Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/xR-xyTcgDUSUnYCVabaElezC9I8.roa
File: xR-xyTcgDUSUnYCVabaElezC9I8.roa (raw, json)
Hash identifier: uOnGMd/Dnsbr/+oTEAOvNhoWr5AK3fDZRFz3UgcuNvU=
Subject key identifier: C5:1F:B1:C9:37:20:0D:44:94:9D:80:95:69:B6:84:95:EC:C2:F4:8F
Certificate issuer: /CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Certificate serial: 0194228DF6D2E004EDDC47CE6081C0C49412
Authority key identifier: AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/xR-xyTcgDUSUnYCVabaElezC9I8.roa
Signing time: Wed 01 Jan 2025 15:48:36 +0000
ROA not before: Wed 01 Jan 2025 15:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57227
IP address blocks: 81.24.85.0/24 maxlen: 24
81.24.88.0/21 maxlen: 21
81.163.32.0/19 maxlen: 19
81.163.63.0/24 maxlen: 24
176.120.192.0/19 maxlen: 19
185.110.44.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f6:d2:e0:04:ed:dc:47:ce:60:81:c0:c4:94:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Validity
Not Before: Jan 1 15:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c51fb1c937200d44949d809569b68495ecc2f48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e1:61:e5:ad:c8:14:82:44:3e:d6:24:cf:4b:
be:f3:25:5f:a5:8e:a3:4d:d6:5c:c9:3e:6a:1c:ee:
86:b2:46:9b:a9:fa:15:67:06:e6:69:d7:45:71:09:
a7:7e:e6:de:a1:1e:8e:85:70:33:d2:dd:19:4f:3a:
50:3f:2c:79:b0:31:ad:76:d3:f7:01:49:cf:55:53:
5c:1b:4b:a3:ac:b7:73:a8:c8:cf:81:fc:b1:e1:d0:
a7:8c:8e:32:f7:08:20:ee:e5:48:89:34:58:52:85:
35:d2:70:b9:0d:35:93:54:82:cc:4f:5b:34:76:4a:
e6:ef:23:68:b6:3e:e6:0e:5e:8d:7d:7a:46:b2:aa:
df:06:c0:0c:dd:03:60:54:33:49:3b:bd:1c:fb:9c:
d5:90:80:9e:81:a7:10:6b:b9:56:25:5d:6d:23:ab:
07:b0:d6:92:1e:d5:5a:84:91:13:a8:4c:00:fb:89:
da:9c:86:45:c4:e6:12:d0:61:6e:d6:16:43:57:ce:
a4:fd:12:7f:a5:fc:01:ce:57:fa:c3:e8:51:32:fe:
ee:51:45:3e:ab:fc:af:9c:f4:18:69:10:08:a1:cf:
ae:65:ba:af:27:be:63:7b:98:c2:61:b6:77:dd:96:
84:c4:2a:7d:75:d6:7e:59:64:0c:29:07:55:ea:f4:
f7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1F:B1:C9:37:20:0D:44:94:9D:80:95:69:B6:84:95:EC:C2:F4:8F
X509v3 Authority Key Identifier:
keyid:AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/xR-xyTcgDUSUnYCVabaElezC9I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.85.0/24
81.24.88.0/21
81.163.32.0/19
176.120.192.0/19
185.110.44.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:a6:b1:fc:e3:3c:90:91:64:16:cc:04:b2:c3:42:85:6c:56:
3a:19:3c:65:27:c8:a6:7d:42:e4:76:b1:f1:56:a5:bf:0c:91:
01:e6:8e:0e:ba:c9:bb:5d:45:68:b8:2e:eb:25:be:4e:99:41:
13:eb:64:04:f6:73:e7:83:46:18:ce:2a:1b:88:65:8d:c8:79:
93:e4:8a:32:98:9e:11:a7:38:39:ad:9c:28:84:98:4d:64:90:
12:4b:9c:22:b0:76:f7:6b:b6:b0:4b:ac:c8:f9:31:ed:78:e9:
84:f0:86:5d:8e:7d:d7:5e:6e:da:a9:bf:79:ac:ba:30:1e:c1:
50:60:65:99:ae:86:fa:34:b8:36:b4:78:cd:cd:c1:8d:8a:a8:
d2:63:ab:b1:fa:1f:52:1b:9d:3f:cc:c5:41:96:77:ab:b1:c9:
c8:82:10:6f:34:d7:da:64:be:ef:ed:05:3c:14:80:d5:f0:bf:
2e:b8:6e:fa:b0:4d:a4:f7:c8:03:a2:68:a9:75:b6:06:9c:41:
d2:43:ab:b3:5d:b7:52:0d:22:26:85:41:4f:2d:f1:94:94:0a:
d7:f4:c8:8e:18:c4:3d:83:c8:04:a1:54:ae:57:d9:c6:4a:3b:
36:c9:6a:33:96:3f:8a:72:56:4e:53:d9:f9:fc:e7:27:22:bf:
9b:10:78:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQijfbS4ATt3EfOYIHAxJQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzAxMTBkMzBkNTJlOGE2OTY5NTg4YjNmNjIxNDE2YmNk
ZjY0NGIwHhcNMjUwMTAxMTU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFmYjFjOTM3MjAwZDQ0OTQ5ZDgwOTU2OWI2ODQ5NWVjYzJmNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+Fh5a3IFIJEPtYkz0u+8yVfpY6j
TdZcyT5qHO6GskabqfoVZwbmaddFcQmnfubeoR6OhXAz0t0ZTzpQPyx5sDGtdtP3
AUnPVVNcG0ujrLdzqMjPgfyx4dCnjI4y9wgg7uVIiTRYUoU10nC5DTWTVILMT1s0
dkrm7yNotj7mDl6NfXpGsqrfBsAM3QNgVDNJO70c+5zVkICegacQa7lWJV1tI6sH
sNaSHtVahJETqEwA+4nanIZFxOYS0GFu1hZDV86k/RJ/pfwBzlf6w+hRMv7uUUU+
q/yvnPQYaRAIoc+uZbqvJ75je5jCYbZ33ZaExCp9ddZ+WWQMKQdV6vT3wQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMUfsck3IA1ElJ2AlWm2hJXswvSPMB8GA1UdIwQY
MBaAFKpwEQ0w1S6KaWlYiz9iFBa832RLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEt
ODI0M2FlZjZmZTVhLzEveFIteHlUY2dEVVNVbllDVmFiYUVsZXpDOUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEtODI0M2FlZjZmZTVh
LzEvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURhVAwQD
URhYAwQFUaMgAwQFsHjAAwQCuW4sMA0GCSqGSIb3DQEBCwUAA4IBAQA+prH84zyQ
kWQWzASyw0KFbFY6GTxlJ8imfULkdrHxVqW/DJEB5o4Ousm7XUVouC7rJb5OmUET
62QE9nPng0YYziobiGWNyHmT5IoymJ4Rpzg5rZwohJhNZJASS5wisHb3a7awS6zI
+THteOmE8IZdjn3XXm7aqb95rLowHsFQYGWZrob6NLg2tHjNzcGNiqjSY6ux+h9S
G50/zMVBlnerscnIghBvNNfaZL7v7QU8FIDV8L8uuG76sE2k98gDomipdbYGnEHS
Q6uzXbdSDSImhUFPLfGUlArX9MiOGMQ9g8gEoVSuV9nGSjs2yWozlj+KclZOU9n5
/OcnIr+bEHgy
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:50:32 2025 by rpki-client