Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/1-2txKQvQAmnMHkdVw9vV7ZSoHKI.roa
File: 1-2txKQvQAmnMHkdVw9vV7ZSoHKI.roa (raw, json)
Hash identifier: VjnYrxok/7JgVmSo8eFTewxal2pHMO/Fu+jc6lRaqog=
Subject key identifier: FB:6B:71:29:0B:D0:02:69:CC:1E:47:55:C3:DB:D5:ED:94:A8:1C:A2
Certificate issuer: /CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Certificate serial: 01856D4AD7E9046083E658BEA1685A527484
Authority key identifier: 77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/1-2txKQvQAmnMHkdVw9vV7ZSoHKI.roa
Signing time: Sun 01 Jan 2023 12:24:59 +0000
ROA not before: Sun 01 Jan 2023 12:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57782
IP address blocks: 79.110.168.0/23 maxlen: 24
139.28.206.0/24 maxlen: 24
2a0d:9cc0::/29 maxlen: 48
2a0d:1a45::/32 maxlen: 48
2a06:1e83:caff::/48 maxlen: 48
2a0d:1a40::/29 maxlen: 48
2a06:1e85::/32 maxlen: 48
2a06:1e83:cafe::/48 maxlen: 48
2a0d:1a40:5500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:d7:e9:04:60:83:e6:58:be:a1:68:5a:52:74:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Validity
Not Before: Jan 1 12:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb6b71290bd00269cc1e4755c3dbd5ed94a81ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dc:49:be:ea:97:98:54:58:9c:31:37:87:8c:
1a:3d:2d:fe:e9:70:63:f9:06:0b:db:7b:76:e9:e1:
4a:39:1f:92:ad:f2:a5:05:87:f3:e6:bd:e5:b4:73:
d9:84:19:fb:c7:15:d2:99:4b:98:ac:12:76:bd:b7:
75:5b:c8:92:d3:8d:60:f3:34:63:2d:f1:68:6d:b2:
7c:34:3f:0b:8e:a7:19:6a:ce:02:a6:f0:0c:bc:5c:
eb:db:86:5a:2d:42:ea:fc:4a:95:a1:80:69:f3:f5:
67:f0:22:09:90:f1:ed:16:df:23:87:bf:c4:3a:5e:
b3:b0:9a:0c:05:7c:a7:4b:b7:06:f7:09:da:c4:e5:
a8:8f:e8:c9:c5:2e:17:d5:91:cd:2d:c3:56:70:27:
12:29:de:af:a6:17:ed:a7:ed:af:c8:5b:8c:dd:33:
e6:a9:1d:92:ac:c3:42:af:e0:ac:6d:a4:25:df:38:
6a:d9:de:28:45:d6:0f:86:15:22:b4:93:e1:f9:01:
16:c0:74:d6:5b:a6:bf:92:45:68:e0:d1:7c:9f:cf:
68:1c:5d:d4:51:c8:07:be:2f:fc:0e:bd:68:27:f8:
1c:82:f6:7e:4d:42:fd:e7:65:e0:4f:95:3a:01:4c:
a8:7b:86:b8:71:fa:e0:0c:ed:10:22:7b:a4:46:e4:
49:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6B:71:29:0B:D0:02:69:CC:1E:47:55:C3:DB:D5:ED:94:A8:1C:A2
X509v3 Authority Key Identifier:
keyid:77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/1-2txKQvQAmnMHkdVw9vV7ZSoHKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/d8jYu_BXl6daScXXD1lx7N7G3ZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/23
139.28.206.0/24
IPv6:
2a06:1e83:cafe::/47
2a06:1e85::/32
2a0d:1a40::/29
2a0d:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:fb:13:82:4b:29:90:ab:d0:59:23:66:05:5f:54:ac:f4:a7:
e4:7a:82:00:20:41:15:59:9d:d9:45:e1:d7:3a:aa:69:f5:0a:
8d:9a:14:02:88:59:ed:e5:f5:0e:c3:36:54:e0:a6:9c:01:8f:
2c:b2:b8:84:e8:d6:5a:ee:6d:c0:a6:d5:04:10:91:6c:a9:04:
b9:da:9b:b4:ae:16:77:d1:77:2b:42:ad:24:1f:48:e4:79:bd:
32:82:3f:92:90:4a:50:60:90:d3:66:c6:8f:bb:ae:2a:55:18:
80:c5:3c:2a:93:87:61:d6:2e:5c:1d:00:70:22:7a:56:81:8a:
8f:e4:70:b1:c8:90:36:cc:96:0e:0b:be:90:b2:38:c1:09:0b:
9f:32:7d:ad:17:00:8c:59:db:f6:e9:79:99:9d:cf:1a:de:7f:
a0:8c:f9:04:04:0a:89:bd:84:51:a9:ed:4b:81:df:7d:5b:5d:
14:87:42:e3:bc:4f:09:89:3b:6c:86:d6:ce:3c:e0:b4:db:be:
42:00:b7:e8:a9:fb:c8:e1:63:c6:10:4b:e5:49:4e:11:c9:7e:
51:e0:49:cb:8a:cc:8c:13:17:07:28:e8:79:65:8d:c4:72:e6:
f0:48:c5:c1:8a:94:55:88:ed:92:3d:73:7a:90:a4:59:93:64:
4b:88:96:9b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtStfpBGCD5li+oWhaUnSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzhkOGJiZjA1Nzk3YTc1YTQ5YzVkNzBmNTk3MWVjZGVj
NmRkOTMwHhcNMjMwMTAxMTIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZiNzEyOTBiZDAwMjY5Y2MxZTQ3NTVjM2RiZDVlZDk0YTgxY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdxJvuqXmFRYnDE3h4waPS3+6XBj
+QYL23t26eFKOR+SrfKlBYfz5r3ltHPZhBn7xxXSmUuYrBJ2vbd1W8iS041g8zRj
LfFobbJ8ND8LjqcZas4CpvAMvFzr24ZaLULq/EqVoYBp8/Vn8CIJkPHtFt8jh7/E
Ol6zsJoMBXynS7cG9wnaxOWoj+jJxS4X1ZHNLcNWcCcSKd6vphftp+2vyFuM3TPm
qR2SrMNCr+CsbaQl3zhq2d4oRdYPhhUitJPh+QEWwHTWW6a/kkVo4NF8n89oHF3U
UcgHvi/8Dr1oJ/gcgvZ+TUL952XgT5U6AUyoe4a4cfrgDO0QInukRuRJ6QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPtrcSkL0AJpzB5HVcPb1e2UqByiMB8GA1UdIwQY
MBaAFHfI2LvwV5enWknF1w9Zcezext2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhqWXVfQlhsNmRhU2NYWEQxbHg3TjdHM1pNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC80NWFiZGUtNWI0NC00NzFhLTkzZDkt
NTM0NWY3ZTc0MDgzLzEvMS0ydHhLUXZRQW1uTUhrZFZ3OXZWN1pTb0hLSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTQvNDVhYmRlLTViNDQtNDcxYS05M2Q5LTUzNDVmN2U3NDA4
My8xL2Q4all1X0JYbDZkYVNjWFhEMWx4N043RzNaTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowEgQCAAEwDAMEAU9uqAME
AIsczjAkBAIAAjAeAwcBKgYeg8r+AwUAKgYehQMFAyoNGkADBQMqDZzAMA0GCSqG
SIb3DQEBCwUAA4IBAQAc+xOCSymQq9BZI2YFX1Ss9KfkeoIAIEEVWZ3ZReHXOqpp
9QqNmhQCiFnt5fUOwzZU4KacAY8ssriE6NZa7m3AptUEEJFsqQS52pu0rhZ30Xcr
Qq0kH0jkeb0ygj+SkEpQYJDTZsaPu64qVRiAxTwqk4dh1i5cHQBwInpWgYqP5HCx
yJA2zJYOC76QsjjBCQufMn2tFwCMWdv26XmZnc8a3n+gjPkEBAqJvYRRqe1Lgd99
W10Uh0LjvE8JiTtshtbOPOC0275CALfoqfvI4WPGEEvlSU4RyX5R4EnLisyMExcH
KOh5ZY3EcubwSMXBipRViO2SPXN6kKRZk2RLiJab
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:34 2025 by rpki-client