Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/5bzk29WC2HSF9C0WZb2ngqPQ56o.roa
File: 5bzk29WC2HSF9C0WZb2ngqPQ56o.roa (raw, json)
Hash identifier: fHgyyYyWXqEUztNgt56ZVo1FPxKD7CyfYBjgqkUt9TI=
Subject key identifier: E5:BC:E4:DB:D5:82:D8:74:85:F4:2D:16:65:BD:A7:82:A3:D0:E7:AA
Certificate issuer: /CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Certificate serial: 01942826813EBDB6E9228CAD1BE9D0A2F63F
Authority key identifier: 09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/5bzk29WC2HSF9C0WZb2ngqPQ56o.roa
Signing time: Thu 02 Jan 2025 17:53:19 +0000
ROA not before: Thu 02 Jan 2025 17:53:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42020
IP address blocks: 77.42.248.0/24 maxlen: 24
77.42.249.0/24 maxlen: 24
77.42.250.0/24 maxlen: 24
77.42.251.0/24 maxlen: 24
77.42.252.0/24 maxlen: 24
77.42.253.0/24 maxlen: 24
77.42.254.0/24 maxlen: 24
77.42.255.0/24 maxlen: 24
185.173.60.0/24 maxlen: 24
185.173.61.0/24 maxlen: 24
185.173.62.0/24 maxlen: 24
185.173.63.0/24 maxlen: 24
2a00:6920::/48 maxlen: 48
2a00:6920:1000::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:81:3e:bd:b6:e9:22:8c:ad:1b:e9:d0:a2:f6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Validity
Not Before: Jan 2 17:53:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5bce4dbd582d87485f42d1665bda782a3d0e7aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:55:cf:a4:c2:27:4a:22:80:1d:8c:25:a1:9c:
0a:c2:e1:ef:d4:eb:16:ee:22:6f:7d:81:ec:8c:d8:
51:b4:fe:a5:59:d1:2b:c7:e2:ac:3f:c3:b0:e1:0e:
de:fd:89:56:dc:73:7e:52:9f:eb:61:a4:d3:4b:4d:
44:d0:4e:e5:22:8e:c4:83:74:98:3b:f6:fa:e8:ff:
2b:46:dd:ab:39:4d:2f:2e:93:2e:fb:3d:40:79:11:
4c:96:03:18:c3:f1:35:37:31:35:ea:aa:80:20:21:
8f:fe:1d:1b:a9:37:34:ee:b3:9b:fa:e1:88:97:52:
f1:15:06:fa:0c:e2:46:79:46:b4:b1:42:15:33:94:
84:7e:49:dc:33:37:a8:77:b8:80:30:34:49:da:08:
9a:20:01:16:e8:71:12:c5:33:ad:63:1b:23:b8:20:
79:0e:cd:a7:73:e3:a1:19:9e:56:f9:c8:08:4d:bc:
dc:d5:4c:6e:39:35:a3:9b:82:d9:14:e1:ed:69:91:
03:cd:5e:bb:49:5e:df:17:8a:a8:33:57:73:23:c4:
57:78:57:fa:0b:34:dc:8e:f8:40:fa:25:1e:26:4f:
80:fd:ea:49:ff:21:77:d5:72:5d:21:85:cc:16:00:
65:87:80:e2:b5:f4:e1:b2:87:25:f7:56:5b:17:60:
b9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BC:E4:DB:D5:82:D8:74:85:F4:2D:16:65:BD:A7:82:A3:D0:E7:AA
X509v3 Authority Key Identifier:
keyid:09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/5bzk29WC2HSF9C0WZb2ngqPQ56o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.42.248.0/21
185.173.60.0/22
IPv6:
2a00:6920::/48
2a00:6920:1000::/40
Signature Algorithm: sha256WithRSAEncryption
68:8f:a3:bb:44:8c:66:b0:49:d9:97:c9:ba:87:a0:e3:c0:4a:
d4:3e:9a:51:b9:db:de:d3:af:6b:18:a6:17:ee:78:25:4d:c8:
6b:41:93:74:0b:3d:69:f4:ca:1d:42:05:c0:fb:fa:b3:be:66:
51:f2:90:a7:ac:c2:41:be:07:b4:89:ea:9b:83:a8:6e:eb:28:
99:7c:de:56:96:25:e6:f9:ec:42:63:cf:58:6e:74:d8:92:2c:
dc:eb:01:e9:bf:0b:cd:fb:8d:e0:20:85:34:5f:19:1f:80:fc:
62:ed:c1:c7:cf:e9:04:24:69:d9:8f:09:d0:5d:c5:33:ac:00:
c2:20:a2:e1:01:0d:ef:ca:5d:8e:e6:12:47:f5:46:ef:c8:9a:
8c:17:c2:94:c7:71:33:8e:a3:00:b3:3b:bc:07:d2:99:d6:b8:
34:5c:8b:ee:8c:cc:ea:b2:a8:10:60:9c:de:08:6b:c0:8f:2b:
9b:7e:22:ff:07:98:15:d6:12:4c:6e:b3:78:85:dd:20:70:da:
cc:f6:e7:0a:41:9f:17:78:e2:a0:f6:66:a0:94:1b:27:47:43:
2a:a2:f8:71:69:c2:14:c3:04:50:f8:51:03:65:3b:f5:3f:66:
c0:46:7a:83:f5:e4:59:2f:3a:d2:5a:56:bc:28:e4:87:ae:72:
51:5c:90:66
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQoJoE+vbbpIoytG+nQovY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjZlMDVkMTUyNzUwZGZhYWRlNWZhZjc5MWJhZDM5MWRj
NmQyZDQwHhcNMjUwMTAyMTc1MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJjZTRkYmQ1ODJkODc0ODVmNDJkMTY2NWJkYTc4MmEzZDBlN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1XPpMInSiKAHYwloZwKwuHv1OsW
7iJvfYHsjNhRtP6lWdErx+KsP8Ow4Q7e/YlW3HN+Up/rYaTTS01E0E7lIo7Eg3SY
O/b66P8rRt2rOU0vLpMu+z1AeRFMlgMYw/E1NzE16qqAICGP/h0bqTc07rOb+uGI
l1LxFQb6DOJGeUa0sUIVM5SEfkncMzeod7iAMDRJ2giaIAEW6HESxTOtYxsjuCB5
Ds2nc+OhGZ5W+cgITbzc1UxuOTWjm4LZFOHtaZEDzV67SV7fF4qoM1dzI8RXeFf6
CzTcjvhA+iUeJk+A/epJ/yF31XJdIYXMFgBlh4DitfThsocl91ZbF2C5jwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFOW85NvVgth0hfQtFmW9p4Kj0OeqMB8GA1UdIwQY
MBaAFAlm4F0VJ1Dfqt5fr3kbrTkdxtLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMt
NzIxYmI0ZmM4YzE2LzEvNWJ6azI5V0MySFNGOUMwV1piMm5ncVBRNTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMtNzIxYmI0ZmM4YzE2
LzEvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQDTSr4AwQC
ua08MBcEAgACMBEDBwAqAGkgAAADBgAqAGkgEDANBgkqhkiG9w0BAQsFAAOCAQEA
aI+ju0SMZrBJ2ZfJuoeg48BK1D6aUbnb3tOvaximF+54JU3Ia0GTdAs9afTKHUIF
wPv6s75mUfKQp6zCQb4HtInqm4OobusomXzeVpYl5vnsQmPPWG502JIs3OsB6b8L
zfuN4CCFNF8ZH4D8Yu3Bx8/pBCRp2Y8J0F3FM6wAwiCi4QEN78pdjuYSR/VG78ia
jBfClMdxM46jALM7vAfSmda4NFyL7ozM6rKoEGCc3ghrwI8rm34i/weYFdYSTG6z
eIXdIHDazPbnCkGfF3jioPZmoJQbJ0dDKqL4cWnCFMMEUPhRA2U79T9mwEZ6g/Xk
WS860lpWvCjkh65yUVyQZg==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:28:47 2025 by rpki-client