Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/XSAXdHxPJCrEMYJMOrM8bzjju74.roa
File: XSAXdHxPJCrEMYJMOrM8bzjju74.roa (raw, json)
Hash identifier: TG8DJJK6QRnrdvYzGqOaUfD1i5yBSBdJxeXqwXWAidw=
Subject key identifier: 5D:20:17:74:7C:4F:24:2A:C4:31:82:4C:3A:B3:3C:6F:38:E3:BB:BE
Certificate issuer: /CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Certificate serial: 018570705B6478DFC59CCA8FC899FC013DC9
Authority key identifier: C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/XSAXdHxPJCrEMYJMOrM8bzjju74.roa
Signing time: Mon 02 Jan 2023 03:04:49 +0000
ROA not before: Mon 02 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62336
IP address blocks: 93.127.224.0/19 maxlen: 19
77.37.98.0/23 maxlen: 23
77.37.100.0/22 maxlen: 22
185.171.76.0/23 maxlen: 23
93.127.128.0/19 maxlen: 19
185.171.78.0/23 maxlen: 23
77.37.106.0/23 maxlen: 23
77.37.108.0/22 maxlen: 22
93.127.240.0/20 maxlen: 20
77.37.4.0/23 maxlen: 23
93.127.248.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:5b:64:78:df:c5:9c:ca:8f:c8:99:fc:01:3d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Validity
Not Before: Jan 2 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d2017747c4f242ac431824c3ab33c6f38e3bbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cb:95:08:4e:6c:ed:1c:1a:63:ec:87:f6:8a:
4e:59:92:f8:c4:e4:eb:4b:2c:6d:c9:c9:3e:e2:54:
c2:c1:4b:58:cc:92:f9:eb:33:7b:2e:50:9c:3e:f9:
d4:5a:0f:de:12:1f:b5:5d:61:38:bd:79:3b:bd:67:
97:58:78:e9:ce:2c:a0:9b:c9:1d:b7:c5:85:20:38:
41:f5:bf:1a:20:80:10:80:c6:08:0d:96:bb:bc:31:
c9:e5:fe:e6:81:07:da:d0:71:f9:9a:ee:9c:5b:a3:
2e:0e:d3:52:74:c1:25:55:15:97:c1:51:d8:dd:8b:
ea:7d:b8:5e:e4:56:6c:7b:22:e0:7f:33:31:05:45:
5b:e1:70:8a:d2:52:36:72:d3:b6:54:49:db:6b:0c:
f1:51:ce:e2:54:e6:09:19:cd:40:44:fe:b1:8e:0d:
bf:ba:a4:a0:34:37:d7:48:b4:44:6d:9c:0a:81:f4:
e0:68:b4:44:ae:1f:93:41:fe:47:dd:75:34:24:28:
aa:84:51:97:ba:1e:6f:94:01:34:5b:dd:b4:b7:66:
c5:24:65:04:77:26:46:65:ab:4a:5a:15:35:01:53:
20:b3:ac:05:1d:88:8d:f3:79:e9:5f:c8:6a:69:8c:
f0:41:cb:09:45:a6:c3:ab:3f:51:92:52:99:2a:63:
3d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:20:17:74:7C:4F:24:2A:C4:31:82:4C:3A:B3:3C:6F:38:E3:BB:BE
X509v3 Authority Key Identifier:
keyid:C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/XSAXdHxPJCrEMYJMOrM8bzjju74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/wI1zXzRsT8QqR5LOM4CKIhCoK7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.4.0/23
77.37.98.0-77.37.103.255
77.37.106.0-77.37.111.255
93.127.128.0/19
93.127.224.0/19
185.171.76.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ab:ec:b8:4a:b5:51:1c:3a:ed:e3:af:79:c7:91:48:79:37:
73:f9:35:f1:f8:52:82:c8:05:90:e1:d6:10:ca:9c:92:60:c3:
09:4d:3a:55:35:96:98:c1:a7:19:73:ef:5c:00:c8:68:b4:49:
4a:99:33:64:54:67:6c:d2:39:24:09:29:5b:0d:ce:34:5f:4f:
74:59:19:f4:bf:9f:e1:05:31:91:23:e1:e8:52:3b:2f:2e:b2:
60:f8:38:71:4a:ee:bd:2e:ec:89:37:16:78:03:5a:0d:2a:a4:
fe:94:4d:c2:15:6e:3b:68:bb:7b:49:d7:fa:81:8b:d3:11:a4:
39:6a:08:73:de:87:dd:23:00:97:50:c6:14:32:ec:a2:66:2a:
96:3a:4d:e4:b2:5c:6e:50:a1:b7:cc:b8:1c:c1:c7:86:e4:55:
4f:25:3d:24:07:27:b1:f7:d9:41:90:d9:93:5a:41:23:e8:fc:
bf:ee:34:5a:4e:29:27:0b:fd:a2:9c:97:82:bc:d6:fc:08:33:
97:84:3c:91:f3:ea:eb:67:f3:d1:f0:b1:f1:b0:d7:5e:3b:7d:
5c:10:dc:80:97:19:dd:25:00:17:2f:85:07:44:ec:f3:50:cc:
74:a0:cf:fb:13:b3:84:8c:9e:4c:52:81:e4:1c:cc:41:9c:87:
e1:eb:a4:73
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVwcFtkeN/FnMqPyJn8AT3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOGQ3MzVmMzQ2YzRmYzQyYTQ3OTJjZTMzODA4YTIyMTBh
ODJiYjUwHhcNMjMwMTAyMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIwMTc3NDdjNGYyNDJhYzQzMTgyNGMzYWIzM2M2ZjM4ZTNiYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsuVCE5s7RwaY+yH9opOWZL4xOTr
Syxtyck+4lTCwUtYzJL56zN7LlCcPvnUWg/eEh+1XWE4vXk7vWeXWHjpziygm8kd
t8WFIDhB9b8aIIAQgMYIDZa7vDHJ5f7mgQfa0HH5mu6cW6MuDtNSdMElVRWXwVHY
3Yvqfbhe5FZseyLgfzMxBUVb4XCK0lI2ctO2VEnbawzxUc7iVOYJGc1ARP6xjg2/
uqSgNDfXSLREbZwKgfTgaLRErh+TQf5H3XU0JCiqhFGXuh5vlAE0W920t2bFJGUE
dyZGZatKWhU1AVMgs6wFHYiN83npX8hqaYzwQcsJRabDqz9RklKZKmM9cQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFF0gF3R8TyQqxDGCTDqzPG8447u+MB8GA1UdIwQY
MBaAFMCNc180bE/EKkeSzjOAiiIQqCu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUt
YzNmMjU3ZWIyMGNjLzEvWFNBWGRIeFBKQ3JFTVlKTU9yTThiempqdTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUtYzNmMjU3ZWIyMGNj
LzEvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQBTSUEMAwD
BAFNJWIDBANNJWAwDAMEAU0lagMEBE0lYAMEBV1/gAMEBV1/4AMEArmrTDANBgkq
hkiG9w0BAQsFAAOCAQEANqvsuEq1URw67eOveceRSHk3c/k18fhSgsgFkOHWEMqc
kmDDCU06VTWWmMGnGXPvXADIaLRJSpkzZFRnbNI5JAkpWw3ONF9PdFkZ9L+f4QUx
kSPh6FI7Ly6yYPg4cUruvS7siTcWeANaDSqk/pRNwhVuO2i7e0nX+oGL0xGkOWoI
c96H3SMAl1DGFDLsomYqljpN5LJcblCht8y4HMHHhuRVTyU9JAcnsffZQZDZk1pB
I+j8v+40Wk4pJwv9opyXgrzW/Agzl4Q8kfPq62fz0fCx8bDXXjt9XBDcgJcZ3SUA
Fy+FB0Ts81DMdKDP+xOzhIyeTFKB5BzMQZyH4eukcw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:39:24 2025 by rpki-client