Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/0KdeedL2T8Rp4WiBVO1IOf9Yktc.roa
File: 0KdeedL2T8Rp4WiBVO1IOf9Yktc.roa (raw, json)
Hash identifier: Nc/tWrHQyoi0hEQ+1RcEv6I0SBogxbOFgcOCweAWCBY=
Subject key identifier: D0:A7:5E:79:D2:F6:4F:C4:69:E1:68:81:54:ED:48:39:FF:58:92:D7
Certificate issuer: /CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Certificate serial: 019423699603A56E8BCB999D4486C1D086E6
Authority key identifier: E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/0KdeedL2T8Rp4WiBVO1IOf9Yktc.roa
Signing time: Wed 01 Jan 2025 19:48:29 +0000
ROA not before: Wed 01 Jan 2025 19:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 77.69.128.0/17 maxlen: 17
77.69.148.0/24 maxlen: 24
82.194.32.0/19 maxlen: 19
88.201.0.0/17 maxlen: 17
88.201.37.0/24 maxlen: 24
88.201.99.0/24 maxlen: 24
89.148.0.0/18 maxlen: 18
185.165.176.0/22 maxlen: 22
193.188.96.0/19 maxlen: 19
193.188.107.0/24 maxlen: 24
217.17.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:96:03:a5:6e:8b:cb:99:9d:44:86:c1:d0:86:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Validity
Not Before: Jan 1 19:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a75e79d2f64fc469e1688154ed4839ff5892d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:54:23:3a:70:49:37:2f:a6:36:41:23:8b:2f:
4e:b1:ac:a4:fd:41:af:7e:65:b0:5f:64:8b:6f:6c:
2a:9b:77:af:ef:5d:48:a1:e0:42:6e:8e:41:fa:2a:
18:14:71:dc:00:d0:c1:13:f0:05:4a:1b:be:f8:ad:
05:ec:e8:18:c9:09:33:49:25:c8:45:5a:36:4c:b5:
2f:b7:f0:33:d6:92:a2:b4:f3:14:d4:ee:da:ef:b5:
e0:d0:f4:14:73:f2:ee:19:3a:7d:d3:5b:c9:42:94:
50:23:54:8d:51:80:d3:60:92:65:c3:1b:c7:7f:f9:
59:af:4d:72:11:fc:a8:d0:e7:2d:8c:5e:4d:32:56:
08:bb:5c:8a:ce:e1:b5:b4:cb:24:50:38:da:61:9b:
eb:69:d3:ec:89:ea:7f:2c:52:48:bf:ad:0f:98:37:
b8:ff:2f:c8:7e:22:16:13:3b:ca:0f:d3:bd:b1:71:
13:0c:00:5a:58:09:e0:cc:35:50:98:fd:5f:ca:03:
31:e7:df:1d:8d:22:2d:9f:63:da:72:47:ad:14:67:
76:89:e3:d4:b0:4d:5e:2b:ed:13:61:d7:ac:58:f2:
6e:88:9a:42:1a:ed:e0:d9:1f:b0:4f:2d:08:3d:46:
ca:4e:a6:60:31:84:a4:b3:cb:31:3b:5d:b9:96:a5:
7c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A7:5E:79:D2:F6:4F:C4:69:E1:68:81:54:ED:48:39:FF:58:92:D7
X509v3 Authority Key Identifier:
keyid:E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/0KdeedL2T8Rp4WiBVO1IOf9Yktc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.69.128.0/17
82.194.32.0/19
88.201.0.0/17
89.148.0.0/18
185.165.176.0/22
193.188.96.0/19
217.17.224.0/19
Signature Algorithm: sha256WithRSAEncryption
56:4b:2c:f3:ee:2d:06:84:12:56:c4:7b:c1:74:05:b3:cc:a8:
98:ce:88:b4:28:80:28:ef:d9:ef:e7:78:8b:ab:c1:f4:31:f7:
20:c3:5d:1d:d8:d3:12:1f:7d:14:de:88:e5:56:53:57:2d:63:
cb:c1:1a:6a:bc:24:04:9d:95:20:9f:96:4c:53:3e:cc:c8:70:
d2:46:9d:f6:61:5a:c5:93:80:b7:ce:66:ea:ea:c8:0e:3c:00:
50:ae:e2:19:0f:2d:4c:39:55:59:83:ad:31:ac:0e:99:13:f4:
be:31:5a:d2:c8:10:10:be:18:a9:ad:85:e8:39:d7:8d:fc:85:
aa:54:3b:f7:23:45:d4:20:29:b6:65:52:e0:41:a9:ad:de:e3:
ba:ff:02:0a:46:d9:cf:fe:ec:a1:95:85:c8:18:f0:fb:9f:96:
2e:a3:cb:8c:bf:20:cd:39:25:36:56:ab:0a:7d:21:00:9b:b9:
3f:77:38:60:53:47:64:f4:24:67:b4:3c:7a:b6:85:4d:a5:61:
79:45:3b:fd:c6:97:bd:b1:12:99:45:7e:1f:97:a4:a0:7f:ab:
90:bb:d7:91:31:ba:23:37:1b:4f:cf:ba:e5:47:74:f2:cb:2f:
79:e2:ea:eb:71:a8:65:78:93:c7:4d:4f:20:e1:8a:bd:4f:fd:
09:2d:7b:25
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjaZYDpW6Ly5mdRIbB0IbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMmJjZDQwYzY3NzQ2NzdkMmMzNzAyZWY1OWVkZjQ5ZDBi
MzZjNmMwHhcNMjUwMTAxMTk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE3NWU3OWQyZjY0ZmM0NjllMTY4ODE1NGVkNDgzOWZmNTg5MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFQjOnBJNy+mNkEjiy9Osayk/UGv
fmWwX2SLb2wqm3ev711IoeBCbo5B+ioYFHHcANDBE/AFShu++K0F7OgYyQkzSSXI
RVo2TLUvt/Az1pKitPMU1O7a77Xg0PQUc/LuGTp901vJQpRQI1SNUYDTYJJlwxvH
f/lZr01yEfyo0OctjF5NMlYIu1yKzuG1tMskUDjaYZvradPsiep/LFJIv60PmDe4
/y/IfiIWEzvKD9O9sXETDABaWAngzDVQmP1fygMx598djSItn2PacketFGd2iePU
sE1eK+0TYdesWPJuiJpCGu3g2R+wTy0IPUbKTqZgMYSks8sxO125lqV8bwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNCnXnnS9k/EaeFogVTtSDn/WJLXMB8GA1UdIwQY
MBaAFOMrzUDGd0Z30sNwLvWe30nQs2xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEt
MDc0MDExNWI1YTUyLzEvMEtkZWVkTDJUOFJwNFdpQlZPMUlPZjlZa3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEtMDc0MDExNWI1YTUy
LzEvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQHTUWAAwQF
UsIgAwQHWMkAAwQGWZQAAwQCuaWwAwQFwbxgAwQF2RHgMA0GCSqGSIb3DQEBCwUA
A4IBAQBWSyzz7i0GhBJWxHvBdAWzzKiYzoi0KIAo79nv53iLq8H0Mfcgw10d2NMS
H30U3ojlVlNXLWPLwRpqvCQEnZUgn5ZMUz7MyHDSRp32YVrFk4C3zmbq6sgOPABQ
ruIZDy1MOVVZg60xrA6ZE/S+MVrSyBAQvhiprYXoOdeN/IWqVDv3I0XUICm2ZVLg
Qamt3uO6/wIKRtnP/uyhlYXIGPD7n5Yuo8uMvyDNOSU2VqsKfSEAm7k/dzhgU0dk
9CRntDx6toVNpWF5RTv9xpe9sRKZRX4fl6Sgf6uQu9eRMbojNxtPz7rlR3Tyyy95
4urrcahleJPHTU8g4Yq9T/0JLXsl
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:33:13 2025 by rpki-client