Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ms1zpLIESGuUdzCNldyhCsWFnqg.roa
File: ms1zpLIESGuUdzCNldyhCsWFnqg.roa (raw, json)
Hash identifier: 2dZnSQiEU+K9lWTShBjWVeTw46tfCsSJcesJk99xHoE=
Subject key identifier: 9A:CD:73:A4:B2:04:48:6B:94:77:30:8D:95:DC:A1:0A:C5:85:9E:A8
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 018AD1CC2D6FA4F0094133DE442274637804
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ms1zpLIESGuUdzCNldyhCsWFnqg.roa
Signing time: Tue 26 Sep 2023 14:02:13 +0000
ROA not before: Tue 26 Sep 2023 14:02:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208308
IP address blocks: 77.223.200.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
79.139.64.0/23 maxlen: 24
158.247.56.0/22 maxlen: 24
198.14.16.0/20 maxlen: 24
77.223.192.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:cc:2d:6f:a4:f0:09:41:33:de:44:22:74:63:78:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Sep 26 14:02:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9acd73a4b204486b9477308d95dca10ac5859ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:02:c1:6d:2f:98:6b:d1:41:f5:2d:fe:2b:
90:0c:94:03:47:c0:92:1e:57:e7:0c:97:c4:a4:d0:
89:ca:b1:d5:ee:2d:2a:ba:56:a3:84:c2:a5:7e:78:
6c:6a:65:d0:81:87:18:f4:27:e8:33:5d:e0:3f:e6:
1a:0b:18:5e:8a:08:58:30:fc:63:12:59:a2:aa:d2:
e4:94:60:20:6b:b9:20:be:5a:e0:28:ad:8f:c7:0f:
3a:ee:ec:dc:61:3c:61:e6:48:73:51:61:6b:5d:bd:
47:68:8e:4a:95:ed:cd:9f:aa:b1:ff:12:c8:95:31:
40:8a:4b:81:a0:fb:33:4c:ed:72:25:39:4d:db:d6:
42:a9:91:f5:d5:4d:3f:ce:56:20:34:60:96:89:d9:
27:cc:80:49:d7:a6:88:53:e5:e6:ab:a3:a7:ad:b5:
a8:c0:1a:4f:ca:fd:c0:2c:7a:bc:e4:e9:76:02:49:
63:b3:25:5c:56:23:3b:38:03:86:95:88:50:6f:f0:
49:c5:5f:69:29:02:68:51:b0:1d:c8:88:c6:d8:5c:
ce:f4:0e:55:49:ae:db:85:0a:a6:25:3a:44:3c:8c:
bf:5a:a4:e3:d4:d4:12:8c:ba:62:51:4b:85:dd:49:
23:a6:33:ac:1c:a8:f0:f8:55:e5:1a:62:aa:a2:b4:
c8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CD:73:A4:B2:04:48:6B:94:77:30:8D:95:DC:A1:0A:C5:85:9E:A8
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/ms1zpLIESGuUdzCNldyhCsWFnqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
158.247.56.0/22
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
Signature Algorithm: sha256WithRSAEncryption
58:f8:c0:ce:af:8a:6d:cd:ea:6b:d0:71:f5:87:ba:0b:d4:27:
2f:4f:37:8b:e8:13:31:46:ab:17:aa:91:82:b7:dd:87:64:b8:
98:89:e1:cf:8d:9a:97:ff:4f:06:71:61:21:15:31:4e:67:0d:
cf:ea:9b:0d:2f:30:ba:5f:60:7f:96:75:4f:4d:ed:79:4f:b9:
bf:dd:00:f7:12:52:39:2e:22:f2:30:e6:a9:64:db:08:e9:26:
5e:52:b4:fc:fc:8f:14:15:84:8f:8b:3d:c6:28:af:8b:7b:67:
a1:7e:d5:ad:49:bf:41:1a:d5:86:cd:8d:f0:bf:d8:51:a0:db:
24:b6:3a:ac:a8:be:c7:57:d1:56:e3:12:81:72:43:ea:cc:00:
25:4e:87:87:7c:33:bc:e1:aa:25:59:a1:2f:23:ab:51:c0:6d:
5c:db:74:3f:e3:ec:b6:55:8a:a3:35:d0:f2:65:30:41:d5:da:
70:9a:9d:bc:8a:e2:05:e1:09:cb:14:d0:92:86:0c:66:eb:5a:
97:a8:4d:5e:42:c2:4a:e4:38:9b:a1:ca:40:22:31:36:19:df:
c0:6c:21:ed:87:ca:b3:9c:15:09:99:89:a8:0b:10:1b:f7:f1:
45:33:03:1f:e3:5d:eb:e0:78:bf:4a:27:6b:82:da:d2:f8:97:
40:a0:06:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYrRzC1vpPAJQTPeRCJ0Y3gEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwOTI2MTQwMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNkNzNhNGIyMDQ0ODZiOTQ3NzMwOGQ5NWRjYTEwYWM1ODU5ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCUCwW0vmGvRQfUt/iuQDJQDR8CS
HlfnDJfEpNCJyrHV7i0qulajhMKlfnhsamXQgYcY9CfoM13gP+YaCxheighYMPxj
ElmiqtLklGAga7kgvlrgKK2Pxw867uzcYTxh5khzUWFrXb1HaI5Kle3Nn6qx/xLI
lTFAikuBoPszTO1yJTlN29ZCqZH11U0/zlYgNGCWidknzIBJ16aIU+Xmq6OnrbWo
wBpPyv3ALHq85Ol2AkljsyVcViM7OAOGlYhQb/BJxV9pKQJoUbAdyIjG2FzO9A5V
Sa7bhQqmJTpEPIy/WqTj1NQSjLpiUUuF3UkjpjOsHKjw+FXlGmKqorTIJwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJrNc6SyBEhrlHcwjZXcoQrFhZ6oMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvbXMxenBMSUVTR3VVZHpDTmxkeWhDc1dGbnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAZN38AD
BAFN38gDBAFPi0ADBAKe9zgDBAKw3jADBAOy2LgDBATGDhAwDQYJKoZIhvcNAQEL
BQADggEBAFj4wM6vim3N6mvQcfWHugvUJy9PN4voEzFGqxeqkYK33YdkuJiJ4c+N
mpf/TwZxYSEVMU5nDc/qmw0vMLpfYH+WdU9N7XlPub/dAPcSUjkuIvIw5qlk2wjp
Jl5StPz8jxQVhI+LPcYor4t7Z6F+1a1Jv0Ea1YbNjfC/2FGg2yS2OqyovsdX0Vbj
EoFyQ+rMACVOh4d8M7zhqiVZoS8jq1HAbVzbdD/j7LZViqM10PJlMEHV2nCanbyK
4gXhCcsU0JKGDGbrWpeoTV5CwkrkOJuhykAiMTYZ38BsIe2HyrOcFQmZiagLEBv3
8UUzAx/jXevgeL9KJ2uC2tL4l0CgBvE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:36 2025 by rpki-client