Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/9VN0sy50HSODEHZbX66L-b8deHc.roa
File: 9VN0sy50HSODEHZbX66L-b8deHc.roa (raw, json)
Hash identifier: jP7k3YgnbTl3KFJPn2E0Kcls6tmGu0Fkbos1usVNkL4=
Subject key identifier: F5:53:74:B3:2E:74:1D:23:83:10:76:5B:5F:AE:8B:F9:BF:1D:78:77
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 019427482C1D7AD805D6BC940B054D26F6A3
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/9VN0sy50HSODEHZbX66L-b8deHc.roa
Signing time: Thu 02 Jan 2025 13:50:28 +0000
ROA not before: Thu 02 Jan 2025 13:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 78.153.136.0/24 maxlen: 24
109.237.98.0/24 maxlen: 24
109.237.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:2c:1d:7a:d8:05:d6:bc:94:0b:05:4d:26:f6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Jan 2 13:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f55374b32e741d238310765b5fae8bf9bf1d7877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:4a:2b:35:f8:2f:95:3b:ea:09:34:67:a4:
44:c5:40:8f:d1:33:7f:46:7d:f4:30:24:64:14:16:
22:9e:1b:47:74:f3:61:8a:bb:e4:af:6e:7d:62:81:
03:07:30:f7:d1:99:e5:5e:67:bc:c7:26:07:82:00:
eb:27:f1:bb:b9:26:7d:37:97:a1:5d:14:9b:1f:17:
ad:ba:18:8b:00:ef:32:fd:09:2e:19:c8:1c:ed:07:
5d:6b:dd:f7:ee:39:0e:25:bd:bb:d3:81:17:42:a4:
1f:cc:aa:e5:89:59:20:11:44:ba:26:04:f1:7d:44:
26:9f:b1:88:f1:cc:4d:26:bd:0f:f5:dd:2c:a2:ef:
65:fe:1e:cf:19:70:72:70:ff:1b:38:5f:22:59:6b:
d1:65:16:1d:4f:5c:cf:0d:73:da:3c:dd:ec:4d:e8:
d5:a3:33:76:5b:fe:a3:fb:59:90:42:e2:32:25:15:
85:c2:f5:7f:a9:14:38:48:58:19:f0:e8:b3:02:52:
56:70:e7:ec:c3:5d:05:45:e6:ed:36:1d:53:a1:f8:
3a:3c:92:a9:98:5b:72:1b:f9:15:02:28:a7:bb:10:
18:76:c9:58:a8:93:48:47:0d:cb:ab:e4:9a:fd:60:
fe:65:6a:67:df:4e:b0:04:51:a4:13:ba:cb:1b:9b:
5a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:53:74:B3:2E:74:1D:23:83:10:76:5B:5F:AE:8B:F9:BF:1D:78:77
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/9VN0sy50HSODEHZbX66L-b8deHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.136.0/24
109.237.98.0/23
Signature Algorithm: sha256WithRSAEncryption
92:a0:95:f4:b5:62:df:98:6b:53:cb:4e:e3:c6:8f:ac:dd:e6:
9b:2f:f2:c2:12:63:72:8e:37:f5:7a:c2:7d:06:a6:15:f4:d2:
66:45:af:ab:c7:0c:75:21:c7:a0:21:d5:df:70:14:77:f5:a6:
54:75:09:3e:d7:82:08:6b:a4:28:cc:5d:43:c1:28:a8:5f:19:
0f:a2:12:88:f2:9e:76:87:2b:95:93:40:f6:b6:ab:2d:94:1b:
55:1f:3b:55:f7:0c:b5:c7:9b:8c:a2:91:66:f3:10:5c:48:65:
ba:81:af:37:18:43:6e:9a:bb:b0:99:01:8d:22:d4:0c:45:9a:
f8:e7:da:52:aa:9a:d8:aa:2a:40:2a:9a:96:8e:8e:99:24:f3:
3a:91:3c:ab:d1:11:a0:42:8e:ab:ea:35:83:39:6a:da:e9:66:
e4:d3:82:9f:4c:8a:f5:f7:f4:72:a2:e4:0c:99:c0:69:a6:7b:
8e:1f:eb:95:da:a9:94:26:ba:83:4c:9e:65:3b:9d:2c:9a:8a:
da:b4:8c:b7:cf:76:97:2d:1e:a5:ae:d2:fb:33:1c:26:d3:b1:
f1:30:6a:c5:af:95:0b:13:25:e1:40:14:fc:95:11:62:73:b1:
a6:6b:8f:49:eb:4c:42:ed:98:ce:a6:1c:9e:f3:3c:30:f7:34:
ce:ee:ae:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSCwdetgF1ryUCwVNJvajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjUwMTAyMTM1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTUzNzRiMzJlNzQxZDIzODMxMDc2NWI1ZmFlOGJmOWJmMWQ3ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM9KKzX4L5U76gk0Z6RExUCP0TN/
Rn30MCRkFBYinhtHdPNhirvkr259YoEDBzD30ZnlXme8xyYHggDrJ/G7uSZ9N5eh
XRSbHxetuhiLAO8y/QkuGcgc7Qdda9337jkOJb2704EXQqQfzKrliVkgEUS6JgTx
fUQmn7GI8cxNJr0P9d0sou9l/h7PGXBycP8bOF8iWWvRZRYdT1zPDXPaPN3sTejV
ozN2W/6j+1mQQuIyJRWFwvV/qRQ4SFgZ8OizAlJWcOfsw10FRebtNh1Tofg6PJKp
mFtyG/kVAiinuxAYdslYqJNIRw3Lq+Sa/WD+ZWpn306wBFGkE7rLG5ta7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPVTdLMudB0jgxB2W1+ui/m/HXh3MB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvOVZOMHN5NTBIU09ERUhaYlg2NkwtYjhkZUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATpmIAwQB
be1iMA0GCSqGSIb3DQEBCwUAA4IBAQCSoJX0tWLfmGtTy07jxo+s3eabL/LCEmNy
jjf1esJ9BqYV9NJmRa+rxwx1IcegIdXfcBR39aZUdQk+14IIa6QozF1DwSioXxkP
ohKI8p52hyuVk0D2tqstlBtVHztV9wy1x5uMopFm8xBcSGW6ga83GENumruwmQGN
ItQMRZr459pSqprYqipAKpqWjo6ZJPM6kTyr0RGgQo6r6jWDOWra6Wbk04KfTIr1
9/RyouQMmcBppnuOH+uV2qmUJrqDTJ5lO50smoratIy3z3aXLR6lrtL7Mxwm07Hx
MGrFr5ULEyXhQBT8lRFic7Gma49J60xC7ZjOphye8zww9zTO7q6U
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:40:25 2025 by rpki-client