Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/gUlf15cCFOrr7zCpeZmrXHzHdJI.roa
File: gUlf15cCFOrr7zCpeZmrXHzHdJI.roa (raw, json)
Hash identifier: BZcCVc7umSblQi+mV0dsvmWzWVZejT4EU9eRPoEWNCA=
Subject key identifier: 81:49:5F:D7:97:02:14:EA:EB:EF:30:A9:79:99:AB:5C:7C:C7:74:92
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 01942444D35D771C783597368F6EEA6CF4CA
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/gUlf15cCFOrr7zCpeZmrXHzHdJI.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 81.20.40.0/24 maxlen: 24
81.20.41.0/24 maxlen: 24
2a00:1fd0:ae00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d3:5d:77:1c:78:35:97:36:8f:6e:ea:6c:f4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81495fd7970214eaebef30a97999ab5c7cc77492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9b:76:62:d3:c9:8a:2c:51:ae:d8:1d:fd:8f:
50:03:ee:dd:e0:d4:1a:5e:c7:08:4d:a3:e3:ce:69:
66:d7:d9:c4:56:b1:52:4e:98:a8:64:d1:a1:8a:67:
9f:26:94:89:7e:b6:e2:73:41:42:48:83:cd:e9:96:
47:21:b0:59:3e:9f:29:4e:48:5e:3a:94:37:1e:bf:
87:42:05:27:72:a3:6c:91:39:53:34:be:67:6b:ea:
8e:1b:9a:c3:5a:b1:2d:ba:e8:2f:4a:99:44:d5:d0:
64:98:23:e4:a7:a5:ac:b7:24:94:1a:b4:80:9a:1f:
c7:b6:6f:33:56:6e:99:d2:6d:71:57:02:28:da:07:
34:af:2c:f2:fb:b7:64:3d:94:41:97:fe:d6:ab:3b:
f3:79:c2:54:95:fa:95:50:97:cc:74:ac:b8:13:2e:
f8:f6:f7:7d:f0:28:ea:88:c8:6f:99:7c:11:99:f5:
37:ab:84:ae:01:21:aa:7b:f8:47:ab:28:de:bf:35:
e4:a4:95:8f:d4:9a:b5:ab:d7:97:ac:ac:4b:8f:9d:
ec:e8:53:4f:32:f5:d5:b6:cc:1a:bf:eb:79:f7:26:
ae:85:7f:8a:af:53:4b:83:dc:76:f6:75:a3:2e:a9:
e3:9a:6f:da:05:3c:27:cd:a6:4a:72:cb:e3:66:17:
a8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:49:5F:D7:97:02:14:EA:EB:EF:30:A9:79:99:AB:5C:7C:C7:74:92
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/gUlf15cCFOrr7zCpeZmrXHzHdJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.40.0/23
IPv6:
2a00:1fd0:ae00::/40
Signature Algorithm: sha256WithRSAEncryption
44:c9:4d:22:c9:a7:f2:8a:57:0f:7d:7e:c7:5a:1b:06:b6:df:
bf:50:34:b9:9b:a2:cb:79:aa:f1:4d:ff:fc:6b:30:19:b1:b0:
58:8b:5c:8e:19:cd:7f:5c:9c:8f:8c:78:27:b2:ba:83:29:00:
9c:a3:c4:7d:e0:0e:5f:bb:1e:d3:34:e0:75:ad:b7:eb:20:65:
52:96:34:2b:52:d0:69:78:6f:d7:1d:15:3c:3e:bc:30:9a:7d:
45:f9:27:3b:f4:eb:56:b0:65:f8:81:0c:68:0a:54:30:a3:fb:
09:b7:3d:41:61:61:72:e7:80:64:32:19:63:52:15:56:7f:c6:
45:5c:29:c4:6b:60:9c:b3:73:f4:b9:aa:d4:37:3e:1d:49:8c:
36:d1:ff:21:38:98:e2:ad:ef:f1:9f:ec:b5:41:61:f1:a3:8c:
12:18:96:15:8a:96:a6:59:60:e2:49:bb:ad:4a:df:6c:ea:6b:
d4:86:49:c9:26:9b:bb:5f:2d:2d:09:a4:1b:56:50:27:a0:7e:
9a:66:d3:b0:62:d2:14:88:99:2b:30:37:20:12:02:44:ac:3c:
34:94:44:e1:12:24:e6:71:81:30:54:3d:ae:d7:b2:ba:ea:1b:
d0:ac:57:f1:7d:0b:c8:37:82:62:f3:83:f3:80:dd:23:00:76:
bc:ef:46:bf
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQkRNNddxx4NZc2j27qbPTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ5NWZkNzk3MDIxNGVhZWJlZjMwYTk3OTk5YWI1YzdjYzc3NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpt2YtPJiixRrtgd/Y9QA+7d4NQa
XscITaPjzmlm19nEVrFSTpioZNGhimefJpSJfrbic0FCSIPN6ZZHIbBZPp8pTkhe
OpQ3Hr+HQgUncqNskTlTNL5na+qOG5rDWrEtuugvSplE1dBkmCPkp6WstySUGrSA
mh/Htm8zVm6Z0m1xVwIo2gc0ryzy+7dkPZRBl/7WqzvzecJUlfqVUJfMdKy4Ey74
9vd98CjqiMhvmXwRmfU3q4SuASGqe/hHqyjevzXkpJWP1Jq1q9eXrKxLj53s6FNP
MvXVtswav+t59yauhX+Kr1NLg9x29nWjLqnjmm/aBTwnzaZKcsvjZheoXwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIFJX9eXAhTq6+8wqXmZq1x8x3SSMB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEvZ1VsZjE1Y0NGT3JyN3pDcGVabXJYSHpIZEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBURQoMA4E
AgACMAgDBgAqAB/QrjANBgkqhkiG9w0BAQsFAAOCAQEARMlNIsmn8opXD31+x1ob
Brbfv1A0uZuiy3mq8U3//GswGbGwWItcjhnNf1ycj4x4J7K6gykAnKPEfeAOX7se
0zTgda236yBlUpY0K1LQaXhv1x0VPD68MJp9RfknO/TrVrBl+IEMaApUMKP7Cbc9
QWFhcueAZDIZY1IVVn/GRVwpxGtgnLNz9Lmq1Dc+HUmMNtH/ITiY4q3v8Z/stUFh
8aOMEhiWFYqWpllg4km7rUrfbOpr1IZJySabu18tLQmkG1ZQJ6B+mmbTsGLSFIiZ
KzA3IBICRKw8NJRE4RIk5nGBMFQ9rteyuuob0KxX8X0LyDeCYvOD84DdIwB2vO9G
vw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:44 2025 by rpki-client