Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/IDffwXSXahN5-5PWuJ4XE3BnZeo.roa
File: IDffwXSXahN5-5PWuJ4XE3BnZeo.roa (raw, json)
Hash identifier: 1+Z8cC/8+v/4brLtfip5esLm8Gxo3GEZJmCR2m2xqjM=
Subject key identifier: 20:37:DF:C1:74:97:6A:13:79:FB:93:D6:B8:9E:17:13:70:67:65:EA
Certificate issuer: /CN=795013346c8d8f23e0128d306997980237db2374
Certificate serial: 019424B3CA25CC5A9178323EA3851AA6CC6A
Authority key identifier: 79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/IDffwXSXahN5-5PWuJ4XE3BnZeo.roa
Signing time: Thu 02 Jan 2025 01:49:09 +0000
ROA not before: Thu 02 Jan 2025 01:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 77.240.48.0/20 maxlen: 32
78.158.48.0/20 maxlen: 32
185.158.56.0/22 maxlen: 32
193.104.103.0/24 maxlen: 32
193.104.131.0/24 maxlen: 32
2a03:7600::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ca:25:cc:5a:91:78:32:3e:a3:85:1a:a6:cc:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795013346c8d8f23e0128d306997980237db2374
Validity
Not Before: Jan 2 01:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2037dfc174976a1379fb93d6b89e1713706765ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5e:91:e2:8e:07:a1:a9:f7:b7:8e:35:e6:3b:
c0:6d:e1:4a:b8:9f:ff:5a:95:4c:fa:68:c6:10:42:
01:cc:9f:ec:63:cf:c4:f8:cb:56:7d:34:67:4c:5c:
d1:47:fa:78:7e:49:ea:9c:0f:a6:a0:05:60:ce:a3:
d0:ea:dd:9c:e6:7a:55:15:bf:33:84:5c:29:74:f5:
d4:64:4e:69:90:c7:34:d5:cd:80:0b:b9:82:4f:9c:
dc:fc:d2:12:e9:3a:81:e5:2d:0d:b6:41:95:50:55:
2b:63:5d:a9:52:6c:95:f6:55:bb:93:d1:27:5d:65:
99:1e:03:68:8d:63:6b:61:e9:c6:1e:a9:3c:57:8b:
c6:64:90:93:a8:d7:40:9a:38:ee:6e:21:f3:08:91:
a1:66:fc:0e:27:88:cc:ad:91:39:28:50:d8:3e:ce:
41:41:9a:a7:3d:29:c6:6d:9b:da:63:8d:9d:17:77:
14:1d:15:0e:93:72:e3:6c:7b:8d:f3:a6:9d:13:20:
c3:f4:9a:6c:20:d5:55:e7:5f:bb:69:54:93:98:93:
2f:60:34:7f:18:2b:c0:58:3d:79:7f:d2:9f:e1:6d:
f5:69:c6:08:af:13:f1:7a:4f:30:64:75:03:2c:d5:
2a:3a:82:dd:26:46:b7:6b:1f:79:8a:d6:f4:3f:83:
e0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:37:DF:C1:74:97:6A:13:79:FB:93:D6:B8:9E:17:13:70:67:65:EA
X509v3 Authority Key Identifier:
keyid:79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/IDffwXSXahN5-5PWuJ4XE3BnZeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.48.0/20
78.158.48.0/20
185.158.56.0/22
193.104.103.0/24
193.104.131.0/24
IPv6:
2a03:7600::/32
Signature Algorithm: sha256WithRSAEncryption
68:71:22:d5:2e:02:be:63:4c:c4:92:9b:2f:44:2c:e8:5a:d3:
de:9b:ad:ba:02:5a:7b:4e:c7:94:59:b0:a3:90:94:0f:34:e5:
e4:45:c6:6a:9d:0b:66:39:b7:6c:42:cd:b7:44:d7:b6:0d:11:
ae:b4:3a:48:dd:10:55:36:7f:7a:e3:28:7d:d1:0a:bc:8e:5a:
51:02:b2:20:ac:fa:e2:2f:09:71:b4:d7:5a:5f:c2:57:21:fe:
f7:37:7f:48:41:a1:86:c7:c2:8d:79:ad:6e:ba:12:08:29:be:
12:c1:84:aa:a7:6e:74:23:7d:99:aa:48:b7:a4:59:86:6a:64:
e9:78:4e:5e:10:63:e2:35:21:90:b1:96:1a:06:01:71:77:d5:
c1:29:b5:9a:4c:0d:e0:59:d4:39:0e:fd:14:37:31:87:73:e0:
25:2f:5c:4b:b8:9b:18:57:89:88:fe:59:44:fb:ec:16:2e:d1:
b7:91:2c:76:dd:30:ad:4e:6b:38:08:7d:fa:70:c0:c6:14:d7:
c9:db:5e:7f:6d:b6:03:c6:83:9c:de:c1:fb:63:c8:da:c6:24:
fa:90:04:3e:d3:3e:af:cc:f1:50:28:4b:34:11:43:68:3d:a7:
ea:1e:98:83:f3:09:c5:06:df:06:6c:a3:fd:cd:95:44:53:02:
e1:31:7c:9f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQks8olzFqReDI+o4UapsxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NTAxMzM0NmM4ZDhmMjNlMDEyOGQzMDY5OTc5ODAyMzdk
YjIzNzQwHhcNMjUwMTAyMDE0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM3ZGZjMTc0OTc2YTEzNzlmYjkzZDZiODllMTcxMzcwNjc2NWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF6R4o4Hoan3t4415jvAbeFKuJ//
WpVM+mjGEEIBzJ/sY8/E+MtWfTRnTFzRR/p4fknqnA+moAVgzqPQ6t2c5npVFb8z
hFwpdPXUZE5pkMc01c2AC7mCT5zc/NIS6TqB5S0NtkGVUFUrY12pUmyV9lW7k9En
XWWZHgNojWNrYenGHqk8V4vGZJCTqNdAmjjubiHzCJGhZvwOJ4jMrZE5KFDYPs5B
QZqnPSnGbZvaY42dF3cUHRUOk3LjbHuN86adEyDD9JpsINVV51+7aVSTmJMvYDR/
GCvAWD15f9Kf4W31acYIrxPxek8wZHUDLNUqOoLdJka3ax95itb0P4Pg8QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCA338F0l2oTefuT1rieFxNwZ2XqMB8GA1UdIwQY
MBaAFHlQEzRsjY8j4BKNMGmXmAI32yN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTct
OGU5OGVhNmNhOGVlLzEvSURmZndYU1hhaE41LTVQV3VKNFhFM0JuWmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTctOGU5OGVhNmNhOGVl
LzEvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETfAwAwQE
Tp4wAwQCuZ44AwQAwWhnAwQAwWiDMA0EAgACMAcDBQAqA3YAMA0GCSqGSIb3DQEB
CwUAA4IBAQBocSLVLgK+Y0zEkpsvRCzoWtPem626Alp7TseUWbCjkJQPNOXkRcZq
nQtmObdsQs23RNe2DRGutDpI3RBVNn964yh90Qq8jlpRArIgrPriLwlxtNdaX8JX
If73N39IQaGGx8KNea1uuhIIKb4SwYSqp250I32Zqki3pFmGamTpeE5eEGPiNSGQ
sZYaBgFxd9XBKbWaTA3gWdQ5Dv0UNzGHc+AlL1xLuJsYV4mI/llE++wWLtG3kSx2
3TCtTms4CH36cMDGFNfJ215/bbYDxoOc3sH7Y8jaxiT6kAQ+0z6vzPFQKEs0EUNo
PafqHpiD8wnFBt8GbKP9zZVEUwLhMXyf
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:24:58 2025 by rpki-client