Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/bAre1OnQ-S06l58QEUg6UYK05F8.roa
File: bAre1OnQ-S06l58QEUg6UYK05F8.roa (raw, json)
Hash identifier: QR2q/y1snnMAQcqEMi3pVb5/K1OVjUGZNbsfyA0UMuY=
Subject key identifier: 6C:0A:DE:D4:E9:D0:F9:2D:3A:97:9F:10:11:48:3A:51:82:B4:E4:5F
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194221FFF212192223476E5979212C3753C
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/bAre1OnQ-S06l58QEUg6UYK05F8.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46844
IP address blocks: 185.77.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:21:21:92:22:34:76:e5:97:92:12:c3:75:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c0aded4e9d0f92d3a979f1011483a5182b4e45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:61:1e:c7:a0:c8:c3:12:aa:86:42:31:e0:71:
56:0f:c0:1e:85:14:7d:01:f8:ca:66:04:9b:a9:8c:
f8:57:fc:98:c7:a6:d8:20:df:47:7a:dd:b2:d4:d3:
aa:dd:9b:4f:1f:9f:d4:57:20:36:88:ad:e1:51:bb:
a2:17:ac:a5:f7:c1:5a:e1:fd:a7:4d:5e:a8:7b:f3:
d0:fc:70:32:6d:7a:d3:0b:f2:4c:40:2a:39:49:ab:
6d:74:9a:97:17:cf:cc:4e:77:5a:77:4b:64:e5:f6:
0f:5a:f7:19:17:2a:4f:a5:f1:e2:01:22:cf:11:67:
5f:92:9b:00:e1:3d:d8:8b:6e:90:e6:9d:29:e5:c6:
54:c7:e8:9b:3f:fe:15:37:04:e2:d0:81:22:66:90:
a1:ff:8b:24:94:55:2e:8a:f0:bc:4b:6f:fc:bb:8d:
30:c9:39:9d:90:dd:d1:87:f1:b2:1e:e7:27:ce:8d:
68:58:5e:f2:7f:c2:33:d4:a7:c5:f4:93:91:c2:f0:
d3:41:00:be:4d:4d:d9:e3:e9:65:11:e4:d2:90:c2:
67:46:ee:42:ea:28:72:9e:f9:82:f6:fc:a1:f9:d9:
46:f1:e7:e9:9d:b0:82:02:6f:8e:c3:dd:fe:be:6c:
fd:a6:e3:2b:c5:80:8f:11:b7:30:32:76:ce:ea:0e:
cd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0A:DE:D4:E9:D0:F9:2D:3A:97:9F:10:11:48:3A:51:82:B4:E4:5F
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/bAre1OnQ-S06l58QEUg6UYK05F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.216.0/24
Signature Algorithm: sha256WithRSAEncryption
37:05:5c:50:67:76:ec:fe:bb:8e:c9:ba:f7:2d:c9:cd:7e:70:
49:d8:b6:f5:a4:4d:28:8f:55:04:42:cd:84:60:d8:78:a4:4d:
9f:7e:d4:06:51:1b:55:cb:b8:78:41:c3:06:8a:d0:4c:bf:ec:
ba:42:b0:63:95:42:3c:4c:90:62:a2:99:c4:19:b1:0a:a1:14:
72:20:c0:55:23:0a:3a:f0:6b:50:54:26:34:38:47:d4:63:46:
40:ec:61:a2:2f:63:e1:48:38:96:3c:16:8d:a2:bf:52:66:92:
4b:0b:5e:8a:ab:77:11:a5:ae:40:31:25:9f:90:7b:9b:8a:ba:
2d:4c:02:78:24:da:76:41:08:96:ca:76:d8:4e:fa:0a:eb:5b:
e4:64:a3:d3:2d:98:60:78:79:47:14:39:0d:70:e8:0b:40:ef:
dd:8d:2b:7d:73:90:3f:c7:67:d6:47:08:69:ee:6a:db:19:0d:
1a:61:79:7d:e7:8e:9d:65:25:93:3c:ac:cb:63:6f:e6:6d:d4:
47:89:e1:f5:61:8b:f6:8a:2f:28:38:fe:32:db:e0:5a:b8:d7:
be:01:d5:d1:db:ec:79:a6:a6:63:ef:1b:25:af:c4:d6:8f:8d:
ce:60:75:e3:ac:c4:21:fb:6c:f8:82:d7:df:eb:52:09:09:1f:
41:aa:f4:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/8hIZIiNHbll5ISw3U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzBhZGVkNGU5ZDBmOTJkM2E5NzlmMTAxMTQ4M2E1MTgyYjRlNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGEex6DIwxKqhkIx4HFWD8AehRR9
AfjKZgSbqYz4V/yYx6bYIN9Het2y1NOq3ZtPH5/UVyA2iK3hUbuiF6yl98Fa4f2n
TV6oe/PQ/HAybXrTC/JMQCo5SattdJqXF8/MTndad0tk5fYPWvcZFypPpfHiASLP
EWdfkpsA4T3Yi26Q5p0p5cZUx+ibP/4VNwTi0IEiZpCh/4sklFUuivC8S2/8u40w
yTmdkN3Rh/GyHucnzo1oWF7yf8Iz1KfF9JORwvDTQQC+TU3Z4+llEeTSkMJnRu5C
6ihynvmC9vyh+dlG8efpnbCCAm+Ow93+vmz9puMrxYCPEbcwMnbO6g7NoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGwK3tTp0PktOpefEBFIOlGCtORfMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvYkFyZTFPblEtUzA2bDU4UUVVZzZVWUswNUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuU3YMA0G
CSqGSIb3DQEBCwUAA4IBAQA3BVxQZ3bs/ruOybr3LcnNfnBJ2Lb1pE0oj1UEQs2E
YNh4pE2fftQGURtVy7h4QcMGitBMv+y6QrBjlUI8TJBiopnEGbEKoRRyIMBVIwo6
8GtQVCY0OEfUY0ZA7GGiL2PhSDiWPBaNor9SZpJLC16Kq3cRpa5AMSWfkHubirot
TAJ4JNp2QQiWynbYTvoK61vkZKPTLZhgeHlHFDkNcOgLQO/djSt9c5A/x2fWRwhp
7mrbGQ0aYXl9546dZSWTPKzLY2/mbdRHieH1YYv2ii8oOP4y2+BauNe+AdXR2+x5
pqZj7xslr8TWj43OYHXjrMQh+2z4gtff61IJCR9BqvSy
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:11 2025 by rpki-client