Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/1HlDDcU_awP0Jg600b5QOV5zFyw.roa
File: 1HlDDcU_awP0Jg600b5QOV5zFyw.roa (raw, json)
Hash identifier: DII6lgfGgmt/XXzdShUFtsjKk90R+1ZgqPhGOseU9bY=
Subject key identifier: D4:79:43:0D:C5:3F:6B:03:F4:26:0E:B4:D1:BE:50:39:5E:73:17:2C
Certificate issuer: /CN=26a98b6125f5243e3ed835015967cddb97148df1
Certificate serial: 01942444AAE8BA3CE57C8EAB8F98A35E106A
Authority key identifier: 26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/1HlDDcU_awP0Jg600b5QOV5zFyw.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59595
IP address blocks: 81.161.16.0/22 maxlen: 22
81.161.20.0/23 maxlen: 23
81.161.22.0/23 maxlen: 23
81.161.24.0/24 maxlen: 24
81.161.25.0/24 maxlen: 24
81.161.26.0/23 maxlen: 23
81.161.28.0/23 maxlen: 23
81.161.30.0/23 maxlen: 23
91.227.210.0/23 maxlen: 23
91.227.210.0/24 maxlen: 24
91.227.211.0/24 maxlen: 24
91.227.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:aa:e8:ba:3c:e5:7c:8e:ab:8f:98:a3:5e:10:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a98b6125f5243e3ed835015967cddb97148df1
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d479430dc53f6b03f4260eb4d1be50395e73172c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:83:45:57:b0:3a:81:64:49:07:1a:d5:2a:6c:
88:97:da:cd:08:6e:51:72:0d:33:90:b5:73:dc:e9:
78:de:71:a0:97:05:18:19:b7:ff:fb:e2:ab:ee:6c:
39:13:29:ea:f9:f2:28:d7:a8:93:6a:b5:db:06:e3:
bf:44:41:a8:40:91:8f:b0:4c:01:a6:3a:36:63:d7:
d7:59:90:a0:30:77:f6:37:94:76:b2:45:44:cd:07:
89:04:53:1f:a6:c6:3b:14:7c:36:80:35:7a:e6:1c:
d9:c7:a5:77:d1:af:e8:58:1a:30:1c:f3:62:25:22:
10:34:4b:38:9f:44:41:68:ca:49:f9:16:58:9f:d3:
9a:1c:b8:8a:31:83:12:e4:d7:90:25:38:55:0b:e3:
54:01:1c:27:48:2a:13:60:78:0f:fe:29:34:c5:de:
5d:ad:a9:02:5c:c8:75:59:8c:a7:84:51:f2:bd:03:
90:5c:0b:92:08:9d:0e:60:17:09:64:be:b4:65:88:
b7:de:44:ae:3c:da:b4:43:4e:20:7b:07:db:96:22:
10:96:9e:34:95:9f:42:34:28:2e:44:28:53:74:5a:
b8:01:f0:e7:7b:77:66:7e:1c:bf:94:01:41:8c:2b:
a2:44:5a:2e:ab:ca:f2:39:60:87:c6:b2:37:c4:ba:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:79:43:0D:C5:3F:6B:03:F4:26:0E:B4:D1:BE:50:39:5E:73:17:2C
X509v3 Authority Key Identifier:
keyid:26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/1HlDDcU_awP0Jg600b5QOV5zFyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/JqmLYSX1JD4-2DUBWWfN25cUjfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.16.0/20
91.227.210.0/23
91.227.228.0/24
Signature Algorithm: sha256WithRSAEncryption
20:c6:12:f1:aa:f1:f9:c8:0c:f3:7a:fc:cc:74:af:a2:40:0a:
5c:86:3d:c8:e6:9d:77:59:81:73:09:61:3c:fa:22:ae:21:cb:
c3:a1:dc:52:8c:df:8d:12:a7:9a:35:27:69:54:d0:aa:94:5e:
cc:91:0c:b6:c4:b9:79:55:56:42:e5:e5:9c:ca:ad:bb:cf:8b:
42:4d:cd:0f:a0:f2:31:62:7e:6a:00:b4:b6:57:e0:0f:72:7e:
dd:be:5c:c8:c3:95:e6:ae:96:9d:e7:d7:02:96:fc:4e:be:23:
8e:09:b8:1d:47:f3:05:81:86:fe:31:86:1f:25:22:a1:88:b0:
d4:1c:0c:6f:f1:e7:3a:b8:79:b6:ea:12:4e:d4:bc:10:63:48:
af:29:00:d5:1a:a1:7f:61:92:fa:c6:4e:84:50:bb:61:f0:62:
6e:c4:46:02:ef:34:7d:de:80:e8:d7:c5:a6:85:bb:6b:37:2b:
c9:7a:a0:b9:f1:a4:d4:5d:c4:5e:f0:23:2d:4d:45:23:ea:be:
36:74:96:c6:aa:91:1d:6b:24:8c:66:5e:d7:49:1d:3f:ab:e2:
e4:73:2b:22:0e:25:aa:54:c2:09:5c:0b:72:9e:7a:7c:0b:6e:
cd:c9:5f:10:fc:42:60:94:e2:87:b3:13:8c:cb:78:77:07:59:
9c:ae:0a:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRKroujzlfI6rj5ijXhBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTk4YjYxMjVmNTI0M2UzZWQ4MzUwMTU5NjdjZGRiOTcx
NDhkZjEwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc5NDMwZGM1M2Y2YjAzZjQyNjBlYjRkMWJlNTAzOTVlNzMxNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoNFV7A6gWRJBxrVKmyIl9rNCG5R
cg0zkLVz3Ol43nGglwUYGbf/++Kr7mw5Eynq+fIo16iTarXbBuO/REGoQJGPsEwB
pjo2Y9fXWZCgMHf2N5R2skVEzQeJBFMfpsY7FHw2gDV65hzZx6V30a/oWBowHPNi
JSIQNEs4n0RBaMpJ+RZYn9OaHLiKMYMS5NeQJThVC+NUARwnSCoTYHgP/ik0xd5d
rakCXMh1WYynhFHyvQOQXAuSCJ0OYBcJZL60ZYi33kSuPNq0Q04gewfbliIQlp40
lZ9CNCguRChTdFq4AfDne3dmfhy/lAFBjCuiRFouq8ryOWCHxrI3xLpJVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNR5Qw3FP2sD9CYOtNG+UDlecxcsMB8GA1UdIwQY
MBaAFCapi2El9SQ+Ptg1AVlnzduXFI3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFtTFlTWDFKRDQtMkRVQldXZk4yNWNVamZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZGJmYjAtZjkxNC00MGQzLWIyZTIt
YjkxM2U1OTY3MDdlLzEvMUhsRERjVV9hd1AwSmc2MDBiNVFPVjV6Rnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZGJmYjAtZjkxNC00MGQzLWIyZTItYjkxM2U1OTY3MDdl
LzEvSnFtTFlTWDFKRDQtMkRVQldXZk4yNWNVamZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUaEQAwQB
W+PSAwQAW+PkMA0GCSqGSIb3DQEBCwUAA4IBAQAgxhLxqvH5yAzzevzMdK+iQApc
hj3I5p13WYFzCWE8+iKuIcvDodxSjN+NEqeaNSdpVNCqlF7MkQy2xLl5VVZC5eWc
yq27z4tCTc0PoPIxYn5qALS2V+APcn7dvlzIw5Xmrpad59cClvxOviOOCbgdR/MF
gYb+MYYfJSKhiLDUHAxv8ec6uHm26hJO1LwQY0ivKQDVGqF/YZL6xk6EULth8GJu
xEYC7zR93oDo18WmhbtrNyvJeqC58aTUXcRe8CMtTUUj6r42dJbGqpEdaySMZl7X
SR0/q+LkcysiDiWqVMIJXAtynnp8C27NyV8Q/EJglOKHsxOMy3h3B1mcrgqv
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:53:51 2025 by rpki-client