Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/8GeGNNzjzZvJIEAAhJi9tW2bbrA.roa
File: 8GeGNNzjzZvJIEAAhJi9tW2bbrA.roa (raw, json)
Hash identifier: Eto9TySCaxnkkdyIGeX6PMXh8s89OGTNecNbv02FHmY=
Subject key identifier: F0:67:86:34:DC:E3:CD:9B:C9:20:40:00:84:98:BD:B5:6D:9B:6E:B0
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0194228E28474735A2F9A01AEB134657DE87
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/8GeGNNzjzZvJIEAAhJi9tW2bbrA.roa
Signing time: Wed 01 Jan 2025 15:48:49 +0000
ROA not before: Wed 01 Jan 2025 15:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43179
IP address blocks: 77.74.224.0/24 maxlen: 24
77.74.226.0/24 maxlen: 24
77.74.227.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:28:47:47:35:a2:f9:a0:1a:eb:13:46:57:de:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 1 15:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0678634dce3cd9bc92040008498bdb56d9b6eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:aa:c4:28:2c:7b:6c:3d:c2:91:a6:69:49:
25:15:c4:f4:08:ac:26:14:0e:a4:6d:d5:af:58:00:
bb:4d:5b:37:cc:15:9e:81:d2:ab:2c:bb:96:12:25:
67:17:ba:bf:43:63:a2:32:ef:41:2b:89:d0:f6:ea:
0b:1f:e1:5c:96:c2:b9:af:e8:e1:7e:44:8d:d3:1f:
71:b7:ec:01:22:48:ac:e5:48:c9:9e:01:89:10:f0:
59:03:54:cd:8e:8d:fc:14:73:5b:2e:86:90:55:cf:
97:b8:9a:63:41:5e:66:31:7a:14:1b:1c:cd:19:7e:
d0:59:5b:c2:db:64:2f:5b:96:c3:a1:57:e1:63:9c:
da:ad:1d:af:ec:9b:0d:31:d5:3c:43:f9:1b:13:94:
a9:0b:f9:b8:42:77:8b:c6:1a:14:9a:ab:ec:21:d5:
00:28:1e:d0:e7:a4:7c:92:c9:63:41:d4:ad:c8:95:
2b:fd:d9:c6:90:ad:02:b0:78:bb:e0:81:c5:43:c1:
a4:a5:2e:00:8f:4d:97:de:bd:15:de:be:19:7d:e6:
94:3b:0c:fb:46:9b:2d:c1:db:42:3b:f6:0d:c8:29:
7f:e4:42:70:aa:91:00:89:8b:7d:9c:fc:ec:9f:d3:
b9:e4:5b:96:9c:24:d0:c0:44:54:1f:66:f7:6f:d2:
1a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:67:86:34:DC:E3:CD:9B:C9:20:40:00:84:98:BD:B5:6D:9B:6E:B0
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/8GeGNNzjzZvJIEAAhJi9tW2bbrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.224.0/24
77.74.226.0/23
109.105.200.0-109.105.204.255
109.105.206.0/24
Signature Algorithm: sha256WithRSAEncryption
54:61:2a:44:10:90:31:67:13:02:cf:27:40:10:b2:8c:61:00:
92:0d:7a:f4:df:31:9d:7e:96:96:60:af:ae:f5:15:fd:83:35:
e9:b9:e4:f3:ac:c5:a1:5a:da:00:7c:98:69:4b:68:31:ad:83:
70:b4:80:b1:6e:39:02:17:f2:1e:70:a6:a3:3e:04:28:ac:74:
37:07:f5:90:f6:54:26:87:c0:22:2e:5e:8f:5e:0a:d6:1f:70:
32:d8:bd:6d:7a:f8:2f:6f:54:9c:f4:06:1e:6a:0e:52:e8:20:
e1:c1:20:3a:a9:9b:9d:ed:93:55:7d:94:9b:92:9a:63:2f:27:
1b:6c:67:07:9e:53:c0:6e:4a:f3:21:b1:75:54:f8:34:86:84:
af:ae:b5:ca:19:79:29:ac:3a:36:11:e0:8f:57:90:d9:5c:2d:
5f:3a:13:eb:20:b2:31:db:bb:9d:9f:f8:41:db:bd:c1:ed:d9:
21:e0:4f:86:05:b5:be:81:0c:b9:a8:96:21:f4:e6:63:54:a7:
70:d7:00:b3:ac:57:76:4a:93:4e:d8:43:5c:1e:3b:43:25:70:
4b:f7:3e:3e:dd:6e:22:1e:47:df:c7:58:6a:a5:7d:fd:f6:cd:
40:fe:85:c5:28:96:f3:93:52:0b:5f:82:19:d3:27:71:ae:f3:
22:3d:da:7a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQijihHRzWi+aAa6xNGV96HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjUwMTAxMTU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDY3ODYzNGRjZTNjZDliYzkyMDQwMDA4NDk4YmRiNTZkOWI2ZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZqqxCgse2w9wpGmaUklFcT0CKwm
FA6kbdWvWAC7TVs3zBWegdKrLLuWEiVnF7q/Q2OiMu9BK4nQ9uoLH+FclsK5r+jh
fkSN0x9xt+wBIkis5UjJngGJEPBZA1TNjo38FHNbLoaQVc+XuJpjQV5mMXoUGxzN
GX7QWVvC22QvW5bDoVfhY5zarR2v7JsNMdU8Q/kbE5SpC/m4QneLxhoUmqvsIdUA
KB7Q56R8ksljQdStyJUr/dnGkK0CsHi74IHFQ8GkpS4Aj02X3r0V3r4ZfeaUOwz7
RpstwdtCO/YNyCl/5EJwqpEAiYt9nPzsn9O55FuWnCTQwERUH2b3b9IabQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPBnhjTc482bySBAAISYvbVtm26wMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvOEdlR05Oemp6WnZKSUVBQWhKaTl0VzJiYnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATUrgAwQB
TUriMAwDBANtacgDBABtacwDBABtac4wDQYJKoZIhvcNAQELBQADggEBAFRhKkQQ
kDFnEwLPJ0AQsoxhAJINevTfMZ1+lpZgr671Ff2DNem55POsxaFa2gB8mGlLaDGt
g3C0gLFuOQIX8h5wpqM+BCisdDcH9ZD2VCaHwCIuXo9eCtYfcDLYvW16+C9vVJz0
Bh5qDlLoIOHBIDqpm53tk1V9lJuSmmMvJxtsZweeU8BuSvMhsXVU+DSGhK+utcoZ
eSmsOjYR4I9XkNlcLV86E+sgsjHbu52f+EHbvcHt2SHgT4YFtb6BDLmoliH05mNU
p3DXALOsV3ZKk07YQ1weO0MlcEv3Pj7dbiIeR9/HWGqlff32zUD+hcUolvOTUgtf
ghnTJ3Gu8yI92no=
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:24:44 2025 by rpki-client