Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/fY7PiVaNASL9YPra9k_iCHjE_QA.roa
File: fY7PiVaNASL9YPra9k_iCHjE_QA.roa (raw, json)
Hash identifier: o0Z+yqTEUGOR+lt86tr/WH+kJG6LQkAy74XbI2VEuOk=
Subject key identifier: 7D:8E:CF:89:56:8D:01:22:FD:60:FA:DA:F6:4F:E2:08:78:C4:FD:00
Certificate issuer: /CN=322d91b4aa96cc5732576d42335fddd0e5d6294f
Certificate serial: 019424457AA0363852FD80A65D8972CFEF1A
Authority key identifier: 32:2D:91:B4:AA:96:CC:57:32:57:6D:42:33:5F:DD:D0:E5:D6:29:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mi2RtKqWzFcyV21CM1_d0OXWKU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/fY7PiVaNASL9YPra9k_iCHjE_QA.roa
Signing time: Wed 01 Jan 2025 23:48:40 +0000
ROA not before: Wed 01 Jan 2025 23:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215644
IP address blocks: 81.89.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7a:a0:36:38:52:fd:80:a6:5d:89:72:cf:ef:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322d91b4aa96cc5732576d42335fddd0e5d6294f
Validity
Not Before: Jan 1 23:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d8ecf89568d0122fd60fadaf64fe20878c4fd00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:16:e5:d6:c6:3d:19:97:bd:73:20:04:2b:
b5:3c:c1:28:db:8b:e8:3e:b2:31:28:06:ee:e6:63:
2b:07:72:08:79:41:1d:c7:39:19:2a:3c:d8:89:f2:
07:23:ed:44:32:f9:ea:c2:00:fc:e0:1d:5c:5e:d3:
f5:3e:a2:a6:b4:a9:09:f1:f7:b7:65:f8:00:3e:41:
66:17:7e:83:c9:45:35:3d:bc:5c:13:31:f4:11:2f:
7b:60:69:95:92:1d:3a:10:ff:63:8a:cf:f8:bd:b8:
f3:2d:26:5e:4a:c4:31:5d:9a:af:a4:79:8a:ca:7b:
b4:8c:8e:9e:e0:65:6d:6e:34:7d:42:39:c4:cc:31:
22:96:d5:61:e7:7c:a7:07:c0:46:54:84:88:f9:81:
be:94:6b:c5:72:23:55:46:b1:ea:de:c9:16:cb:ad:
81:97:01:15:c5:ca:93:c3:e8:b7:03:0a:52:d2:4e:
8c:12:dd:9e:f2:75:0b:be:ee:6a:be:3b:15:a4:89:
ec:87:6d:4a:f6:5c:d7:9b:ac:e5:c2:19:8c:c2:0c:
d7:41:33:2a:52:ff:65:bf:50:2e:28:26:6a:a9:f6:
98:be:1c:2f:fb:8e:fc:5e:25:e8:68:d9:e9:fe:46:
cd:52:07:75:a7:63:bb:ac:56:57:ca:a4:76:82:9c:
b9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8E:CF:89:56:8D:01:22:FD:60:FA:DA:F6:4F:E2:08:78:C4:FD:00
X509v3 Authority Key Identifier:
keyid:32:2D:91:B4:AA:96:CC:57:32:57:6D:42:33:5F:DD:D0:E5:D6:29:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mi2RtKqWzFcyV21CM1_d0OXWKU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/fY7PiVaNASL9YPra9k_iCHjE_QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/Mi2RtKqWzFcyV21CM1_d0OXWKU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:2b:54:cc:e8:12:46:db:a2:dd:ba:2a:50:5c:22:b7:87:5e:
c9:98:b8:4f:f5:04:70:24:b2:da:ef:f3:34:fa:2a:d5:63:35:
54:2e:df:4b:01:fa:b7:3a:a7:d5:d1:64:69:b2:38:a3:4c:a1:
1b:c4:60:8e:72:fe:28:9f:77:4f:71:ad:a4:33:6b:81:5e:ec:
bc:ec:c6:49:60:fb:70:75:c7:40:7e:a7:8e:e6:2b:4a:4e:8c:
fe:d7:83:f9:b7:ec:7b:a6:79:b5:38:1a:8f:24:f3:52:b5:8a:
ab:78:03:cb:3e:a8:be:88:ae:52:10:ad:31:1d:a6:b4:8c:c3:
ba:cb:c8:3f:21:e6:e1:c8:54:6b:f1:fe:82:68:6a:46:ed:01:
c6:18:34:9e:66:4b:c7:1d:11:14:5c:37:c8:55:60:da:91:61:
01:9d:b7:0a:40:06:1d:31:67:ad:74:f4:47:7e:a3:0b:54:5b:
1e:44:ea:29:bc:c7:8f:b5:2a:dd:2d:30:0d:19:a1:37:eb:00:
fc:34:48:09:65:14:e3:fe:da:68:1b:16:a1:36:8d:66:b4:c3:
ab:8f:2c:76:67:28:95:fd:f7:b4:26:c4:4b:28:bf:55:ae:28:
d8:e9:fa:14:8f:03:d7:00:f2:9d:1a:93:a3:1e:c4:78:b1:bf:
2e:cc:07:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXqgNjhS/YCmXYlyz+8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMmQ5MWI0YWE5NmNjNTczMjU3NmQ0MjMzNWZkZGQwZTVk
NjI5NGYwHhcNMjUwMTAxMjM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhlY2Y4OTU2OGQwMTIyZmQ2MGZhZGFmNjRmZTIwODc4YzRmZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqQW5dbGPRmXvXMgBCu1PMEo24vo
PrIxKAbu5mMrB3IIeUEdxzkZKjzYifIHI+1EMvnqwgD84B1cXtP1PqKmtKkJ8fe3
ZfgAPkFmF36DyUU1PbxcEzH0ES97YGmVkh06EP9jis/4vbjzLSZeSsQxXZqvpHmK
ynu0jI6e4GVtbjR9QjnEzDEiltVh53ynB8BGVISI+YG+lGvFciNVRrHq3skWy62B
lwEVxcqTw+i3AwpS0k6MEt2e8nULvu5qvjsVpInsh21K9lzXm6zlwhmMwgzXQTMq
Uv9lv1AuKCZqqfaYvhwv+478XiXoaNnp/kbNUgd1p2O7rFZXyqR2gpy5JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2Oz4lWjQEi/WD62vZP4gh4xP0AMB8GA1UdIwQY
MBaAFDItkbSqlsxXMldtQjNf3dDl1ilPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWkyUnRLcVd6RmN5VjIxQ00xX2QwT1hXS1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85YmQxMjItZDZhOS00YTQwLTg2MGIt
YjBlZmMwMWQ0ZjljLzEvZlk3UGlWYU5BU0w5WVByYTlrX2lDSGpFX1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi85YmQxMjItZDZhOS00YTQwLTg2MGItYjBlZmMwMWQ0Zjlj
LzEvTWkyUnRLcVd6RmN5VjIxQ00xX2QwT1hXS1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVndMA0G
CSqGSIb3DQEBCwUAA4IBAQBOK1TM6BJG26LduipQXCK3h17JmLhP9QRwJLLa7/M0
+irVYzVULt9LAfq3OqfV0WRpsjijTKEbxGCOcv4on3dPca2kM2uBXuy87MZJYPtw
dcdAfqeO5itKToz+14P5t+x7pnm1OBqPJPNStYqreAPLPqi+iK5SEK0xHaa0jMO6
y8g/IebhyFRr8f6CaGpG7QHGGDSeZkvHHREUXDfIVWDakWEBnbcKQAYdMWetdPRH
fqMLVFseROopvMePtSrdLTANGaE36wD8NEgJZRTj/tpoGxahNo1mtMOrjyx2ZyiV
/fe0JsRLKL9VrijY6foUjwPXAPKdGpOjHsR4sb8uzAeB
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:48 2025 by rpki-client on console.sobornost.net