Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/xNxMZxSDyX7cldenO1Ro1zeTZuQ.roa
File: xNxMZxSDyX7cldenO1Ro1zeTZuQ.roa (raw, json)
Hash identifier: EdeIoFQQfBBtul4Dl4kQ19MbiTrPJ3gXVWY5FjQfawo=
Subject key identifier: C4:DC:4C:67:14:83:C9:7E:DC:95:D7:A7:3B:54:68:D7:37:93:66:E4
Certificate issuer: /CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Certificate serial: 0194214468368D2661617BC89B0B3C4896F3
Authority key identifier: 32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/xNxMZxSDyX7cldenO1Ro1zeTZuQ.roa
Signing time: Wed 01 Jan 2025 09:48:38 +0000
ROA not before: Wed 01 Jan 2025 09:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8823
IP address blocks: 77.76.192.0/18 maxlen: 18
185.45.240.0/22 maxlen: 22
212.63.64.0/19 maxlen: 19
213.137.192.0/19 maxlen: 19
213.214.0.0/19 maxlen: 19
2001:ad8::/29 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:68:36:8d:26:61:61:7b:c8:9b:0b:3c:48:96:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Validity
Not Before: Jan 1 09:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4dc4c671483c97edc95d7a73b5468d7379366e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:b6:a5:f6:a3:0a:ac:a5:86:eb:79:ac:45:
ca:6a:1f:ed:35:dd:63:0f:f6:ca:f6:6d:1e:8d:73:
d9:f2:a5:b8:36:df:27:ce:eb:be:39:a9:95:38:ac:
08:bf:c2:df:fd:74:f8:87:c2:24:77:8b:35:db:ef:
0d:2a:2c:39:ad:a4:a6:0d:e2:8f:41:a5:9e:bb:11:
82:cd:4c:23:8d:fe:49:b8:8c:ae:2a:79:52:e8:fe:
20:6d:95:51:ad:98:ff:0e:76:d4:b0:8b:f5:81:7b:
3e:9c:3c:92:e6:55:eb:77:4a:62:ca:d3:75:0b:af:
ed:6e:ca:3b:cd:47:5c:e0:6e:8c:64:ea:cd:8e:90:
3f:dd:71:ae:61:17:f9:f6:19:2c:7e:9d:86:a8:3c:
e5:2d:fe:89:d7:7b:4e:80:61:ce:31:79:1e:57:dc:
ca:f0:0d:bd:4f:97:ed:cf:69:0b:99:d4:ca:c6:c8:
e1:be:a4:88:c1:ac:ca:c5:6c:28:e6:6d:c9:f4:11:
91:24:91:f6:f6:44:b2:3f:e1:49:44:8c:7b:d6:7d:
ab:bd:06:23:52:46:7e:d0:31:09:3f:b2:f2:64:21:
13:d4:44:2b:bf:db:e9:0a:d8:12:d1:b5:1b:01:d1:
90:51:f1:a3:97:d1:52:e3:1d:a8:24:e1:a1:8f:da:
98:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DC:4C:67:14:83:C9:7E:DC:95:D7:A7:3B:54:68:D7:37:93:66:E4
X509v3 Authority Key Identifier:
keyid:32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/xNxMZxSDyX7cldenO1Ro1zeTZuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.192.0/18
185.45.240.0/22
212.63.64.0/19
213.137.192.0/19
213.214.0.0/19
IPv6:
2001:ad8::/29
Signature Algorithm: sha256WithRSAEncryption
85:ab:e1:9a:3c:9b:66:26:bd:28:a0:51:40:ca:31:c4:7c:94:
6a:ab:19:5d:eb:4b:ae:d6:e9:e7:3c:37:2d:07:6c:33:91:fd:
70:82:af:4f:76:11:83:fb:68:76:5f:50:b9:d7:c4:25:da:71:
83:94:eb:53:93:73:0c:07:07:2e:3f:1e:7c:bc:d7:2c:bd:1e:
6f:8f:8b:49:b6:20:65:40:0d:08:95:a3:82:3d:05:5a:e1:6c:
24:12:3f:ef:4b:23:da:d2:23:36:45:b7:ac:51:d0:7b:ff:c4:
b0:b8:b3:36:a8:b3:e9:0f:70:70:68:0f:13:ba:30:98:2b:75:
31:a3:0d:81:e9:32:ee:f1:ef:ff:9a:c1:20:7c:75:d6:a8:73:
ab:4b:1d:d2:4b:38:c6:9f:32:c0:9b:74:25:c0:18:23:4f:ad:
96:61:40:d4:4b:57:c3:2b:db:d2:d1:f1:e3:f0:82:57:8e:13:
d9:49:81:9b:33:c7:28:12:79:81:40:84:d9:43:30:1b:e7:4d:
61:aa:78:98:0c:9f:69:93:b7:95:e5:a5:8c:53:f7:79:44:b2:
7f:94:85:cb:50:dc:91:c5:a3:f2:08:97:3b:06:78:82:c8:a3:
3c:6f:70:e1:26:61:cc:8f:c7:eb:ee:51:d5:dd:8e:ae:50:02:
fb:d5:06:ef
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQhRGg2jSZhYXvImws8SJbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTBkNThkNzdiMGZhNWRjZWM0ZjQyYWU5NmYzNDdiYzgw
ZGFhM2UwHhcNMjUwMTAxMDk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRjNGM2NzE0ODNjOTdlZGM5NWQ3YTczYjU0NjhkNzM3OTM2NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtS2pfajCqylhut5rEXKah/tNd1j
D/bK9m0ejXPZ8qW4Nt8nzuu+OamVOKwIv8Lf/XT4h8Ikd4s12+8NKiw5raSmDeKP
QaWeuxGCzUwjjf5JuIyuKnlS6P4gbZVRrZj/DnbUsIv1gXs+nDyS5lXrd0piytN1
C6/tbso7zUdc4G6MZOrNjpA/3XGuYRf59hksfp2GqDzlLf6J13tOgGHOMXkeV9zK
8A29T5ftz2kLmdTKxsjhvqSIwazKxWwo5m3J9BGRJJH29kSyP+FJRIx71n2rvQYj
UkZ+0DEJP7LyZCET1EQrv9vpCtgS0bUbAdGQUfGjl9FS4x2oJOGhj9qYkwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMTcTGcUg8l+3JXXpztUaNc3k2bkMB8GA1UdIwQY
MBaAFDJQ1Y13sPpdzsT0KulvNHvIDao+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUt
M2UzMGE0YzRiODI2LzEveE54TVp4U0R5WDdjbGRlbk8xUm8xemVUWnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUtM2UzMGE0YzRiODI2
LzEvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGTUzAAwQC
uS3wAwQF1D9AAwQF1YnAAwQF1dYAMA0EAgACMAcDBQMgAQrYMA0GCSqGSIb3DQEB
CwUAA4IBAQCFq+GaPJtmJr0ooFFAyjHEfJRqqxld60uu1unnPDctB2wzkf1wgq9P
dhGD+2h2X1C518Ql2nGDlOtTk3MMBwcuPx58vNcsvR5vj4tJtiBlQA0IlaOCPQVa
4WwkEj/vSyPa0iM2RbesUdB7/8SwuLM2qLPpD3BwaA8TujCYK3Uxow2B6TLu8e//
msEgfHXWqHOrSx3SSzjGnzLAm3QlwBgjT62WYUDUS1fDK9vS0fHj8IJXjhPZSYGb
M8coEnmBQITZQzAb501hqniYDJ9pk7eV5aWMU/d5RLJ/lIXLUNyRxaPyCJc7BniC
yKM8b3DhJmHMj8fr7lHV3Y6uUAL71Qbv
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:46:38 2025 by rpki-client