Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0lZ4WwipJ-KvsXe4ZGys9NACiUg.roa
File: 0lZ4WwipJ-KvsXe4ZGys9NACiUg.roa (raw, json)
Hash identifier: QrFmzpIm4MczSEVI5hA5LdZ2rdAAM8rVP77wt/9ZMEs=
Subject key identifier: D2:56:78:5B:08:A9:27:E2:AF:B1:77:B8:64:6C:AC:F4:D0:02:89:48
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019427B552BC903428A27A6DD845CF3D2D55
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0lZ4WwipJ-KvsXe4ZGys9NACiUg.roa
Signing time: Thu 02 Jan 2025 15:49:41 +0000
ROA not before: Thu 02 Jan 2025 15:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28964
IP address blocks: 77.105.8.0/24 maxlen: 24
77.105.39.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
178.253.235.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.195.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
188.255.253.0/24 maxlen: 24
212.69.2.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:52:bc:90:34:28:a2:7a:6d:d8:45:cf:3d:2d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 15:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d256785b08a927e2afb177b8646cacf4d0028948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:8e:cc:d8:38:a8:2e:66:00:b4:cb:b7:61:
93:0f:e2:cb:61:4a:7c:46:25:a4:21:ae:f3:a8:c0:
55:58:20:ff:82:cc:c1:dd:ec:9d:b3:a2:b1:84:bf:
b0:31:6b:b9:9a:2a:98:94:92:83:fc:bb:c6:02:14:
62:d4:02:fe:c1:a9:90:ea:b1:48:2a:fd:68:73:dd:
81:61:88:23:27:5f:99:a3:62:92:39:07:51:37:a3:
fa:18:27:42:68:38:06:ae:c8:35:06:b9:f9:5b:df:
3c:79:54:0f:7d:06:94:b3:00:2d:8b:1a:81:0c:a5:
c2:b6:70:bc:b1:0c:2e:ea:72:b2:7e:a6:13:1d:d3:
03:f8:61:18:72:a5:1c:e3:eb:4f:a1:00:36:df:9a:
12:24:86:25:0f:16:40:3e:94:a0:a5:41:b3:c7:f3:
67:a0:9b:fb:06:82:fc:4a:16:69:8f:3f:c9:09:f5:
b2:47:3b:3a:88:44:a8:42:18:22:a7:87:27:42:fe:
27:78:ed:aa:94:b0:9e:be:63:b4:82:a5:10:e7:0f:
70:b0:cd:10:7d:39:fe:69:2f:7b:9a:8d:b1:3c:1e:
03:8d:60:e2:c8:5c:e8:e0:12:9c:a2:3c:7f:c4:7e:
af:c2:68:3b:9e:17:70:50:55:83:8b:a7:23:97:2c:
71:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:56:78:5B:08:A9:27:E2:AF:B1:77:B8:64:6C:AC:F4:D0:02:89:48
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0lZ4WwipJ-KvsXe4ZGys9NACiUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
77.105.39.0/24
79.175.66.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
178.219.2.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.235.0/24
178.253.238.0/24
178.253.245.0-178.253.246.255
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.2.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:e4:74:02:5f:25:65:46:bb:a8:61:7f:af:99:d8:83:eb:58:
22:3a:8a:1f:86:f0:d7:bc:25:d1:28:2d:ac:c9:18:0f:33:8d:
c0:c1:f2:24:a6:cd:86:db:71:26:63:10:8b:9b:6c:da:79:60:
00:8e:42:c9:cb:68:1b:66:fe:ae:a1:88:a4:61:db:f0:55:b7:
9b:2b:4b:07:7d:18:97:ea:af:03:b6:21:ee:1f:96:ae:d1:3a:
4f:38:90:d6:a8:a0:37:27:e2:2e:f2:d7:79:8d:19:16:ac:39:
7f:cb:85:0a:db:c8:25:ea:6a:b6:be:67:67:02:8a:89:63:37:
29:64:b6:d9:58:27:c1:8b:3b:ae:75:3f:87:00:d3:c7:57:b0:
31:8d:d2:32:f1:2b:87:04:62:6a:4d:61:56:a2:a3:d5:eb:77:
d6:6b:14:32:f4:85:1f:1e:00:e8:f6:f4:52:3a:0d:ab:4f:df:
e6:72:1f:89:67:c7:82:77:37:83:98:1e:59:4c:ba:ce:da:87:
43:dd:03:6a:e7:0b:49:df:db:99:36:07:87:bd:a7:a6:ec:7c:
29:dc:55:52:04:eb:62:10:2e:22:f9:d8:c4:3c:a1:66:a8:e6:
50:9e:7f:ff:2c:05:e2:2d:49:9e:d1:44:fb:aa:98:17:4c:be:
ea:42:1d:e1
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZQntVK8kDQoonpt2EXPPS1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMTAyMTU0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU2Nzg1YjA4YTkyN2UyYWZiMTc3Yjg2NDZjYWNmNGQwMDI4OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlGOzNg4qC5mALTLt2GTD+LLYUp8
RiWkIa7zqMBVWCD/gszB3eyds6KxhL+wMWu5miqYlJKD/LvGAhRi1AL+wamQ6rFI
Kv1oc92BYYgjJ1+Zo2KSOQdRN6P6GCdCaDgGrsg1Brn5W988eVQPfQaUswAtixqB
DKXCtnC8sQwu6nKyfqYTHdMD+GEYcqUc4+tPoQA235oSJIYlDxZAPpSgpUGzx/Nn
oJv7BoL8ShZpjz/JCfWyRzs6iESoQhgip4cnQv4neO2qlLCevmO0gqUQ5w9wsM0Q
fTn+aS97mo2xPB4DjWDiyFzo4BKcojx/xH6vwmg7nhdwUFWDi6cjlyxxAwIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFNJWeFsIqSfir7F3uGRsrPTQAolIMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMGxaNFd3aXBKLUt2c1hlNFpHeXM5TkFDaVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBABN
aQgDBABNaScDBABPr0IDBABPr3gDBABREjMwDAMEA1ESOAMEAFESOgMEAFESPwME
AF26QQMEAF26TQMEAW15MAMEAG15NQMEALLbAgMEALL91DAMAwQDsv3YAwQAsv3a
AwQBsv3cAwQAsv3rAwQAsv3uMAwDBACy/fUDBACy/fYDBAC8/7MDBAC8/74DBAG8
/8AwDAMEALz/wwMEA7z/wAMEALz/zwMEALz/2QMEALz/5AMEAbz/5gMEALz//TAM
AwQB1EUCAwQB1EUEAwQA1EUTAwQA1EUVAwQA1EUeMA0GCSqGSIb3DQEBCwUAA4IB
AQCd5HQCXyVlRruoYX+vmdiD61giOoofhvDXvCXRKC2syRgPM43AwfIkps2G23Em
YxCLm2zaeWAAjkLJy2gbZv6uoYikYdvwVbebK0sHfRiX6q8DtiHuH5au0TpPOJDW
qKA3J+Iu8td5jRkWrDl/y4UK28gl6mq2vmdnAoqJYzcpZLbZWCfBizuudT+HANPH
V7AxjdIy8SuHBGJqTWFWoqPV63fWaxQy9IUfHgDo9vRSOg2rT9/mch+JZ8eCdzeD
mB5ZTLrO2odD3QNq5wtJ39uZNgeHvaem7Hwp3FVSBOtiEC4i+djEPKFmqOZQnn//
LAXiLUme0UT7qpgXTL7qQh3h
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:24 2025 by rpki-client