Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/98uXaQIuzqnfEE6iblkIgSrdMB4.roa
File: 98uXaQIuzqnfEE6iblkIgSrdMB4.roa (raw, json)
Hash identifier: woUhq1tnUE8S3PAAMq4QxiDYV33yrx/dnH/BzoQnxr0=
Subject key identifier: F7:CB:97:69:02:2E:CE:A9:DF:10:4E:A2:6E:59:08:81:2A:DD:30:1E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0195A865F86BE72AF2516BDEBAD0E7EC1E2E
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/98uXaQIuzqnfEE6iblkIgSrdMB4.roa
Signing time: Tue 18 Mar 2025 08:36:49 +0000
ROA not before: Tue 18 Mar 2025 08:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39838
IP address blocks: 77.247.120.0/22 maxlen: 22
89.42.112.0/23 maxlen: 23
89.45.208.0/23 maxlen: 23
141.136.56.0/21 maxlen: 21
217.26.188.0/22 maxlen: 22
217.76.247.0/24 maxlen: 24
2a0a:e9c3::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:65:f8:6b:e7:2a:f2:51:6b:de:ba:d0:e7:ec:1e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 18 08:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7cb9769022ecea9df104ea26e5908812add301e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:67:88:67:0d:2e:90:0c:9a:86:1b:d3:3e:bc:
1d:da:15:8b:68:63:b1:d1:70:24:c5:b5:2e:5b:02:
be:f4:35:b6:25:b0:89:d1:0b:80:0f:bf:c6:90:88:
a9:91:58:99:4b:59:f4:5e:51:67:b5:4b:87:78:6c:
28:eb:4d:dc:6a:72:6a:4c:ff:4b:0d:9e:8a:ce:0a:
60:44:5c:4b:b6:03:aa:b5:d2:ff:72:dd:bb:41:ef:
6f:55:49:b3:48:cb:5a:fb:ba:f4:2e:0b:1b:16:3e:
7d:ec:18:34:e4:a5:0f:59:e2:3c:91:0d:44:3b:ad:
53:56:90:3d:37:b2:6c:3c:47:09:75:30:2b:ca:87:
68:af:64:18:6f:30:23:d7:6b:8f:74:ab:c6:6d:0e:
2c:a2:87:e4:50:ff:41:b9:d5:63:30:64:7e:38:68:
dc:4a:37:2f:d4:42:27:27:b0:25:5e:39:e6:3b:39:
bb:67:59:92:f7:8d:7e:6e:29:dc:2b:a6:9a:ac:22:
1c:e8:d0:c0:4b:b4:57:ce:4f:a3:20:09:fb:5c:ce:
c2:d5:a0:43:83:7a:97:a9:74:1e:e3:f5:29:89:19:
9e:81:80:44:9e:8d:d8:39:88:58:f0:81:dd:fd:fd:
66:d9:90:3f:bf:7f:c0:95:fc:d9:fd:a1:6b:b7:42:
50:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CB:97:69:02:2E:CE:A9:DF:10:4E:A2:6E:59:08:81:2A:DD:30:1E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/98uXaQIuzqnfEE6iblkIgSrdMB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.120.0/22
89.42.112.0/23
89.45.208.0/23
141.136.56.0/21
217.26.188.0/22
217.76.247.0/24
IPv6:
2a0a:e9c3::/32
Signature Algorithm: sha256WithRSAEncryption
6a:07:22:44:b9:cc:a4:47:a7:74:58:9b:f6:b1:31:de:2e:47:
bb:1c:f0:b1:82:3e:38:d3:85:3b:0b:ae:0a:e0:df:e0:25:4b:
f9:f2:bf:31:34:9d:95:df:c5:77:b7:c2:15:0b:78:8e:8c:a9:
c7:13:49:6b:2b:42:79:f8:8a:e0:c7:b4:93:6c:2e:57:df:ec:
39:ea:6c:43:8c:fc:ed:8e:1f:f2:3e:4e:82:e4:04:5b:75:87:
46:f8:6b:59:6d:5a:fe:74:87:dc:20:1e:1a:76:d8:56:3a:31:
45:57:ea:15:40:9d:2b:5a:57:f3:a7:5f:73:ab:25:50:9f:45:
34:f4:b7:47:85:6c:4d:a2:44:e8:c8:7b:70:80:73:5d:db:b1:
67:33:89:d4:78:e0:1c:60:d5:da:95:7e:d5:5b:90:6d:42:69:
20:5e:bd:10:16:da:82:b6:0c:39:5b:a9:dd:98:7f:11:d1:6f:
88:70:e8:46:c9:16:2b:09:b6:c0:50:f2:76:3a:42:f4:89:b4:
e7:7d:e4:f7:91:b5:65:4f:c2:8c:97:5a:23:58:9f:57:86:c0:
8e:73:57:6a:31:fa:4a:8f:45:f6:53:fb:e5:92:f6:a1:10:e8:
5f:00:47:dc:b7:d1:fc:1d:04:e5:30:5d:43:b4:f5:54:80:02:
54:46:5b:9e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZWoZfhr5yryUWveutDn7B4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzE4MDgzNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2NiOTc2OTAyMmVjZWE5ZGYxMDRlYTI2ZTU5MDg4MTJhZGQzMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWeIZw0ukAyahhvTPrwd2hWLaGOx
0XAkxbUuWwK+9DW2JbCJ0QuAD7/GkIipkViZS1n0XlFntUuHeGwo603canJqTP9L
DZ6KzgpgRFxLtgOqtdL/ct27Qe9vVUmzSMta+7r0LgsbFj597Bg05KUPWeI8kQ1E
O61TVpA9N7JsPEcJdTAryodor2QYbzAj12uPdKvGbQ4soofkUP9BudVjMGR+OGjc
Sjcv1EInJ7AlXjnmOzm7Z1mS941+bincK6aarCIc6NDAS7RXzk+jIAn7XM7C1aBD
g3qXqXQe4/UpiRmegYBEno3YOYhY8IHd/f1m2ZA/v3/AlfzZ/aFrt0JQvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPfLl2kCLs6p3xBOom5ZCIEq3TAeMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOTh1WGFRSXV6cW5mRUU2aWJsa0lnU3JkTUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCTfd4AwQB
WSpwAwQBWS3QAwQDjYg4AwQC2Rq8AwQA2Uz3MA0EAgACMAcDBQAqCunDMA0GCSqG
SIb3DQEBCwUAA4IBAQBqByJEucykR6d0WJv2sTHeLke7HPCxgj4404U7C64K4N/g
JUv58r8xNJ2V38V3t8IVC3iOjKnHE0lrK0J5+Irgx7STbC5X3+w56mxDjPztjh/y
Pk6C5ARbdYdG+GtZbVr+dIfcIB4adthWOjFFV+oVQJ0rWlfzp19zqyVQn0U09LdH
hWxNokToyHtwgHNd27FnM4nUeOAcYNXalX7VW5BtQmkgXr0QFtqCtgw5W6ndmH8R
0W+IcOhGyRYrCbbAUPJ2OkL0ibTnfeT3kbVlT8KMl1ojWJ9XhsCOc1dqMfpKj0X2
U/vlkvahEOhfAEfct9H8HQTlMF1DtPVUgAJURlue
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:42:05 2025 by rpki-client