Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8hBmqjWR-zNqyOInSwG16vK4Ntg.roa
File: 8hBmqjWR-zNqyOInSwG16vK4Ntg.roa (raw, json)
Hash identifier: M8natmYhSutcusHKkyCqjvh54pCL8EI0Xzal02CFbaQ=
Subject key identifier: F2:10:66:AA:35:91:FB:33:6A:C8:E2:27:4B:01:B5:EA:F2:B8:36:D8
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C60012F88D472F2706B7AAB559A19
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8hBmqjWR-zNqyOInSwG16vK4Ntg.roa
Signing time: Thu 02 Jan 2025 09:50:24 +0000
ROA not before: Thu 02 Jan 2025 09:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16287
IP address blocks: 87.103.216.0/21 maxlen: 21
217.116.128.0/24 maxlen: 24
217.116.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:60:01:2f:88:d4:72:f2:70:6b:7a:ab:55:9a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f21066aa3591fb336ac8e2274b01b5eaf2b836d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b7:2c:2c:a6:8a:77:0a:19:ec:39:ed:d3:28:
0a:40:a9:28:a3:c2:5f:d4:d4:e0:10:97:68:34:f2:
79:a1:ac:83:1b:9f:fa:72:29:d6:59:53:4b:ad:bc:
e0:a5:66:74:ca:78:7a:bc:3d:2e:89:d3:82:a7:c3:
03:c2:f2:2a:52:3a:48:25:75:57:22:df:ab:3c:67:
50:0b:eb:f2:33:33:76:fd:c6:52:03:80:ae:7f:79:
63:6b:7e:64:f9:9c:59:b3:87:56:ec:68:79:20:00:
8e:21:ba:58:4d:df:2e:3d:ae:67:01:27:1d:33:80:
f8:2b:fc:49:15:2c:84:e0:63:0a:f8:99:1b:c3:ee:
3e:aa:18:95:85:41:3c:a7:45:37:6a:68:0c:df:a9:
53:ca:b9:9c:d2:6b:ee:c7:2b:07:8b:58:ea:cf:01:
fc:c2:4d:ba:87:f8:06:18:39:22:39:68:40:97:96:
eb:1c:c5:6c:4c:53:0c:6f:bd:a5:b4:fe:f6:47:f3:
e5:fd:cf:1b:c7:2d:19:eb:d5:7a:a3:cd:ca:a4:e0:
23:57:bb:5c:a3:27:6c:4c:42:97:9d:c5:f2:73:06:
40:5c:3a:c2:ff:32:0c:5b:eb:2b:d2:ff:59:01:30:
56:fa:9f:c3:16:66:d3:34:31:46:ac:70:2f:c0:20:
81:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:10:66:AA:35:91:FB:33:6A:C8:E2:27:4B:01:B5:EA:F2:B8:36:D8
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8hBmqjWR-zNqyOInSwG16vK4Ntg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.103.216.0/21
217.116.128.0/24
217.116.140.0/24
Signature Algorithm: sha256WithRSAEncryption
92:7f:25:59:97:b6:a7:1c:53:1d:9f:69:95:b5:46:c7:c6:41:
ae:3e:4c:29:3e:d6:79:75:e9:b9:19:61:f8:33:fe:13:6c:2b:
22:c1:4b:ae:56:d5:40:17:61:a5:78:19:28:48:b8:85:62:f4:
44:1f:b4:92:db:b0:57:45:d4:bd:a1:fc:5f:63:6a:87:35:ef:
f3:6a:d8:0b:bb:0d:24:26:f2:07:62:d0:5d:2d:4d:7c:07:14:
0d:65:13:dd:41:93:83:d7:39:52:16:72:6e:2c:95:10:67:46:
39:b8:cd:09:12:ad:41:80:b8:75:11:78:e3:4e:38:24:10:84:
a3:04:3b:bf:53:1f:48:d8:36:49:4a:9e:4f:d2:de:e6:ae:3c:
e7:10:33:0a:5e:f1:84:e4:6c:02:f7:de:3d:83:ee:f3:30:ee:
72:bc:75:34:8f:12:b2:e1:e5:14:3e:f5:73:91:56:45:4d:8e:
34:79:87:27:71:03:b4:4d:e3:32:96:c9:c2:93:50:f7:1b:e1:
4b:89:5b:c4:99:48:7f:dc:99:e1:48:09:87:56:35:75:58:6c:
aa:a3:4c:ca:b1:23:6b:2c:b0:d3:18:56:ef:41:b1:b9:a2:eb:
f3:00:df:b9:72:5a:0e:b5:88:92:26:5c:98:80:03:fd:f2:b3:
0e:17:84:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbGABL4jUcvJwa3qrVZoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjEwNjZhYTM1OTFmYjMzNmFjOGUyMjc0YjAxYjVlYWYyYjgzNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbcsLKaKdwoZ7Dnt0ygKQKkoo8Jf
1NTgEJdoNPJ5oayDG5/6cinWWVNLrbzgpWZ0ynh6vD0uidOCp8MDwvIqUjpIJXVX
It+rPGdQC+vyMzN2/cZSA4Cuf3lja35k+ZxZs4dW7Gh5IACOIbpYTd8uPa5nAScd
M4D4K/xJFSyE4GMK+Jkbw+4+qhiVhUE8p0U3amgM36lTyrmc0mvuxysHi1jqzwH8
wk26h/gGGDkiOWhAl5brHMVsTFMMb72ltP72R/Pl/c8bxy0Z69V6o83KpOAjV7tc
oydsTEKXncXycwZAXDrC/zIMW+sr0v9ZATBW+p/DFmbTNDFGrHAvwCCBPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPIQZqo1kfszasjiJ0sBteryuDbYMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOGhCbXFqV1Itek5xeU9JblN3RzE2dks0TnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDV2fYAwQA
2XSAAwQA2XSMMA0GCSqGSIb3DQEBCwUAA4IBAQCSfyVZl7anHFMdn2mVtUbHxkGu
PkwpPtZ5dem5GWH4M/4TbCsiwUuuVtVAF2GleBkoSLiFYvREH7SS27BXRdS9ofxf
Y2qHNe/zatgLuw0kJvIHYtBdLU18BxQNZRPdQZOD1zlSFnJuLJUQZ0Y5uM0JEq1B
gLh1EXjjTjgkEISjBDu/Ux9I2DZJSp5P0t7mrjznEDMKXvGE5GwC9949g+7zMO5y
vHU0jxKy4eUUPvVzkVZFTY40eYcncQO0TeMylsnCk1D3G+FLiVvEmUh/3JnhSAmH
VjV1WGyqo0zKsSNrLLDTGFbvQbG5ouvzAN+5cloOtYiSJlyYgAP98rMOF4Rl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net