Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/5cf3fd-e77d-4c82-b4c7-521556be813a/1/S9_iGWOoS89WVdIHLbG2bLNjr74.roa
File: S9_iGWOoS89WVdIHLbG2bLNjr74.roa (raw, json)
Hash identifier: cv3hJs+uO1JIm5at1BjkmAhVoTxkDPwnEihRXS1di44=
Subject key identifier: 4B:DF:E2:19:63:A8:4B:CF:56:55:D2:07:2D:B1:B6:6C:B3:63:AF:BE
Certificate issuer: /CN=41467c769bf66ada7d5780a69dce1371be9849de
Certificate serial: 018507E9127254D9D5C46A7CFA582F9294F4
Authority key identifier: 41:46:7C:76:9B:F6:6A:DA:7D:57:80:A6:9D:CE:13:71:BE:98:49:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUZ8dpv2atp9V4Cmnc4Tcb6YSd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/5cf3fd-e77d-4c82-b4c7-521556be813a/1/S9_iGWOoS89WVdIHLbG2bLNjr74.roa
Signing time: Mon 12 Dec 2022 19:56:33 +0000
ROA not before: Mon 12 Dec 2022 19:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42031
IP address blocks: 77.105.132.0/24 maxlen: 24
77.105.131.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.128.0/24 maxlen: 24
77.105.136.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.133.0/24 maxlen: 24
77.105.145.0/24 maxlen: 24
77.105.144.0/24 maxlen: 24
77.105.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:e9:12:72:54:d9:d5:c4:6a:7c:fa:58:2f:92:94:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41467c769bf66ada7d5780a69dce1371be9849de
Validity
Not Before: Dec 12 19:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bdfe21963a84bcf5655d2072db1b66cb363afbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:15:c7:fc:1b:c3:7e:1a:01:d0:02:58:cc:31:
39:45:87:b5:07:c8:b7:e9:9b:4f:b4:9c:84:f9:46:
22:aa:af:67:72:be:4a:e3:8e:8f:66:67:67:c4:8d:
21:6e:5a:61:48:19:e1:40:fb:97:92:9b:78:1b:07:
4b:48:3c:3e:91:26:07:84:6c:2d:83:00:18:83:85:
77:ed:5e:d3:19:17:a0:d2:35:e6:14:14:ba:22:5a:
74:b8:e3:b0:5d:54:b9:7c:1d:77:9b:24:85:8a:2e:
c6:6e:1e:61:51:45:20:d3:80:56:34:55:3d:9e:4c:
9a:e7:cf:2a:fe:b8:f9:a8:70:fd:e5:52:7f:60:09:
52:5b:ee:db:03:62:e5:1b:3d:0f:3a:a6:c8:ef:33:
0e:75:b6:80:e8:de:60:d7:82:5f:7e:29:0c:2d:cc:
56:d8:99:2e:79:f1:be:86:cc:31:1a:20:6e:db:35:
d4:99:4b:1a:a3:53:92:33:2d:5e:21:de:aa:44:e4:
72:8d:e2:c1:d1:be:c2:12:6e:96:19:8c:db:f3:9a:
10:59:f9:9f:e6:97:b9:ac:f1:ab:d2:37:fc:56:92:
89:4b:3e:e1:5a:fb:55:95:1d:17:14:49:73:c6:69:
ac:b4:1c:17:a8:94:07:65:6b:86:0e:2c:59:6a:ba:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DF:E2:19:63:A8:4B:CF:56:55:D2:07:2D:B1:B6:6C:B3:63:AF:BE
X509v3 Authority Key Identifier:
keyid:41:46:7C:76:9B:F6:6A:DA:7D:57:80:A6:9D:CE:13:71:BE:98:49:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUZ8dpv2atp9V4Cmnc4Tcb6YSd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5cf3fd-e77d-4c82-b4c7-521556be813a/1/S9_iGWOoS89WVdIHLbG2bLNjr74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5cf3fd-e77d-4c82-b4c7-521556be813a/1/QUZ8dpv2atp9V4Cmnc4Tcb6YSd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0-77.105.136.255
77.105.144.0/23
77.105.165.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f6:9a:5c:b8:c1:d5:2c:ae:db:17:2e:da:ca:a0:e1:de:25:
51:e7:91:53:2e:0f:ea:de:7e:00:b9:d9:3d:92:40:45:e1:36:
f9:aa:14:93:00:bc:e6:97:8c:50:2e:61:2f:93:e1:66:ae:c6:
f4:be:f8:b1:94:ff:44:05:af:98:a9:94:c7:3a:46:fe:2d:94:
bf:75:43:67:c7:94:9a:a4:e5:03:65:11:5e:01:30:bd:9a:07:
24:8b:9a:c2:1a:b5:5d:fd:b9:db:df:03:ea:0f:64:e8:e6:1c:
e1:14:d8:17:fe:54:53:4b:a2:16:40:b2:c9:fc:82:3e:c6:42:
4c:8f:21:16:8d:0b:a8:be:dc:a3:0a:38:21:d0:77:57:7b:ca:
62:58:47:97:f5:75:4b:8e:f8:6c:86:a0:21:15:f9:a9:75:7d:
c6:84:47:5d:a9:26:33:a5:4f:b7:28:f2:0b:87:99:6e:a1:b8:
1c:a3:71:2a:e2:80:fd:bf:b6:cd:65:83:40:7c:b1:41:45:f7:
b0:82:f5:19:e9:5a:0e:a9:9b:a5:f5:fb:05:f3:04:da:0f:70:
64:0f:2a:91:14:e9:51:82:50:61:9e:4b:b8:35:ba:6f:6a:12:
02:23:32:95:aa:1a:bc:1e:e6:36:2e:d5:f2:a9:6a:76:e5:50:
53:d9:99:09
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYUH6RJyVNnVxGp8+lgvkpT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDY3Yzc2OWJmNjZhZGE3ZDU3ODBhNjlkY2UxMzcxYmU5
ODQ5ZGUwHhcNMjIxMjEyMTk1NjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRmZTIxOTYzYTg0YmNmNTY1NWQyMDcyZGIxYjY2Y2IzNjNhZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxXH/BvDfhoB0AJYzDE5RYe1B8i3
6ZtPtJyE+UYiqq9ncr5K446PZmdnxI0hblphSBnhQPuXkpt4GwdLSDw+kSYHhGwt
gwAYg4V37V7TGReg0jXmFBS6Ilp0uOOwXVS5fB13mySFii7Gbh5hUUUg04BWNFU9
nkya588q/rj5qHD95VJ/YAlSW+7bA2LlGz0POqbI7zMOdbaA6N5g14JffikMLcxW
2JkuefG+hswxGiBu2zXUmUsao1OSMy1eId6qRORyjeLB0b7CEm6WGYzb85oQWfmf
5pe5rPGr0jf8VpKJSz7hWvtVlR0XFElzxmmstBwXqJQHZWuGDixZarqJpwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEvf4hljqEvPVlXSBy2xtmyzY6++MB8GA1UdIwQY
MBaAFEFGfHab9mrafVeApp3OE3G+mEneMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVaOGRwdjJhdHA5VjRDbW5jNFRjYjZZU2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS81Y2YzZmQtZTc3ZC00YzgyLWI0Yzct
NTIxNTU2YmU4MTNhLzEvUzlfaUdXT29TODlXVmRJSExiRzJiTE5qcjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS81Y2YzZmQtZTc3ZC00YzgyLWI0YzctNTIxNTU2YmU4MTNh
LzEvUVVaOGRwdjJhdHA5VjRDbW5jNFRjYjZZU2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAdNaYAD
BABNaYgDBAFNaZADBABNaaUwDQYJKoZIhvcNAQELBQADggEBAEP2mly4wdUsrtsX
LtrKoOHeJVHnkVMuD+refgC52T2SQEXhNvmqFJMAvOaXjFAuYS+T4WauxvS++LGU
/0QFr5iplMc6Rv4tlL91Q2fHlJqk5QNlEV4BML2aBySLmsIatV39udvfA+oPZOjm
HOEU2Bf+VFNLohZAssn8gj7GQkyPIRaNC6i+3KMKOCHQd1d7ymJYR5f1dUuO+GyG
oCEV+al1fcaER12pJjOlT7co8guHmW6huByjcSrigP2/ts1lg0B8sUFF97CC9Rnp
Wg6pm6X1+wXzBNoPcGQPKpEU6VGCUGGeS7g1um9qEgIjMpWqGrwe5jYu1fKpanbl
UFPZmQk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:30 2024 by rpki-client on console-ams.rpki-client.org