Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/pKu7UglcJmA-j3iLVLdtywNO9BE.roa
File: pKu7UglcJmA-j3iLVLdtywNO9BE.roa (raw, json)
Hash identifier: Zkb8HbwY2s1iIMkolnog2EvROcriM2gwSI0ajYjdw4E=
Subject key identifier: A4:AB:BB:52:09:5C:26:60:3E:8F:78:8B:54:B7:6D:CB:03:4E:F4:11
Certificate issuer: /CN=dc8e059d5eb77649fbf19b84af35f6891d9c5807
Certificate serial: 01942143FF22123E5F2DBE252483B2DBAE2C
Authority key identifier: DC:8E:05:9D:5E:B7:76:49:FB:F1:9B:84:AF:35:F6:89:1D:9C:58:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3I4FnV63dkn78ZuErzX2iR2cWAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/pKu7UglcJmA-j3iLVLdtywNO9BE.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25081
IP address blocks: 81.89.192.0/20 maxlen: 20
2a04:c940::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ff:22:12:3e:5f:2d:be:25:24:83:b2:db:ae:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc8e059d5eb77649fbf19b84af35f6891d9c5807
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4abbb52095c26603e8f788b54b76dcb034ef411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6e:32:48:b6:cf:c1:10:80:85:94:d9:1e:86:
7b:ca:5b:b9:97:39:fe:0e:18:b8:52:31:01:4d:21:
0a:fb:95:e5:42:f8:5a:ae:92:a9:a3:d8:bf:f0:3e:
79:d3:2d:75:4b:23:a8:31:46:dd:4c:05:98:38:63:
97:ca:3b:6a:52:7a:f4:5f:f6:56:7f:1f:86:24:a5:
ef:a9:92:ef:75:ad:aa:5d:2f:16:df:e8:9a:53:38:
75:20:1c:57:1f:e6:6e:2c:15:14:5b:61:3d:db:7e:
32:43:0c:42:4c:dc:d9:37:3d:e6:22:b3:26:9a:bb:
63:57:b7:21:0a:db:16:d5:fc:7f:24:f1:c9:b0:79:
e3:5e:5a:39:f3:b0:af:f6:14:b0:4e:d5:a2:70:24:
f8:72:ea:1d:a4:3b:5d:bf:6b:a6:17:ae:eb:5e:52:
9e:50:fc:1a:b2:dc:8c:17:99:25:d5:8b:e6:cb:85:
2a:c3:a0:40:51:72:4b:b9:c6:59:b1:19:1b:17:5c:
c3:71:4a:64:f7:04:4b:3e:36:73:2c:44:33:f6:ac:
bc:7f:94:db:2d:42:89:c5:8e:25:1f:55:60:3b:a1:
c6:6c:e3:41:6c:fb:67:26:32:3e:d8:e8:a7:1e:96:
89:44:c0:d3:86:11:99:53:f0:15:ec:51:35:be:37:
d1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AB:BB:52:09:5C:26:60:3E:8F:78:8B:54:B7:6D:CB:03:4E:F4:11
X509v3 Authority Key Identifier:
keyid:DC:8E:05:9D:5E:B7:76:49:FB:F1:9B:84:AF:35:F6:89:1D:9C:58:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3I4FnV63dkn78ZuErzX2iR2cWAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/pKu7UglcJmA-j3iLVLdtywNO9BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4f6ee4-fa6e-436e-b349-6ef7e1199698/1/3I4FnV63dkn78ZuErzX2iR2cWAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.192.0/20
IPv6:
2a04:c940::/29
Signature Algorithm: sha256WithRSAEncryption
71:46:a5:7e:e6:f8:c4:3f:e2:23:ea:80:cb:88:79:df:b0:d3:
cc:eb:52:c7:07:02:7c:86:3f:6a:05:03:0e:12:16:5e:37:14:
ab:b0:78:44:54:89:56:fb:24:04:56:30:99:1f:bb:78:69:09:
e8:97:20:e3:9d:99:ee:ac:c2:a0:92:65:d0:7c:1e:1d:e1:b9:
e6:21:78:d8:ef:5d:42:39:b7:94:a2:65:c7:a1:ed:b0:ee:17:
ae:4d:3d:2b:85:38:ec:c7:45:13:ad:02:c1:9c:1b:9c:21:a9:
fa:56:94:89:ed:70:90:46:bd:e4:55:26:5c:fb:75:9a:ed:f4:
85:81:4d:94:73:cf:7f:6a:cf:49:a6:21:b9:51:48:76:2b:81:
fb:99:4f:06:09:2f:6f:73:5b:c6:44:a0:65:fb:19:f4:3e:c6:
aa:86:8d:d8:24:d4:c7:31:6b:a0:75:84:07:34:f9:90:b5:af:
4b:39:93:97:4d:17:60:b5:92:13:0e:49:d9:ea:80:ec:60:60:
34:b1:0a:19:44:0d:1c:20:db:5a:79:02:85:63:aa:2c:9f:3b:
d1:4d:dc:d7:38:94:da:18:bd:af:81:f1:02:de:45:bf:44:57:
09:6c:b5:8c:a5:d0:95:b1:aa:74:1a:95:2e:28:a7:84:9a:51:
03:d0:59:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ/8iEj5fLb4lJIOy264sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOGUwNTlkNWViNzc2NDlmYmYxOWI4NGFmMzVmNjg5MWQ5
YzU4MDcwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFiYmI1MjA5NWMyNjYwM2U4Zjc4OGI1NGI3NmRjYjAzNGVmNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA424ySLbPwRCAhZTZHoZ7ylu5lzn+
Dhi4UjEBTSEK+5XlQvharpKpo9i/8D550y11SyOoMUbdTAWYOGOXyjtqUnr0X/ZW
fx+GJKXvqZLvda2qXS8W3+iaUzh1IBxXH+ZuLBUUW2E9234yQwxCTNzZNz3mIrMm
mrtjV7chCtsW1fx/JPHJsHnjXlo587Cv9hSwTtWicCT4cuodpDtdv2umF67rXlKe
UPwastyMF5kl1Yvmy4Uqw6BAUXJLucZZsRkbF1zDcUpk9wRLPjZzLEQz9qy8f5Tb
LUKJxY4lH1VgO6HGbONBbPtnJjI+2OinHpaJRMDThhGZU/AV7FE1vjfR2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKSru1IJXCZgPo94i1S3bcsDTvQRMB8GA1UdIwQY
MBaAFNyOBZ1et3ZJ+/GbhK819okdnFgHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0k0Rm5WNjNka243OFp1RXJ6WDJpUjJjV0FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80ZjZlZTQtZmE2ZS00MzZlLWIzNDkt
NmVmN2UxMTk5Njk4LzEvcEt1N1VnbGNKbUEtajNpTFZMZHR5d05POUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80ZjZlZTQtZmE2ZS00MzZlLWIzNDktNmVmN2UxMTk5Njk4
LzEvM0k0Rm5WNjNka243OFp1RXJ6WDJpUjJjV0FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVnAMA0E
AgACMAcDBQMqBMlAMA0GCSqGSIb3DQEBCwUAA4IBAQBxRqV+5vjEP+Ij6oDLiHnf
sNPM61LHBwJ8hj9qBQMOEhZeNxSrsHhEVIlW+yQEVjCZH7t4aQnolyDjnZnurMKg
kmXQfB4d4bnmIXjY711CObeUomXHoe2w7heuTT0rhTjsx0UTrQLBnBucIan6VpSJ
7XCQRr3kVSZc+3Wa7fSFgU2Uc89/as9JpiG5UUh2K4H7mU8GCS9vc1vGRKBl+xn0
Psaqho3YJNTHMWugdYQHNPmQta9LOZOXTRdgtZITDknZ6oDsYGA0sQoZRA0cINta
eQKFY6osnzvRTdzXOJTaGL2vgfEC3kW/RFcJbLWMpdCVsap0GpUuKKeEmlED0FlP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:04 2025 by rpki-client on console.sobornost.net