Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/fZgCK_O9EzL3jVDI5tMdfmrWOto.roa
File: fZgCK_O9EzL3jVDI5tMdfmrWOto.roa (raw, json)
Hash identifier: 7NKspnC0sEzSM+nKK7SdqjxhJ3tFALkohVjT/quz934=
Subject key identifier: 7D:98:02:2B:F3:BD:13:32:F7:8D:50:C8:E6:D3:1D:7E:6A:D6:3A:DA
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 0181D54BE0F8E720FAE55239C57E83EBC7A9
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/fZgCK_O9EzL3jVDI5tMdfmrWOto.roa
Signing time: Wed 06 Jul 2022 20:55:28 +0000
ROA not before: Wed 06 Jul 2022 20:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 88.218.80.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
77.83.22.0/23 maxlen: 24
77.83.20.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d5:4b:e0:f8:e7:20:fa:e5:52:39:c5:7e:83:eb:c7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jul 6 20:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d98022bf3bd1332f78d50c8e6d31d7e6ad63ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a9:7d:11:b9:59:56:b8:7a:48:97:98:7c:0f:
38:db:a7:04:fe:93:c7:06:e1:88:9b:26:1a:6e:d6:
ca:4e:89:f6:d8:b7:db:5c:d3:65:2e:e6:c5:e8:77:
6e:b1:86:5b:c2:c5:56:3e:26:55:c8:9f:65:e6:78:
5b:52:40:1a:56:0f:e0:a6:e6:d7:88:5e:12:a7:ce:
9d:35:39:7d:8f:57:05:2e:5c:28:b2:53:80:7e:a2:
31:98:ec:29:d5:13:8a:d6:55:d6:8b:26:27:f8:c7:
d4:a1:73:c3:69:c5:47:b7:f0:21:76:68:ba:bf:c3:
90:16:0e:47:5a:2e:5d:c1:5c:ec:55:d7:be:58:82:
91:61:c8:d8:6e:fd:ef:22:24:ba:04:fc:1b:75:a1:
82:92:3a:e3:d0:36:82:fd:5b:8b:52:3b:c3:14:23:
6c:05:55:4e:c5:9d:12:e9:fc:36:48:52:8b:b7:ce:
c8:c3:b8:bf:31:a5:70:86:54:20:87:91:04:bf:38:
d8:5a:ee:27:80:87:a1:5e:d1:e7:f7:05:a5:f9:05:
f0:b9:5a:f7:3c:14:37:58:ea:25:ec:45:88:d3:e7:
66:ab:26:5c:1d:40:c3:f6:3b:a0:ee:89:46:df:73:
87:55:45:b8:fd:6f:fa:da:48:ac:dd:bd:bb:45:73:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:98:02:2B:F3:BD:13:32:F7:8D:50:C8:E6:D3:1D:7E:6A:D6:3A:DA
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/fZgCK_O9EzL3jVDI5tMdfmrWOto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.20.0/22
88.218.80.0/24
95.214.83.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:45:a4:be:b3:06:31:12:35:75:b3:9d:72:19:50:ce:8b:ae:
96:fd:6a:e0:e3:62:d1:53:c5:29:70:90:9f:26:73:51:45:cf:
98:1e:9b:bd:e1:30:5d:1d:98:8e:e9:90:25:f2:15:75:6f:da:
96:75:4c:e2:82:d3:54:21:1c:e5:be:94:e3:57:0e:9a:11:2b:
7b:74:20:69:72:02:b1:46:a6:5e:47:b2:14:8a:29:9a:11:ef:
bd:dd:0b:b8:05:46:20:a4:1d:87:36:bf:a2:43:ba:d9:37:59:
d3:9e:9b:a8:a5:c1:8f:e0:b0:6f:ba:58:1c:d8:04:b9:31:82:
d8:d8:c4:87:b0:72:95:8d:a6:e1:1b:35:14:19:79:63:b5:46:
73:c4:e9:94:c3:d7:bc:d6:3e:3e:aa:36:5b:58:ac:d0:90:6b:
3f:86:fd:a0:ab:bb:88:33:ea:c9:d8:aa:1b:c3:e7:09:ad:ab:
40:f5:5e:0d:50:b5:15:cf:ac:97:83:28:0e:79:36:d0:f0:ef:
cc:ce:b6:14:36:78:dc:5f:99:27:7d:dd:5e:fa:3e:78:51:22:
94:47:9a:f5:45:71:41:a5:71:f8:9c:4c:e2:55:a3:fd:f6:16:
f9:57:a5:72:50:07:11:62:6e:2b:ab:69:5f:33:8a:e4:7d:9a:
79:23:1e:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHVS+D45yD65VI5xX6D68epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjIwNzA2MjA1NTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDk4MDIyYmYzYmQxMzMyZjc4ZDUwYzhlNmQzMWQ3ZTZhZDYzYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKl9EblZVrh6SJeYfA8426cE/pPH
BuGImyYabtbKTon22LfbXNNlLubF6HdusYZbwsVWPiZVyJ9l5nhbUkAaVg/gpubX
iF4Sp86dNTl9j1cFLlwoslOAfqIxmOwp1ROK1lXWiyYn+MfUoXPDacVHt/Ahdmi6
v8OQFg5HWi5dwVzsVde+WIKRYcjYbv3vIiS6BPwbdaGCkjrj0DaC/VuLUjvDFCNs
BVVOxZ0S6fw2SFKLt87Iw7i/MaVwhlQgh5EEvzjYWu4ngIehXtHn9wWl+QXwuVr3
PBQ3WOol7EWI0+dmqyZcHUDD9jug7olG33OHVUW4/W/62kis3b27RXNdiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH2YAivzvRMy941QyObTHX5q1jraMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvZlpnQ0tfTzlFekwzalZESTV0TWRmbXJXT3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTVMUAwQA
WNpQAwQAX9ZTMA0GCSqGSIb3DQEBCwUAA4IBAQCLRaS+swYxEjV1s51yGVDOi66W
/Wrg42LRU8UpcJCfJnNRRc+YHpu94TBdHZiO6ZAl8hV1b9qWdUzigtNUIRzlvpTj
Vw6aESt7dCBpcgKxRqZeR7IUiimaEe+93Qu4BUYgpB2HNr+iQ7rZN1nTnpuopcGP
4LBvulgc2AS5MYLY2MSHsHKVjabhGzUUGXljtUZzxOmUw9e81j4+qjZbWKzQkGs/
hv2gq7uIM+rJ2Kobw+cJratA9V4NULUVz6yXgygOeTbQ8O/MzrYUNnjcX5knfd1e
+j54USKUR5r1RXFBpXH4nEziVaP99hb5V6VyUAcRYm4rq2lfM4rkfZp5Ix5N
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:23 2025 by rpki-client