Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/8i2B4haLNH0oH229wUfF3xAVnNI.roa
File: 8i2B4haLNH0oH229wUfF3xAVnNI.roa (raw, json)
Hash identifier: 0iZZs2a/Gfqv479nXOrBWnc1afZDgGjx/wdjQvPpSmE=
Subject key identifier: F2:2D:81:E2:16:8B:34:7D:28:1F:6D:BD:C1:47:C5:DF:10:15:9C:D2
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01909D2DAD47503E865A8909E9E9DAE67869
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/8i2B4haLNH0oH229wUfF3xAVnNI.roa
Signing time: Wed 10 Jul 2024 15:05:34 +0000
ROA not before: Wed 10 Jul 2024 15:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21502
IP address blocks: 77.128.0.0/13 maxlen: 24
77.136.0.0/16 maxlen: 24
77.140.0.0/14 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
79.80.0.0/12 maxlen: 24
81.64.0.0/14 maxlen: 24
81.185.0.0/16 maxlen: 24
84.4.0.0/14 maxlen: 24
85.168.0.0/14 maxlen: 24
87.231.0.0/16 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
89.157.88.0/21 maxlen: 21
89.157.96.0/19 maxlen: 19
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
109.0.0.0/11 maxlen: 24
195.132.0.0/16 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:2d:ad:47:50:3e:86:5a:89:09:e9:e9:da:e6:78:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 10 15:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f22d81e2168b347d281f6dbdc147c5df10159cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4a:5e:09:6c:af:1d:dc:34:a4:ee:35:7e:d1:
6c:90:3a:df:ee:f2:5f:de:01:17:e3:d0:65:43:9f:
cd:80:50:4f:ca:f3:dd:60:56:b0:ad:09:d5:69:24:
09:cf:5a:1b:df:05:c7:24:97:92:c0:83:50:56:aa:
3b:08:3c:ed:14:66:45:d8:16:54:90:dc:76:f7:44:
22:f8:e7:1f:8e:a1:b1:e3:34:02:85:29:be:bc:38:
da:ed:49:71:cb:15:fd:b1:91:5f:6b:ec:ed:4e:ca:
59:4c:69:07:56:ba:e4:c5:e9:56:a8:a3:fd:64:34:
6e:89:62:25:3e:1c:df:8f:2d:af:d9:e7:f1:88:af:
4f:f0:80:34:8f:64:b3:21:3c:d2:ef:98:8b:80:f1:
03:82:e7:34:d7:82:22:bd:40:e0:97:7c:3a:22:f8:
15:73:be:f1:dd:0b:d4:e3:ca:a3:b0:2e:28:a1:8e:
34:df:b1:41:f6:c0:e2:b6:43:a2:e7:32:2d:fb:24:
46:8a:d6:17:d3:ed:11:50:8a:55:24:e1:12:8d:7c:
f3:1c:82:d2:36:0e:67:6f:66:ce:b9:6a:64:92:5d:
70:16:7b:41:df:94:3b:ac:55:fd:90:13:04:dc:95:
e1:af:17:20:42:b9:df:94:a6:f3:9b:14:ac:bc:f4:
1c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2D:81:E2:16:8B:34:7D:28:1F:6D:BD:C1:47:C5:DF:10:15:9C:D2
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/8i2B4haLNH0oH229wUfF3xAVnNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.128.0.0-77.136.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
79.80.0.0/12
81.64.0.0/14
81.185.0.0/16
84.4.0.0/14
85.168.0.0/14
87.231.0.0/16
88.140.0.0/15
89.2.0.0/15
89.156.0.0/14
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
195.132.0.0/16
213.223.0.0/16
213.245.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:97:e8:d4:80:b2:85:d1:a8:20:1e:c7:02:74:da:18:0e:02:
6d:9f:b7:b2:75:b8:15:60:dc:f2:d2:7d:3e:4a:93:20:6b:74:
eb:0b:0a:96:4c:c6:4f:38:3e:61:ac:8d:93:2f:45:4b:e8:33:
b0:c0:db:0e:54:18:04:4e:b7:7f:fa:61:3a:13:69:26:d3:f0:
92:1f:f2:7e:b2:7a:68:32:d9:45:b1:5a:87:58:5c:b1:f1:a7:
01:53:e0:1f:12:68:83:3a:a0:1e:62:23:ca:19:68:47:50:4b:
38:ca:2d:be:72:51:3f:cf:01:79:16:f5:62:eb:c2:bb:9c:e6:
2e:46:53:98:c5:ac:8d:fa:83:f2:09:7c:09:32:da:e7:3d:8d:
9c:eb:48:03:67:97:f4:99:21:50:81:d5:a4:bb:7a:73:12:73:
a4:77:95:7a:24:c3:8e:17:e1:92:23:56:ea:73:9f:e5:a8:8c:
a3:7d:3c:9e:ef:88:2f:28:d1:2f:26:ab:4f:93:0a:08:7f:dd:
43:9a:d3:93:74:25:12:35:4a:18:24:73:5c:ef:b3:42:c1:77:
fd:c4:ae:03:44:41:c7:32:16:92:bd:63:62:cc:cd:d0:b8:cd:
b6:9f:a9:f7:36:ae:02:9f:02:b5:0d:68:97:33:3e:35:6f:fb:
37:86:d2:c1
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZCdLa1HUD6GWokJ6ena5nhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwNzEwMTUwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJkODFlMjE2OGIzNDdkMjgxZjZkYmRjMTQ3YzVkZjEwMTU5Y2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkpeCWyvHdw0pO41ftFskDrf7vJf
3gEX49BlQ5/NgFBPyvPdYFawrQnVaSQJz1ob3wXHJJeSwINQVqo7CDztFGZF2BZU
kNx290Qi+OcfjqGx4zQChSm+vDja7UlxyxX9sZFfa+ztTspZTGkHVrrkxelWqKP9
ZDRuiWIlPhzfjy2v2efxiK9P8IA0j2SzITzS75iLgPEDguc014IivUDgl3w6IvgV
c77x3QvU48qjsC4ooY4037FB9sDitkOi5zIt+yRGitYX0+0RUIpVJOESjXzzHILS
Ng5nb2bOuWpkkl1wFntB35Q7rFX9kBME3JXhrxcgQrnflKbzmxSsvPQcMQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFPItgeIWizR9KB9tvcFHxd8QFZzSMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvOGkyQjRoYUxOSDBvSDIyOXdVZkYzeEFWbk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbTAKAwMHTYAD
AwBNiDAKAwMCTYwDAwVNgAMDBE3AAwMETnADAwRPUAMDAlFAAwMAUbkDAwJUBAMD
AlWoAwMAV+cDAwFYjAMDAVkCAwMCWZwDAwNcWAMDBV0AAwMFbQADAwDDhAMDANXf
AwMA1fUwDQYJKoZIhvcNAQELBQADggEBAHuX6NSAsoXRqCAexwJ02hgOAm2ft7J1
uBVg3PLSfT5KkyBrdOsLCpZMxk84PmGsjZMvRUvoM7DA2w5UGAROt3/6YToTaSbT
8JIf8n6yemgy2UWxWodYXLHxpwFT4B8SaIM6oB5iI8oZaEdQSzjKLb5yUT/PAXkW
9WLrwruc5i5GU5jFrI36g/IJfAky2uc9jZzrSANnl/SZIVCB1aS7enMSc6R3lXok
w44X4ZIjVupzn+WojKN9PJ7viC8o0S8mq0+TCgh/3UOa05N0JRI1Shgkc1zvs0LB
d/3ErgNEQccyFpK9Y2LMzdC4zbafqfc2rgKfArUNaJczPjVv+zeG0sE=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:54:54 2025 by rpki-client