Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/1-sqDFv96EkRUPhW9Jz-x4xcQouw.roa
File: 1-sqDFv96EkRUPhW9Jz-x4xcQouw.roa (raw, json)
Hash identifier: 8NO9z6arV7rjvDm0Lp2LUfMfpSu1MhTwVSqhFI3N46M=
Subject key identifier: FA:CA:83:16:FF:7A:12:44:54:3E:15:BD:27:3F:B1:E3:17:10:A2:EC
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 0194266BEE1829FCD1DE5722D27A6FB02F32
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/1-sqDFv96EkRUPhW9Jz-x4xcQouw.roa
Signing time: Thu 02 Jan 2025 09:49:54 +0000
ROA not before: Thu 02 Jan 2025 09:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202228
IP address blocks: 77.65.128.0/22 maxlen: 24
77.65.131.0/24 maxlen: 24
77.65.132.0/23 maxlen: 24
77.65.133.0/24 maxlen: 24
77.65.200.0/22 maxlen: 24
77.65.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ee:18:29:fc:d1:de:57:22:d2:7a:6f:b0:2f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 2 09:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faca8316ff7a1244543e15bd273fb1e31710a2ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:25:5f:71:d1:0b:7a:07:50:ba:20:f3:68:d6:
d5:82:51:dd:c5:36:0c:4e:8a:11:47:9e:71:3c:02:
3e:ec:e0:ea:b5:d7:36:b4:4a:93:55:d7:8b:4e:c2:
4c:6c:f6:9d:26:f2:dc:db:63:ed:52:ab:e0:3a:b9:
36:ef:93:c6:3d:64:47:e7:19:6d:3a:de:a9:69:b9:
fa:dd:0c:af:1e:d3:d7:26:59:3b:e9:9f:fc:bd:82:
53:91:86:e6:91:a3:f4:15:d3:fe:80:6e:3b:89:68:
42:a5:d1:72:1c:5e:ca:da:16:5d:4d:91:29:76:c5:
96:00:45:3b:c7:b2:66:e5:0b:cf:00:51:cc:ee:a4:
3e:b0:e6:58:95:b8:ae:11:fc:e0:36:f8:e6:3d:71:
94:e2:0a:bb:4c:b8:b6:3e:e2:cd:9e:f5:aa:51:b4:
57:1a:1a:3e:84:eb:cf:f4:14:00:c7:e0:3d:9d:7f:
b9:54:a9:05:d4:f4:58:4b:5f:1e:6b:af:b6:d5:cc:
46:d6:63:2a:14:7f:48:ac:c6:d0:75:e5:61:79:3d:
23:40:2b:fe:a0:78:b2:52:51:62:ca:18:51:c6:5e:
6f:6b:c8:9c:c2:43:ee:fa:1b:82:b4:77:f6:1d:d1:
c4:ee:10:46:45:56:b8:bc:c8:ee:8c:25:73:7e:75:
a3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CA:83:16:FF:7A:12:44:54:3E:15:BD:27:3F:B1:E3:17:10:A2:EC
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/1-sqDFv96EkRUPhW9Jz-x4xcQouw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.128.0-77.65.133.255
77.65.200.0-77.65.204.255
Signature Algorithm: sha256WithRSAEncryption
5f:99:ab:40:b3:88:53:44:12:41:51:65:4b:e7:0c:41:3a:14:
ac:33:ee:a7:c6:61:f9:75:ad:52:6d:a4:8c:73:9b:c8:6d:4a:
d9:c1:24:b1:4f:20:18:63:10:e6:ea:ad:b5:ec:5e:02:8a:38:
9c:52:b3:c6:c3:5a:c6:f7:0c:66:a2:3d:11:4d:65:a4:68:ba:
c2:9a:10:68:ad:c3:34:4a:d7:d5:bd:04:ad:e2:53:87:e5:24:
f3:ab:11:04:9a:20:bd:d9:08:69:cf:9e:c4:a8:8b:b0:80:7f:
94:56:f6:9f:12:6f:15:19:a7:fc:b6:86:a5:c2:fc:c8:d5:cf:
f5:3a:f7:43:f6:68:d6:08:dc:7d:5e:69:9a:90:61:a7:44:e5:
5f:30:fd:ad:0b:70:c8:b4:4f:99:6e:ef:4e:cb:eb:3c:4a:b8:
35:22:87:df:5b:14:e9:36:ac:a3:9e:9f:76:9c:35:49:3a:62:
c7:07:10:e4:e4:67:e2:36:dd:57:0f:a4:7c:29:f6:f2:38:9e:
7b:11:e6:a8:74:c0:cd:b6:c1:f3:3e:73:c3:a9:d9:4e:10:a1:
08:73:20:97:92:a7:c9:8f:70:5f:5e:65:99:48:06:b6:7d:4d:
0f:5b:7c:a7:c3:ff:bc:ff:bd:7e:47:6f:86:63:e4:4b:45:80:
7b:2c:ff:53
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQma+4YKfzR3lci0npvsC8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjUwMTAyMDk0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWNhODMxNmZmN2ExMjQ0NTQzZTE1YmQyNzNmYjFlMzE3MTBhMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCVfcdELegdQuiDzaNbVglHdxTYM
TooRR55xPAI+7ODqtdc2tEqTVdeLTsJMbPadJvLc22PtUqvgOrk275PGPWRH5xlt
Ot6pabn63QyvHtPXJlk76Z/8vYJTkYbmkaP0FdP+gG47iWhCpdFyHF7K2hZdTZEp
dsWWAEU7x7Jm5QvPAFHM7qQ+sOZYlbiuEfzgNvjmPXGU4gq7TLi2PuLNnvWqUbRX
Gho+hOvP9BQAx+A9nX+5VKkF1PRYS18ea6+21cxG1mMqFH9IrMbQdeVheT0jQCv+
oHiyUlFiyhhRxl5va8icwkPu+huCtHf2HdHE7hBGRVa4vMjujCVzfnWjrQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPrKgxb/ehJEVD4VvSc/seMXEKLsMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvMS1zcURGdjk2RWtSVVBoVzlKei14NHhjUW91dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0
Ny8xL3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQHTUGA
AwQBTUGEMAwDBANNQcgDBABNQcwwDQYJKoZIhvcNAQELBQADggEBAF+Zq0CziFNE
EkFRZUvnDEE6FKwz7qfGYfl1rVJtpIxzm8htStnBJLFPIBhjEObqrbXsXgKKOJxS
s8bDWsb3DGaiPRFNZaRousKaEGitwzRK19W9BK3iU4flJPOrEQSaIL3ZCGnPnsSo
i7CAf5RW9p8SbxUZp/y2hqXC/MjVz/U690P2aNYI3H1eaZqQYadE5V8w/a0LcMi0
T5lu707L6zxKuDUih99bFOk2rKOen3acNUk6YscHEOTkZ+I23VcPpHwp9vI4nnsR
5qh0wM22wfM+c8Op2U4QoQhzIJeSp8mPcF9eZZlIBrZ9TQ9bfKfD/7z/vX5Hb4Zj
5EtFgHss/1M=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:28:48 2025 by rpki-client