Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/7lNfF-ZKvHjR3mhhZ5spZGFXfcw.roa
File: 7lNfF-ZKvHjR3mhhZ5spZGFXfcw.roa (raw, json)
Hash identifier: aFecZ87bWLH+ZLW0E5hbLUPBZPPw1b/Jk7mTqlkwTAU=
Subject key identifier: EE:53:5F:17:E6:4A:BC:78:D1:DE:68:61:67:9B:29:64:61:57:7D:CC
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 01856D81A1DD7C161304BAC5559009C39810
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/7lNfF-ZKvHjR3mhhZ5spZGFXfcw.roa
Signing time: Sun 01 Jan 2023 13:24:50 +0000
ROA not before: Sun 01 Jan 2023 13:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41798
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:a1:dd:7c:16:13:04:ba:c5:55:90:09:c3:98:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 13:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee535f17e64abc78d1de6861679b296461577dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a3:e1:0b:f2:a8:29:8d:d1:75:67:92:a0:28:
16:16:e7:80:6c:3e:b2:c6:7f:3c:cc:ca:e7:5f:bc:
39:ef:c5:4f:df:73:a6:c6:13:0a:e4:84:d0:38:75:
60:fc:ab:5e:a0:69:eb:de:61:04:05:77:44:c7:a7:
01:ca:02:29:7c:99:a6:e8:ad:24:f1:34:22:53:1e:
ed:2c:19:3a:10:a8:35:64:68:46:10:45:c4:58:52:
c6:cf:ce:c7:cb:8e:96:50:ca:85:19:de:11:21:26:
ee:d4:81:1d:23:b3:84:44:42:1c:07:b1:5f:35:f9:
41:11:54:e7:01:12:46:39:50:3e:74:0f:fa:77:6e:
b2:4f:7b:6f:ca:e6:b2:07:1a:38:cf:62:5e:2f:38:
fb:97:1a:43:5f:88:95:06:ab:31:3d:37:c6:57:e8:
b7:b3:70:ab:74:47:e7:28:6c:5f:fc:85:28:f8:0c:
49:9e:70:54:20:fb:9e:cb:83:dc:cd:ee:14:2f:c3:
9d:88:89:b5:44:57:6b:31:89:1f:ec:5f:ab:70:08:
b5:32:d0:1a:f9:72:96:57:ef:19:11:19:e0:cb:6d:
53:bf:a4:79:a1:a7:7f:39:ee:0a:87:7b:d1:61:0a:
b3:75:6a:63:9c:34:3a:d2:63:ef:e8:36:f8:e8:73:
0b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:53:5F:17:E6:4A:BC:78:D1:DE:68:61:67:9B:29:64:61:57:7D:CC
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/7lNfF-ZKvHjR3mhhZ5spZGFXfcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:ec:6f:d4:ce:a5:94:5a:89:c8:00:4c:e3:90:1b:3b:fb:f5:
50:86:98:59:d4:8a:14:10:71:8f:95:ce:50:3b:59:e8:84:8b:
57:41:4c:4c:a8:2d:42:79:7e:37:c9:67:3f:21:b8:5c:a4:0c:
e8:a7:aa:00:83:b9:1f:13:45:c6:5a:95:26:ff:1c:01:87:c2:
a9:c6:a9:65:42:ae:02:ea:cb:56:9c:17:24:1e:5d:f7:e1:78:
20:ba:e5:9b:11:0a:a8:ac:77:08:91:ac:de:99:78:25:38:05:
7a:c8:d9:33:bd:2c:2e:fb:7c:33:70:ac:7b:65:c7:56:ca:71:
03:e1:0d:02:ce:22:f0:08:71:c0:6d:85:84:c9:ca:4e:26:8f:
f7:98:37:a0:48:34:e6:f9:e1:a8:2f:45:7d:c6:65:85:33:32:
74:ce:21:24:bc:2a:0b:a3:d3:15:0d:6d:f5:c7:ed:37:7d:22:
0d:ae:a5:24:c0:b6:15:a2:43:07:c0:bc:1d:c1:2b:17:8e:90:
b5:80:03:b7:6d:53:9f:da:a0:a1:22:ed:aa:f4:5e:01:be:13:
4e:a7:0f:60:2b:2d:ec:1a:6e:af:ec:3f:c2:60:69:23:d1:b3:
c4:2f:51:4e:8f:fa:dd:35:28:08:f8:c2:c8:6c:0e:28:ae:56:
eb:9d:e4:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtgaHdfBYTBLrFVZAJw5gQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjMwMTAxMTMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTUzNWYxN2U2NGFiYzc4ZDFkZTY4NjE2NzliMjk2NDYxNTc3ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6PhC/KoKY3RdWeSoCgWFueAbD6y
xn88zMrnX7w578VP33OmxhMK5ITQOHVg/KteoGnr3mEEBXdEx6cBygIpfJmm6K0k
8TQiUx7tLBk6EKg1ZGhGEEXEWFLGz87Hy46WUMqFGd4RISbu1IEdI7OEREIcB7Ff
NflBEVTnARJGOVA+dA/6d26yT3tvyuayBxo4z2JeLzj7lxpDX4iVBqsxPTfGV+i3
s3CrdEfnKGxf/IUo+AxJnnBUIPuey4Pcze4UL8OdiIm1RFdrMYkf7F+rcAi1MtAa
+XKWV+8ZERngy21Tv6R5oad/Oe4Kh3vRYQqzdWpjnDQ60mPv6Db46HML2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO5TXxfmSrx40d5oYWebKWRhV33MMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvN2xOZkYtWkt2SGpSM21oaFo1c3BaR0ZYZmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQBv7G/UzqWUWonIAEzj
kBs7+/VQhphZ1IoUEHGPlc5QO1nohItXQUxMqC1CeX43yWc/IbhcpAzop6oAg7kf
E0XGWpUm/xwBh8KpxqllQq4C6stWnBckHl334XgguuWbEQqorHcIkazemXglOAV6
yNkzvSwu+3wzcKx7ZcdWynED4Q0CziLwCHHAbYWEycpOJo/3mDegSDTm+eGoL0V9
xmWFMzJ0ziEkvCoLo9MVDW31x+03fSINrqUkwLYVokMHwLwdwSsXjpC1gAO3bVOf
2qChIu2q9F4BvhNOpw9gKy3sGm6v7D/CYGkj0bPEL1FOj/rdNSgI+MLIbA4orlbr
neTi
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:36 2025 by rpki-client