Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/OS_CktR-hc4-NmLRLJBYinV6euI.roa
File: OS_CktR-hc4-NmLRLJBYinV6euI.roa (raw, json)
Hash identifier: 9QN9UeCEXOiGtg3kQ+agPvu30JRzcGfSpwpa4N4C9hs=
Subject key identifier: 39:2F:C2:92:D4:7E:85:CE:3E:36:62:D1:2C:90:58:8A:75:7A:7A:E2
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01942823CCFE40743B8662D0017BD3B66EC5
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/OS_CktR-hc4-NmLRLJBYinV6euI.roa
Signing time: Thu 02 Jan 2025 17:50:22 +0000
ROA not before: Thu 02 Jan 2025 17:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21502
IP address blocks: 77.128.0.0/13 maxlen: 24
77.136.0.0/16 maxlen: 24
77.140.0.0/14 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
79.80.0.0/12 maxlen: 24
81.64.0.0/14 maxlen: 24
81.185.0.0/16 maxlen: 24
84.4.0.0/14 maxlen: 24
85.168.0.0/14 maxlen: 24
87.231.0.0/16 maxlen: 24
88.140.0.0/15 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
89.157.88.0/21 maxlen: 21
89.157.96.0/19 maxlen: 19
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
109.0.0.0/11 maxlen: 24
195.132.0.0/16 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:cc:fe:40:74:3b:86:62:d0:01:7b:d3:b6:6e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 17:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=392fc292d47e85ce3e3662d12c90588a757a7ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:33:76:76:2f:08:5f:c9:8f:02:74:a2:4c:e9:
a3:1c:b9:b5:80:6c:90:a5:90:13:e0:ec:0e:66:82:
a5:32:3d:00:89:58:c1:4d:5a:83:bc:9a:ec:9d:06:
59:24:26:b6:9d:39:92:23:02:7b:2f:22:45:b7:26:
2f:49:6b:48:49:06:a0:62:c9:b7:3d:4b:4c:ce:c4:
ef:55:50:73:5b:54:88:53:e8:b7:46:ad:ed:d2:8d:
91:d1:6e:ff:45:ef:96:5c:f0:74:1f:19:21:18:48:
f6:cc:ce:0d:f0:3d:9d:98:cb:b4:27:fb:47:cc:62:
2a:90:63:a1:01:a7:16:d0:b8:b2:42:d3:9e:f5:cb:
cd:4d:9b:1e:20:d8:ff:8b:04:17:44:ec:90:c8:89:
50:52:3b:00:21:d8:a4:71:c5:67:99:a9:11:1b:11:
52:b9:9d:31:38:93:98:d4:2e:bf:aa:57:8b:5c:14:
2c:ce:12:1b:4b:c4:fe:a9:57:4d:90:97:c8:67:0f:
70:7c:a6:36:58:3e:a8:48:f2:cf:a8:f0:66:29:99:
2d:58:f8:92:26:93:14:b1:38:f0:ae:2e:d2:53:df:
cf:84:2d:b9:d2:73:09:b1:39:54:c0:61:47:59:cf:
23:00:1b:08:d0:b0:f1:fd:72:a3:30:45:1e:30:0a:
c9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2F:C2:92:D4:7E:85:CE:3E:36:62:D1:2C:90:58:8A:75:7A:7A:E2
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/OS_CktR-hc4-NmLRLJBYinV6euI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.128.0.0-77.136.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
79.80.0.0/12
81.64.0.0/14
81.185.0.0/16
84.4.0.0/14
85.168.0.0/14
87.231.0.0/16
88.140.0.0/15
89.2.0.0/15
89.156.0.0/14
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
195.132.0.0/16
213.223.0.0/16
213.245.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:96:d9:0e:8e:d3:23:04:07:45:40:86:12:9c:b8:88:cb:d4:
fb:d7:76:3c:c0:a3:ed:00:0c:59:f7:13:8c:ff:83:41:4d:01:
c0:9e:cf:1c:39:12:66:bc:20:3a:1f:2d:82:d4:28:03:9f:52:
19:c2:44:1c:a2:1d:a8:96:50:da:14:3d:3f:d5:5b:34:25:3e:
67:36:be:8b:9c:d6:da:cb:49:64:28:b3:e8:40:79:d5:bf:77:
98:f9:15:66:ce:d5:c9:fd:37:94:06:5f:e8:5f:2b:44:c2:03:
c4:66:bb:ef:a9:bb:e3:8e:0f:89:75:61:03:05:1c:e5:29:5b:
3a:8b:83:23:34:10:86:7c:f7:89:de:b3:51:c6:17:d1:9b:3a:
39:d5:cc:6f:09:fe:16:90:f1:82:79:ea:ed:12:35:1a:d4:34:
f5:26:76:a1:06:55:d9:cd:bf:b2:08:ea:02:34:a1:74:c5:83:
6e:67:f2:71:1a:ff:f2:b8:8d:89:b4:f6:7e:ab:b7:8e:f0:8c:
de:b5:8f:1b:3a:60:c7:3c:ab:7a:23:9e:ea:7e:07:4f:11:6e:
85:82:cd:31:89:28:79:1f:3c:e9:12:ca:08:b6:50:d0:af:61:
91:eb:02:e9:c7:89:77:f8:03:24:30:51:cf:40:e0:a9:f1:7e:
ee:7b:6b:08
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZQoI8z+QHQ7hmLQAXvTtm7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMTAyMTc1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTJmYzI5MmQ0N2U4NWNlM2UzNjYyZDEyYzkwNTg4YTc1N2E3YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDN2di8IX8mPAnSiTOmjHLm1gGyQ
pZAT4OwOZoKlMj0AiVjBTVqDvJrsnQZZJCa2nTmSIwJ7LyJFtyYvSWtISQagYsm3
PUtMzsTvVVBzW1SIU+i3Rq3t0o2R0W7/Re+WXPB0HxkhGEj2zM4N8D2dmMu0J/tH
zGIqkGOhAacW0LiyQtOe9cvNTZseINj/iwQXROyQyIlQUjsAIdikccVnmakRGxFS
uZ0xOJOY1C6/qleLXBQszhIbS8T+qVdNkJfIZw9wfKY2WD6oSPLPqPBmKZktWPiS
JpMUsTjwri7SU9/PhC250nMJsTlUwGFHWc8jABsI0LDx/XKjMEUeMArJcQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFDkvwpLUfoXOPjZi0SyQWIp1enriMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvT1NfQ2t0Ui1oYzQtTm1MUkxKQllpblY2ZXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbTAKAwMHTYAD
AwBNiDAKAwMCTYwDAwVNgAMDBE3AAwMETnADAwRPUAMDAlFAAwMAUbkDAwJUBAMD
AlWoAwMAV+cDAwFYjAMDAVkCAwMCWZwDAwNcWAMDBV0AAwMFbQADAwDDhAMDANXf
AwMA1fUwDQYJKoZIhvcNAQELBQADggEBACqW2Q6O0yMEB0VAhhKcuIjL1PvXdjzA
o+0ADFn3E4z/g0FNAcCezxw5Ema8IDofLYLUKAOfUhnCRByiHaiWUNoUPT/VWzQl
Pmc2vouc1trLSWQos+hAedW/d5j5FWbO1cn9N5QGX+hfK0TCA8Rmu++pu+OOD4l1
YQMFHOUpWzqLgyM0EIZ894nes1HGF9GbOjnVzG8J/haQ8YJ56u0SNRrUNPUmdqEG
VdnNv7II6gI0oXTFg25n8nEa//K4jYm09n6rt47wjN61jxs6YMc8q3ojnup+B08R
boWCzTGJKHkfPOkSygi2UNCvYZHrAunHiXf4AyQwUc9A4Knxfu57awg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:03:01 2025 by rpki-client