Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/pD97ZZ9tmWPtPrhT9Wn9xEClNO8.roa
File: pD97ZZ9tmWPtPrhT9Wn9xEClNO8.roa (raw, json)
Hash identifier: Q4J+oT98I0RjsBF31rDfygWe5SsYB7a1bM9y+LqbKhw=
Subject key identifier: A4:3F:7B:65:9F:6D:99:63:ED:3E:B8:53:F5:69:FD:C4:40:A5:34:EF
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01856ED4B8AD07BD6BAFF79C45DA8AB628D7
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/pD97ZZ9tmWPtPrhT9Wn9xEClNO8.roa
Signing time: Sun 01 Jan 2023 19:35:12 +0000
ROA not before: Sun 01 Jan 2023 19:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 193.31.126.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
77.83.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
77.83.27.0/24 maxlen: 24
77.83.26.0/24 maxlen: 24
77.83.25.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:b8:ad:07:bd:6b:af:f7:9c:45:da:8a:b6:28:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jan 1 19:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a43f7b659f6d9963ed3eb853f569fdc440a534ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d2:69:2e:61:a1:dd:c0:47:29:67:a5:2d:44:
dd:fb:74:5b:2c:09:32:7a:51:84:7a:99:65:14:ad:
3c:bd:46:d1:fd:60:3a:f8:92:57:b0:1d:8d:2a:03:
39:0f:4e:f3:30:d7:e7:a2:aa:93:05:3b:57:9b:a2:
ba:56:b1:1b:14:c5:d0:93:6e:bc:46:30:f1:99:ae:
0b:f4:79:e0:77:d5:6c:2c:66:7b:bd:7c:8e:dc:86:
09:6a:ec:c7:87:69:e2:79:00:67:dd:b7:1a:35:f1:
16:94:ff:4c:72:66:48:05:6b:17:9b:06:38:f0:83:
29:a2:a9:97:10:42:a7:00:4a:95:9a:43:f1:98:27:
d2:e5:0e:8b:d4:21:af:66:52:17:66:4c:fd:fe:1f:
d4:d7:84:be:e0:0b:83:e5:b6:42:fe:c9:fd:91:7b:
41:4f:6c:95:3b:05:2e:cd:50:6f:1b:31:f8:f8:c7:
f6:da:5e:a7:57:16:03:a3:17:19:fa:04:6d:1b:9b:
bc:90:6c:3f:fe:99:1a:55:91:6a:9f:cd:57:98:1f:
07:21:63:63:d3:ae:47:15:86:1a:55:23:e8:64:29:
26:48:f5:3c:cf:a3:cf:44:d4:ef:e2:3f:07:7e:12:
f5:1e:43:9a:32:61:3f:56:61:cd:4a:53:47:24:dc:
8e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3F:7B:65:9F:6D:99:63:ED:3E:B8:53:F5:69:FD:C4:40:A5:34:EF
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/pD97ZZ9tmWPtPrhT9Wn9xEClNO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.24.0/22
193.31.126.0/24
193.151.189.0-193.151.191.255
194.99.24.0/24
194.99.26.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:d6:d4:8c:87:4c:6e:e0:aa:1e:01:c5:08:14:42:24:6c:5e:
4c:8e:94:93:16:c2:69:01:89:6b:51:7e:e9:a1:d7:f0:53:20:
59:b3:e3:1e:29:f9:95:9b:5a:5e:50:d1:bb:13:f4:36:fb:9d:
2a:b0:72:70:29:27:c1:42:e1:a6:53:17:5f:0d:b6:e7:a1:d3:
0c:45:a2:f2:93:0e:f6:25:7b:30:49:a9:aa:73:fa:42:5d:86:
ac:4c:15:69:cd:d4:0d:6f:5f:b9:7a:de:f8:4e:ab:3c:19:5d:
87:0a:04:2e:8e:7f:09:63:55:12:02:e0:87:cd:a3:66:3e:37:
55:84:e0:40:2f:cf:8e:36:9e:f1:ad:1f:1d:69:4c:a5:42:af:
bb:17:22:e7:0b:1c:db:61:7c:11:70:e3:d3:14:6f:e4:f7:bf:
39:f3:44:6d:27:b9:44:0c:7d:0b:5a:97:c6:e9:ba:0f:a5:4a:
44:0b:bb:79:c5:7a:09:90:46:01:ba:96:4a:46:a6:ff:92:75:
64:94:92:a2:65:d8:44:3c:6c:e7:0e:d0:43:c8:fa:0a:c0:0a:
a8:51:57:69:80:d1:29:74:6e:ef:5b:96:71:3c:40:ec:72:c9:
ed:dd:46:0a:f0:24:5f:53:c0:5a:cc:ac:a7:5e:36:b4:65:3c:
1f:47:9e:57
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVu1LitB71rr/ecRdqKtijXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjMwMTAxMTkzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNmN2I2NTlmNmQ5OTYzZWQzZWI4NTNmNTY5ZmRjNDQwYTUzNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9JpLmGh3cBHKWelLUTd+3RbLAky
elGEepllFK08vUbR/WA6+JJXsB2NKgM5D07zMNfnoqqTBTtXm6K6VrEbFMXQk268
RjDxma4L9Hngd9VsLGZ7vXyO3IYJauzHh2nieQBn3bcaNfEWlP9McmZIBWsXmwY4
8IMpoqmXEEKnAEqVmkPxmCfS5Q6L1CGvZlIXZkz9/h/U14S+4AuD5bZC/sn9kXtB
T2yVOwUuzVBvGzH4+Mf22l6nVxYDoxcZ+gRtG5u8kGw//pkaVZFqn81XmB8HIWNj
065HFYYaVSPoZCkmSPU8z6PPRNTv4j8HfhL1HkOaMmE/VmHNSlNHJNyODwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKQ/e2WfbZlj7T64U/Vp/cRApTTvMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvcEQ5N1paOXRtV1B0UHJoVDlXbjl4RUNsTk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCTVMYAwQA
wR9+MAwDBADBl70DBAbBl4ADBADCYxgDBADCYxowDQYJKoZIhvcNAQELBQADggEB
AMfW1IyHTG7gqh4BxQgUQiRsXkyOlJMWwmkBiWtRfumh1/BTIFmz4x4p+ZWbWl5Q
0bsT9Db7nSqwcnApJ8FC4aZTF18Ntueh0wxFovKTDvYlezBJqapz+kJdhqxMFWnN
1A1vX7l63vhOqzwZXYcKBC6OfwljVRIC4IfNo2Y+N1WE4EAvz442nvGtHx1pTKVC
r7sXIucLHNthfBFw49MUb+T3vznzRG0nuUQMfQtal8bpug+lSkQLu3nFegmQRgG6
lkpGpv+SdWSUkqJl2EQ8bOcO0EPI+grACqhRV2mA0Sl0bu9blnE8QOxyye3dRgrw
JF9TwFrMrKdeNrRlPB9Hnlc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:19 2025 by rpki-client