Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/lb4hdRyzjtMdREKCHEBwDqhYUSs.roa
File: lb4hdRyzjtMdREKCHEBwDqhYUSs.roa (raw, json)
Hash identifier: htHwzGHsj34teHwkgfzHTJFQ22hGwm0EHzRkGV7wcj4=
Subject key identifier: 95:BE:21:75:1C:B3:8E:D3:1D:44:42:82:1C:40:70:0E:A8:58:51:2B
Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Certificate serial: 0195B6273E5EFF4C1C18933CC74E5D45CEDD
Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/lb4hdRyzjtMdREKCHEBwDqhYUSs.roa
Signing time: Fri 21 Mar 2025 00:42:59 +0000
ROA not before: Fri 21 Mar 2025 00:42:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24753
IP address blocks: 81.85.52.0/22 maxlen: 22
81.85.96.0/22 maxlen: 22
81.85.100.0/24 maxlen: 24
81.85.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b6:27:3e:5e:ff:4c:1c:18:93:3c:c7:4e:5d:45:ce:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Validity
Not Before: Mar 21 00:42:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95be21751cb38ed31d4442821c40700ea858512b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8a:4c:43:28:ac:06:bc:bf:24:17:f5:28:b2:
57:3a:4a:38:ea:b2:05:d5:ce:af:9d:87:10:8b:29:
ee:7c:c9:e0:d6:f4:fa:dd:34:6c:ce:21:25:da:e8:
0e:ef:40:1f:86:70:01:16:37:99:af:4f:59:c9:29:
fc:05:05:51:ad:7e:1b:4b:05:94:fe:b0:8d:95:28:
09:bb:e8:01:d7:7d:aa:89:56:4f:08:a4:80:14:cd:
ce:bb:f5:30:f5:a3:21:c9:ed:a1:a1:5e:4d:60:8d:
53:53:b1:92:9d:82:3e:b4:70:77:ae:c5:c3:10:0f:
45:39:d7:85:b1:be:7a:e8:cd:a6:5b:2c:51:f1:8d:
1e:38:eb:23:27:87:17:f6:c6:90:68:04:2c:ee:ea:
13:52:44:b0:54:79:a2:7d:d4:f6:85:2d:3a:4b:73:
c1:e2:cf:33:3e:7f:29:96:17:62:77:e0:95:7a:23:
58:8d:62:a4:20:32:7d:73:6e:71:fe:b4:9b:ea:a9:
b1:5c:92:ba:08:1f:40:99:7d:05:b6:34:dc:00:ff:
49:f9:84:1b:14:a4:d9:8e:dd:8b:2d:97:07:f1:5c:
95:33:b1:1d:8a:f8:3d:0a:88:c2:b5:51:7d:79:d8:
51:73:37:d5:c7:92:da:b2:dc:3b:c6:9c:e6:c7:7e:
b2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BE:21:75:1C:B3:8E:D3:1D:44:42:82:1C:40:70:0E:A8:58:51:2B
X509v3 Authority Key Identifier:
keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/lb4hdRyzjtMdREKCHEBwDqhYUSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.52.0/22
81.85.96.0-81.85.100.255
81.85.160.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:df:d6:8f:ea:f8:5e:c5:f5:ed:b6:15:4a:cd:a9:dd:82:00:
b6:c7:72:66:14:19:e7:61:9e:dc:ab:84:a3:54:d5:08:1f:25:
24:9a:7e:b2:82:ae:87:2a:76:29:1f:44:7c:2f:f6:e9:e5:8e:
df:0c:00:c3:f6:1c:45:59:e6:51:54:03:fe:89:6b:f2:0e:dd:
9f:c7:07:17:c7:01:61:ab:e7:39:c5:d7:e1:a1:fb:d2:47:e8:
2d:94:6e:7a:9d:07:f0:2e:74:f6:ff:17:cf:fc:20:6c:77:54:
44:56:45:5d:53:27:45:5f:a3:1c:43:b6:60:a2:81:89:ee:af:
67:21:65:0e:cf:52:26:64:76:ce:11:d2:59:2b:c1:2e:55:90:
e3:74:d0:2e:b3:6f:10:11:59:c6:d3:a6:7b:7e:d9:1e:0b:12:
1c:a2:f5:f3:61:9f:b0:fb:a2:ec:6f:1f:6a:26:c7:f5:06:91:
4c:ba:c4:a0:6b:31:82:66:cb:5d:c6:44:6f:e3:c6:c8:42:1d:
ae:73:b5:3a:8f:c9:73:39:56:71:d1:0e:a2:ec:1f:16:db:a8:
4d:ba:e7:7d:95:80:03:ec:78:1a:36:54:a0:43:ff:a1:8c:40:
67:39:6f:83:1a:53:5a:b7:45:f4:e7:03:e9:2c:c5:95:47:24:
4a:6f:10:fa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZW2Jz5e/0wcGJM8x05dRc7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi
N2QxMjMwHhcNMjUwMzIxMDA0MjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJlMjE3NTFjYjM4ZWQzMWQ0NDQyODIxYzQwNzAwZWE4NTg1MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YpMQyisBry/JBf1KLJXOko46rIF
1c6vnYcQiynufMng1vT63TRsziEl2ugO70AfhnABFjeZr09ZySn8BQVRrX4bSwWU
/rCNlSgJu+gB132qiVZPCKSAFM3Ou/Uw9aMhye2hoV5NYI1TU7GSnYI+tHB3rsXD
EA9FOdeFsb566M2mWyxR8Y0eOOsjJ4cX9saQaAQs7uoTUkSwVHmifdT2hS06S3PB
4s8zPn8plhdid+CVeiNYjWKkIDJ9c25x/rSb6qmxXJK6CB9AmX0FtjTcAP9J+YQb
FKTZjt2LLZcH8VyVM7Edivg9CojCtVF9edhRczfVx5Lastw7xpzmx36yWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJW+IXUcs47THURCghxAcA6oWFErMB8GA1UdIwQY
MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct
Yjg0YzQxM2RmYWE0LzEvbGI0aGRSeXpqdE1kUkVLQ0hFQndEcWhZVVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0
LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCUVU0MAwD
BAVRVWADBABRVWQDBARRVaAwDQYJKoZIhvcNAQELBQADggEBAJ3f1o/q+F7F9e22
FUrNqd2CALbHcmYUGedhntyrhKNU1QgfJSSafrKCrocqdikfRHwv9unljt8MAMP2
HEVZ5lFUA/6Ja/IO3Z/HBxfHAWGr5znF1+Gh+9JH6C2UbnqdB/AudPb/F8/8IGx3
VERWRV1TJ0VfoxxDtmCigYnur2chZQ7PUiZkds4R0lkrwS5VkON00C6zbxARWcbT
pnt+2R4LEhyi9fNhn7D7ouxvH2omx/UGkUy6xKBrMYJmy13GRG/jxshCHa5ztTqP
yXM5VnHRDqLsHxbbqE26532VgAPseBo2VKBD/6GMQGc5b4MaU1q3RfTnA+ksxZVH
JEpvEPo=
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:18:43 2025 by rpki-client on console.sobornost.net