdVrlMrV1J8cHSN0Cc3tfyDZoax1QEKNZLDNKUxIKSREfG++EOieQneFxt
14wQOV4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net