Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/hFPPHhOMQW_4XkqhjXSBTCjwlfs.roa
File: hFPPHhOMQW_4XkqhjXSBTCjwlfs.roa (raw, json)
Hash identifier: 4m3xa6SKPtpxIGZbIvqkpRqzc55Dx3AnOKG3Nnp54nM=
Subject key identifier: 84:53:CF:1E:13:8C:41:6F:F8:5E:4A:A1:8D:74:81:4C:28:F0:95:FB
Certificate issuer: /CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Certificate serial: 0194228DF648793A7C5A3309E0B81EE145C1
Authority key identifier: AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/hFPPHhOMQW_4XkqhjXSBTCjwlfs.roa
Signing time: Wed 01 Jan 2025 15:48:36 +0000
ROA not before: Wed 01 Jan 2025 15:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39434
IP address blocks: 81.24.80.0/21 maxlen: 21
81.24.80.0/24 maxlen: 24
81.24.81.0/24 maxlen: 24
81.24.82.0/24 maxlen: 24
81.24.83.0/24 maxlen: 24
81.24.84.0/24 maxlen: 24
81.24.86.0/24 maxlen: 24
81.24.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f6:48:79:3a:7c:5a:33:09:e0:b8:1e:e1:45:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Validity
Not Before: Jan 1 15:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8453cf1e138c416ff85e4aa18d74814c28f095fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:58:9f:04:0e:28:2e:b6:72:8f:10:e3:ba:
1b:47:e4:fa:d9:ca:b9:9e:3f:1b:06:94:17:7a:73:
69:25:ca:0c:2e:d0:99:bb:0c:04:dd:bc:0b:c3:f9:
8f:c2:bd:97:79:35:fd:e5:c4:4c:64:8c:d2:d9:a5:
1d:44:4f:ac:42:8a:fb:52:eb:a3:bb:0f:e8:07:be:
9d:51:e8:32:ff:11:be:62:4d:62:77:00:cb:7e:94:
07:de:d1:1d:36:01:0c:c2:6b:9b:ee:70:b2:e4:87:
62:ba:a1:12:0e:16:6f:aa:87:08:0b:44:a5:eb:d6:
39:f6:32:59:80:46:a5:c6:86:23:23:73:37:31:c0:
cd:ad:1c:38:85:40:ad:8d:57:c6:6e:d6:7a:4e:21:
b0:2d:88:38:25:d5:e9:6b:a9:f2:27:a0:c2:6e:e8:
da:72:53:bf:42:dc:3e:37:62:bb:e4:5b:09:d9:d5:
8b:37:8b:95:0c:0e:69:62:5d:2d:0f:34:d8:b1:a2:
d6:7a:e2:3c:f8:ac:f5:ff:4d:69:cf:3c:49:62:fe:
67:18:ab:e3:ce:ba:4f:e6:36:f6:a5:16:d7:c7:2b:
fe:01:24:a7:12:43:48:72:c5:ff:33:59:bf:13:93:
0c:a5:a0:a2:4e:c9:f5:cb:66:5d:58:1e:ad:3f:ab:
f3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:53:CF:1E:13:8C:41:6F:F8:5E:4A:A1:8D:74:81:4C:28:F0:95:FB
X509v3 Authority Key Identifier:
keyid:AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/hFPPHhOMQW_4XkqhjXSBTCjwlfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.80.0/21
Signature Algorithm: sha256WithRSAEncryption
57:ae:ac:75:5f:df:6f:7c:44:b4:9b:f2:b6:1d:cb:be:d6:c3:
fd:5c:2e:08:ca:76:1a:19:24:f4:a9:18:25:93:19:92:73:1d:
61:64:95:35:93:d3:e1:4b:3b:3d:01:90:9e:9b:7a:3c:e1:2f:
e1:19:40:9c:0d:0a:5f:8f:e9:ea:cc:45:3e:8d:dc:77:b3:d5:
cf:4c:f0:dc:0f:e5:90:52:73:3a:f8:96:3b:08:7d:2c:db:fd:
56:5f:05:d5:dd:5e:50:c3:c8:f9:71:ff:d6:14:1c:87:56:db:
35:89:74:3c:3e:1a:83:26:6c:56:8a:05:7b:aa:33:16:1d:71:
41:5b:7a:08:47:e1:d1:83:56:a4:da:a4:36:9c:89:7b:78:7d:
aa:62:fd:61:57:dc:43:0a:bf:9c:c3:8a:12:dd:7b:69:2c:ef:
60:b7:eb:1b:82:dc:83:b7:f2:fd:3e:4c:40:ce:f7:70:01:e8:
0e:54:88:f3:c7:6b:d4:98:69:7c:c8:f6:e8:5c:32:dc:84:0c:
c3:4c:c3:2a:db:6c:11:7c:20:a4:fe:7a:3d:c0:91:6a:9d:8e:
2e:c9:91:d1:58:52:38:03:bc:9c:a5:ce:9d:df:d1:36:71:83:
04:48:b6:0d:df:78:fa:13:bb:0c:9d:a1:c8:06:88:71:0c:b6:
a2:c4:c9:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfZIeTp8WjMJ4Lge4UXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzAxMTBkMzBkNTJlOGE2OTY5NTg4YjNmNjIxNDE2YmNk
ZjY0NGIwHhcNMjUwMTAxMTU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUzY2YxZTEzOGM0MTZmZjg1ZTRhYTE4ZDc0ODE0YzI4ZjA5NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/tYnwQOKC62co8Q47obR+T62cq5
nj8bBpQXenNpJcoMLtCZuwwE3bwLw/mPwr2XeTX95cRMZIzS2aUdRE+sQor7Uuuj
uw/oB76dUegy/xG+Yk1idwDLfpQH3tEdNgEMwmub7nCy5IdiuqESDhZvqocIC0Sl
69Y59jJZgEalxoYjI3M3McDNrRw4hUCtjVfGbtZ6TiGwLYg4JdXpa6nyJ6DCbuja
clO/Qtw+N2K75FsJ2dWLN4uVDA5pYl0tDzTYsaLWeuI8+Kz1/01pzzxJYv5nGKvj
zrpP5jb2pRbXxyv+ASSnEkNIcsX/M1m/E5MMpaCiTsn1y2ZdWB6tP6vzVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRTzx4TjEFv+F5KoY10gUwo8JX7MB8GA1UdIwQY
MBaAFKpwEQ0w1S6KaWlYiz9iFBa832RLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEt
ODI0M2FlZjZmZTVhLzEvaEZQUEhoT01RV180WGtxaGpYU0JUQ2p3bGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEtODI0M2FlZjZmZTVh
LzEvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDURhQMA0G
CSqGSIb3DQEBCwUAA4IBAQBXrqx1X99vfES0m/K2Hcu+1sP9XC4IynYaGST0qRgl
kxmScx1hZJU1k9PhSzs9AZCem3o84S/hGUCcDQpfj+nqzEU+jdx3s9XPTPDcD+WQ
UnM6+JY7CH0s2/1WXwXV3V5Qw8j5cf/WFByHVts1iXQ8PhqDJmxWigV7qjMWHXFB
W3oIR+HRg1ak2qQ2nIl7eH2qYv1hV9xDCr+cw4oS3XtpLO9gt+sbgtyDt/L9PkxA
zvdwAegOVIjzx2vUmGl8yPboXDLchAzDTMMq22wRfCCk/no9wJFqnY4uyZHRWFI4
A7ycpc6d39E2cYMESLYN33j6E7sMnaHIBohxDLaixMlZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:31:37 2025 by rpki-client