Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TAFkdLRVA67rtct2EdNVanD-7HI.roa
File: TAFkdLRVA67rtct2EdNVanD-7HI.roa (raw, json)
Hash identifier: P6tIiVary0GOC87b8Gsf/+4dDVS1DwmajjZNSmENfuE=
Subject key identifier: 4C:01:64:74:B4:55:03:AE:EB:B5:CB:76:11:D3:55:6A:70:FE:EC:72
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0193406CC4A2550141F1BA7AEE4B3ABFFA81
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TAFkdLRVA67rtct2EdNVanD-7HI.roa
Signing time: Mon 18 Nov 2024 17:58:10 +0000
ROA not before: Mon 18 Nov 2024 17:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 77.223.192.0/21 maxlen: 21
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:6c:c4:a2:55:01:41:f1:ba:7a:ee:4b:3a:bf:fa:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Nov 18 17:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c016474b45503aeebb5cb7611d3556a70feec72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:1a:c9:ae:85:3f:0a:9c:b7:ba:b5:2f:4c:
99:12:b0:81:94:e8:11:51:80:94:be:86:72:c8:70:
1f:bb:86:53:7c:6d:8f:e3:d4:1d:f8:91:d7:53:b3:
f8:ad:8e:e4:95:a0:fd:b1:f0:55:d7:aa:22:12:e3:
41:64:ff:fe:1a:44:8c:4d:78:d5:c2:54:f8:08:6f:
f9:4f:5c:29:91:d3:b6:85:b2:33:a4:85:43:85:e9:
fd:bc:2b:27:dd:34:32:25:5c:0b:ce:c7:4a:c1:f9:
9d:45:76:4f:39:f6:5e:8d:9a:27:6a:ed:16:1a:d3:
fb:94:44:04:b2:25:1b:e7:0a:bf:d1:0f:c3:42:5f:
83:ad:a1:05:73:ba:56:57:5d:19:91:82:b9:e2:ed:
4b:33:cc:fc:90:df:13:46:06:94:01:0e:4a:19:73:
a0:9f:da:9c:ec:f8:bf:71:ac:85:f9:5f:78:dd:2c:
46:e5:02:a6:77:31:62:4e:f2:1b:ae:c4:1e:a7:68:
d1:1f:96:b4:dc:ea:52:07:92:5b:eb:0a:68:68:a3:
67:d8:b7:ce:59:42:cc:71:c5:e1:e1:59:34:d2:fe:
2c:b9:34:a2:65:d1:ca:73:cc:a6:12:20:ab:45:b1:
b9:48:af:e9:92:a8:58:ba:b4:0b:54:6b:c6:34:27:
33:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:01:64:74:B4:55:03:AE:EB:B5:CB:76:11:D3:55:6A:70:FE:EC:72
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TAFkdLRVA67rtct2EdNVanD-7HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
94.26.110.0/23
94.101.103.0/24
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:06:9b:fd:11:ad:0e:0e:04:b6:02:4f:33:8e:f4:66:ee:09:
32:61:9c:d3:52:9c:91:c1:8a:54:51:90:e0:68:2f:86:9a:59:
9e:63:c7:d3:0b:5f:fa:ac:04:fa:80:46:2d:2e:83:d0:df:22:
86:04:3a:de:7a:63:74:b8:e2:d0:b4:ef:d7:39:5b:86:2d:7a:
7b:77:22:7d:54:16:41:c6:c7:89:14:0b:87:ea:70:a6:57:9d:
da:2d:69:cf:0d:13:e4:b9:f8:82:ed:d1:ed:51:fb:c1:ef:c9:
b6:03:c8:32:c9:21:9d:e5:4e:7a:9d:87:91:8b:68:c2:84:7d:
c1:b4:2d:f1:af:99:a6:e4:7c:d0:11:91:55:1e:06:54:99:d0:
ec:47:4d:6e:a2:a7:78:2f:41:02:9f:85:9d:a3:9d:5e:ff:1a:
a9:e3:aa:09:25:87:a2:b4:31:f0:e8:20:ee:b5:b1:62:e1:36:
58:9a:4e:3e:df:73:01:5c:3d:f8:61:76:5d:61:53:ad:88:0e:
c8:80:f2:07:56:c9:8a:86:ed:1c:c4:32:78:01:d7:a3:c5:c1:
19:8d:d9:b5:66:f9:f4:da:ed:40:2a:a0:52:4c:d5:aa:a8:a1:
aa:4c:cc:71:4a:af:3a:87:ce:b5:f8:b5:22:fb:29:75:a9:3d:
f3:74:ec:da
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZNAbMSiVQFB8bp67ks6v/qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQxMTE4MTc1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzAxNjQ3NGI0NTUwM2FlZWJiNWNiNzYxMWQzNTU2YTcwZmVlYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2Qaya6FPwqct7q1L0yZErCBlOgR
UYCUvoZyyHAfu4ZTfG2P49Qd+JHXU7P4rY7klaD9sfBV16oiEuNBZP/+GkSMTXjV
wlT4CG/5T1wpkdO2hbIzpIVDhen9vCsn3TQyJVwLzsdKwfmdRXZPOfZejZonau0W
GtP7lEQEsiUb5wq/0Q/DQl+DraEFc7pWV10ZkYK54u1LM8z8kN8TRgaUAQ5KGXOg
n9qc7Pi/cayF+V943SxG5QKmdzFiTvIbrsQep2jRH5a03OpSB5Jb6wpoaKNn2LfO
WULMccXh4Vk00v4suTSiZdHKc8ymEiCrRbG5SK/pkqhYurQLVGvGNCczSQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEwBZHS0VQOu67XLdhHTVWpw/uxyMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvVEFGa2RMUlZBNjdydGN0MkVkTlZhbkQtN0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAZN38AD
BAFN38gDBAFPi0ADBANTjsgDBAFeGm4DBABeZWcDBAKw3jADBAOy2LgDBATGDhAD
BALGkXADBALNhvQwDQYJKoZIhvcNAQELBQADggEBAEwGm/0RrQ4OBLYCTzOO9Gbu
CTJhnNNSnJHBilRRkOBoL4aaWZ5jx9MLX/qsBPqARi0ug9DfIoYEOt56Y3S44tC0
79c5W4Ytent3In1UFkHGx4kUC4fqcKZXndotac8NE+S5+ILt0e1R+8HvybYDyDLJ
IZ3lTnqdh5GLaMKEfcG0LfGvmabkfNARkVUeBlSZ0OxHTW6ip3gvQQKfhZ2jnV7/
Gqnjqgklh6K0MfDoIO61sWLhNliaTj7fcwFcPfhhdl1hU62IDsiA8gdWyYqG7RzE
MngB16PFwRmN2bVm+fTa7UAqoFJM1aqooapMzHFKrzqHzrX4tSL7KXWpPfN07No=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:17 2025 by rpki-client