Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/oU2gT1IurOl4JOtTxHQKMy5VlJc.roa
File: oU2gT1IurOl4JOtTxHQKMy5VlJc.roa (raw, json)
Hash identifier: 7D6CZeXsxLmbsc8Q3WlliKMlAUVGAKnvDjUAjAi4e0g=
Subject key identifier: A1:4D:A0:4F:52:2E:AC:E9:78:24:EB:53:C4:74:0A:33:2E:55:94:97
Certificate issuer: /CN=4ccbc5e045eaa5f762a9146244c19248b62ba976
Certificate serial: 019424B3B9FA5B0D0C96B0F7A88016A98ECE
Authority key identifier: 4C:CB:C5:E0:45:EA:A5:F7:62:A9:14:62:44:C1:92:48:B6:2B:A9:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TMvF4EXqpfdiqRRiRMGSSLYrqXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/oU2gT1IurOl4JOtTxHQKMy5VlJc.roa
Signing time: Thu 02 Jan 2025 01:49:05 +0000
ROA not before: Thu 02 Jan 2025 01:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48095
IP address blocks: 77.83.164.0/23 maxlen: 23
77.83.166.0/23 maxlen: 23
80.65.220.0/22 maxlen: 22
185.210.40.0/22 maxlen: 22
185.224.140.0/22 maxlen: 22
185.228.216.0/22 maxlen: 22
194.15.104.0/23 maxlen: 23
194.15.106.0/23 maxlen: 23
195.242.208.0/22 maxlen: 22
212.115.60.0/23 maxlen: 23
212.115.62.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b9:fa:5b:0d:0c:96:b0:f7:a8:80:16:a9:8e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ccbc5e045eaa5f762a9146244c19248b62ba976
Validity
Not Before: Jan 2 01:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a14da04f522eace97824eb53c4740a332e559497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:ff:e9:18:30:20:07:30:cd:5e:e3:e4:2e:
f3:45:e2:65:20:d9:05:76:46:87:d6:68:30:e8:dd:
0a:3d:8a:cb:a1:15:69:ef:18:96:c5:58:a5:8e:3d:
f9:7e:a5:d3:cd:76:15:6b:e3:ff:5f:fb:0e:db:d3:
6a:4f:c9:44:21:f3:4a:c2:36:a4:66:f7:d8:31:ef:
da:3d:32:11:0f:10:ad:9a:d3:0c:f9:0e:b4:a2:15:
a6:99:d8:17:40:be:75:14:2a:fb:48:80:f3:2e:57:
ee:61:df:9c:5f:bc:7e:d0:a2:78:01:68:97:fc:60:
08:20:b5:89:93:ed:47:3a:02:62:b3:63:d1:1e:a9:
05:76:0e:ed:2f:58:c8:f9:23:0a:96:03:0f:6a:e5:
65:18:28:ce:90:66:c1:41:bd:05:d5:82:2a:9e:77:
a5:a7:42:15:56:a8:e7:c2:44:04:c9:2b:05:dd:fa:
d1:51:dc:de:07:4b:af:42:13:e1:b6:01:dc:fa:ea:
91:87:56:37:5a:00:33:f6:7e:c5:8b:e0:5c:02:b9:
44:18:4c:1c:41:43:07:70:00:e5:91:69:bb:44:28:
c6:fa:72:02:e4:70:0c:d1:e5:86:04:c8:a0:2d:0f:
15:cc:0d:28:2c:05:10:70:77:78:19:07:1e:79:f3:
50:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4D:A0:4F:52:2E:AC:E9:78:24:EB:53:C4:74:0A:33:2E:55:94:97
X509v3 Authority Key Identifier:
keyid:4C:CB:C5:E0:45:EA:A5:F7:62:A9:14:62:44:C1:92:48:B6:2B:A9:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TMvF4EXqpfdiqRRiRMGSSLYrqXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/oU2gT1IurOl4JOtTxHQKMy5VlJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/TMvF4EXqpfdiqRRiRMGSSLYrqXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.164.0/22
80.65.220.0/22
185.210.40.0/22
185.224.140.0/22
185.228.216.0/22
194.15.104.0/22
195.242.208.0/22
212.115.60.0/22
Signature Algorithm: sha256WithRSAEncryption
01:e8:ef:45:88:44:3b:12:77:ed:11:a9:9c:fb:53:7b:18:4b:
64:3b:db:bd:c9:28:50:33:12:36:41:ae:b2:95:65:b7:1b:d5:
22:ea:a9:2d:58:37:05:a3:ce:6d:d3:12:91:0f:10:60:79:18:
31:82:65:2b:ba:b6:b9:ab:f8:60:cc:8c:51:87:b9:6d:dd:a3:
87:95:64:a1:49:4f:ff:e2:0e:74:30:1a:02:75:0b:0e:c9:70:
d9:09:03:ae:29:a2:b8:35:b1:6e:b3:64:92:4c:15:86:4c:e2:
0e:03:b9:a1:4b:56:38:cf:22:0a:1d:47:7a:a3:ac:82:d1:1d:
16:ab:62:ef:8e:e6:15:3e:bb:79:96:e0:ef:69:20:59:79:42:
12:92:72:85:4a:8c:a5:17:c2:c6:f6:b0:98:83:0f:0a:0b:02:
53:66:74:d0:b9:36:1b:2c:e9:d6:84:c4:ae:7d:19:36:24:cf:
0a:c6:dc:e5:43:94:6d:6d:6a:3f:12:5b:72:b7:81:38:e0:45:
cc:25:5f:50:86:b8:ba:4e:c7:90:e2:d9:79:5a:e6:e4:1b:12:
23:82:f1:38:30:92:03:25:3f:04:1a:9e:35:99:c5:33:2a:6a:
62:db:3a:e9:92:58:e0:44:47:74:42:aa:99:5d:22:b3:0b:54:
5f:50:3a:de
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQks7n6Ww0MlrD3qIAWqY7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjY2JjNWUwNDVlYWE1Zjc2MmE5MTQ2MjQ0YzE5MjQ4YjYy
YmE5NzYwHhcNMjUwMTAyMDE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTRkYTA0ZjUyMmVhY2U5NzgyNGViNTNjNDc0MGEzMzJlNTU5NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH//6RgwIAcwzV7j5C7zReJlINkF
dkaH1mgw6N0KPYrLoRVp7xiWxViljj35fqXTzXYVa+P/X/sO29NqT8lEIfNKwjak
ZvfYMe/aPTIRDxCtmtMM+Q60ohWmmdgXQL51FCr7SIDzLlfuYd+cX7x+0KJ4AWiX
/GAIILWJk+1HOgJis2PRHqkFdg7tL1jI+SMKlgMPauVlGCjOkGbBQb0F1YIqnnel
p0IVVqjnwkQEySsF3frRUdzeB0uvQhPhtgHc+uqRh1Y3WgAz9n7Fi+BcArlEGEwc
QUMHcADlkWm7RCjG+nIC5HAM0eWGBMigLQ8VzA0oLAUQcHd4GQceefNQLwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKFNoE9SLqzpeCTrU8R0CjMuVZSXMB8GA1UdIwQY
MBaAFEzLxeBF6qX3YqkUYkTBkki2K6l2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE12RjRFWHFwZmRpcVJSaVJNR1NTTFlycVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iZjY2ZGQtNjIzNy00OGRlLWFlZDct
YTdjNTlkZGNmNzZiLzEvb1UyZ1QxSXVyT2w0Sk90VHhIUUtNeTVWbEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iZjY2ZGQtNjIzNy00OGRlLWFlZDctYTdjNTlkZGNmNzZi
LzEvVE12RjRFWHFwZmRpcVJSaVJNR1NTTFlycVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCTVOkAwQC
UEHcAwQCudIoAwQCueCMAwQCueTYAwQCwg9oAwQCw/LQAwQC1HM8MA0GCSqGSIb3
DQEBCwUAA4IBAQAB6O9FiEQ7EnftEamc+1N7GEtkO9u9yShQMxI2Qa6ylWW3G9Ui
6qktWDcFo85t0xKRDxBgeRgxgmUrura5q/hgzIxRh7lt3aOHlWShSU//4g50MBoC
dQsOyXDZCQOuKaK4NbFus2SSTBWGTOIOA7mhS1Y4zyIKHUd6o6yC0R0Wq2LvjuYV
Prt5luDvaSBZeUISknKFSoylF8LG9rCYgw8KCwJTZnTQuTYbLOnWhMSufRk2JM8K
xtzlQ5RtbWo/Eltyt4E44EXMJV9Qhri6TseQ4tl5WubkGxIjgvE4MJIDJT8EGp41
mcUzKmpi2zrpkljgREd0QqqZXSKzC1RfUDre
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:09:28 2025 by rpki-client