Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/aCYiPqcD-WnSP7L9O0gp5dA-FXo.roa
File: aCYiPqcD-WnSP7L9O0gp5dA-FXo.roa (raw, json)
Hash identifier: rCMo24mJy4ur8K8wp4ESvRvw9IXLXpJEo7sjq6ovCqM=
Subject key identifier: 68:26:22:3E:A7:03:F9:69:D2:3F:B2:FD:3B:48:29:E5:D0:3E:15:7A
Certificate issuer: /CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Certificate serial: 09E40646
Authority key identifier: 77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/aCYiPqcD-WnSP7L9O0gp5dA-FXo.roa
Signing time: Sat 01 Jan 2022 04:56:12 +0000
ROA not before: Sat 01 Jan 2022 04:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57782
IP address blocks: 79.110.168.0/23 maxlen: 24
139.28.206.0/24 maxlen: 24
2a0d:9cc0::/29 maxlen: 48
2a0d:1a45::/32 maxlen: 48
2a06:1e83:caff::/48 maxlen: 48
2a0d:1a40::/29 maxlen: 48
2a06:1e85::/32 maxlen: 48
2a06:1e83:cafe::/48 maxlen: 48
2a0d:1a40:5500::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165938758 (0x9e40646)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Validity
Not Before: Jan 1 04:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6826223ea703f969d23fb2fd3b4829e5d03e157a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d6:9d:ec:97:30:09:38:74:78:db:35:d4:49:
29:c0:f6:b5:89:db:9a:07:47:69:08:e9:c5:ad:8f:
98:9a:18:ae:bf:6d:9f:fb:2c:7e:d1:3a:53:f8:05:
24:9f:00:57:62:9e:8d:f6:b8:72:07:33:f8:ef:98:
18:c3:b3:1f:3f:73:0b:86:5a:c4:d0:80:37:bf:9a:
1f:83:96:6c:2e:f4:ac:04:24:46:ce:26:33:2a:f7:
86:f2:3b:48:2a:31:49:f2:f5:c7:58:0b:0a:2a:aa:
97:e5:1b:e5:f8:ff:53:cb:ca:a6:15:55:20:35:1e:
2c:7c:66:af:9c:1d:24:78:51:b5:f1:cf:6b:1d:1f:
d4:a4:73:e2:f9:98:85:87:0c:33:e9:39:a0:80:b2:
63:ac:07:e0:7a:ea:7d:4d:88:c4:3f:aa:d3:2b:2c:
39:67:d4:59:7a:89:34:7b:60:16:41:3a:07:02:55:
08:17:98:38:d4:35:18:e7:f5:c3:3c:84:7c:19:29:
ba:26:e7:b3:f8:d8:ca:14:d7:17:b6:52:88:54:6d:
ef:be:5a:1c:c3:6b:f0:df:43:0d:f9:bb:24:03:36:
e7:0e:10:d9:cc:71:5a:5a:ba:25:e0:c4:67:59:5e:
02:6a:1a:cc:ad:e8:46:34:09:15:a7:82:ef:67:ae:
21:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:26:22:3E:A7:03:F9:69:D2:3F:B2:FD:3B:48:29:E5:D0:3E:15:7A
X509v3 Authority Key Identifier:
keyid:77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/aCYiPqcD-WnSP7L9O0gp5dA-FXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/d8jYu_BXl6daScXXD1lx7N7G3ZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/23
139.28.206.0/24
IPv6:
2a06:1e83:cafe::/47
2a06:1e85::/32
2a0d:1a40::/29
2a0d:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
50:28:00:0a:33:d3:1c:f8:06:4b:4b:bd:21:79:83:62:a3:48:
60:51:a1:25:c1:3e:4c:1b:07:09:d2:1e:a5:8b:e8:2f:a0:af:
ec:c3:2e:32:a9:e0:6f:f0:60:bf:df:ae:f6:9b:09:f5:30:19:
a0:09:a1:93:0b:5d:63:26:77:df:6b:0f:00:2b:cf:66:5b:a1:
6a:69:55:98:a3:dc:5b:56:d8:2f:73:1d:a6:ef:2f:fd:2c:eb:
78:3c:7f:67:fe:c5:63:4f:53:c2:07:89:7b:c3:86:f7:7f:93:
71:55:14:99:f5:b2:79:3e:42:ee:a5:49:81:ec:64:81:e6:e1:
62:98:32:2a:ae:0a:d0:b4:bd:9b:31:8c:7a:bc:e0:c7:fb:ab:
11:25:70:37:d2:65:3e:52:f5:c3:2c:85:aa:56:f7:7c:b0:14:
00:e3:d7:15:a5:81:7f:b0:e0:e3:54:87:fc:7a:a7:9b:09:f3:
e0:11:38:0d:2f:77:02:bc:81:13:2a:f1:36:36:68:56:21:af:
27:ef:5c:0a:0c:44:3d:b0:55:20:f8:dc:75:68:0d:b6:c9:b0:
58:e3:99:2d:01:b3:97:98:92:7b:5e:8a:34:9c:c0:05:28:9b:
35:d2:8d:f2:c9:89:61:4e:10:33:3a:82:a7:fe:1d:fe:3a:95:
a9:13:ee:33
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIECeQGRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2M4ZDhiYmYwNTc5N2E3NWE0OWM1ZDcwZjU5NzFlY2RlYzZkZDkzMB4XDTIyMDEw
MTA0NTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgyNjIyM2VhNzAz
Zjk2OWQyM2ZiMmZkM2I0ODI5ZTVkMDNlMTU3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvWneyXMAk4dHjbNdRJKcD2tYnbmgdHaQjpxa2PmJoYrr9t
n/ssftE6U/gFJJ8AV2Kejfa4cgcz+O+YGMOzHz9zC4ZaxNCAN7+aH4OWbC70rAQk
Rs4mMyr3hvI7SCoxSfL1x1gLCiqql+Ub5fj/U8vKphVVIDUeLHxmr5wdJHhRtfHP
ax0f1KRz4vmYhYcMM+k5oICyY6wH4HrqfU2IxD+q0yssOWfUWXqJNHtgFkE6BwJV
CBeYONQ1GOf1wzyEfBkpuibns/jYyhTXF7ZSiFRt775aHMNr8N9DDfm7JAM25w4Q
2cxxWlq6JeDEZ1leAmoazK3oRjQJFaeC72euIS0CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRoJiI+pwP5adI/sv07SCnl0D4VejAfBgNVHSMEGDAWgBR3yNi78FeXp1pJ
xdcPWXHs3sbdkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q4all1X0JYbDZkYVNjWFhEMWx4N043RzNaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvNDVhYmRlLTViNDQtNDcxYS05M2Q5LTUzNDVmN2U3NDA4My8x
L2FDWWlQcWNELVduU1A3TDlPMGdwNWRBLUZYby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
NDVhYmRlLTViNDQtNDcxYS05M2Q5LTUzNDVmN2U3NDA4My8xL2Q4all1X0JYbDZk
YVNjWFhEMWx4N043RzNaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowEgQCAAEwDAMEAU9uqAMEAIsczjAkBAIAAjAeAwcB
KgYeg8r+AwUAKgYehQMFAyoNGkADBQMqDZzAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
KAAKM9Mc+AZLS70heYNio0hgUaElwT5MGwcJ0h6li+gvoK/swy4yqeBv8GC/3672
mwn1MBmgCaGTC11jJnffaw8AK89mW6FqaVWYo9xbVtgvcx2m7y/9LOt4PH9n/sVj
T1PCB4l7w4b3f5NxVRSZ9bJ5PkLupUmB7GSB5uFimDIqrgrQtL2bMYx6vODH+6sR
JXA30mU+UvXDLIWqVvd8sBQA49cVpYF/sODjVIf8eqebCfPgETgNL3cCvIETKvE2
NmhWIa8n71wKDEQ9sFUg+Nx1aA22ybBY45ktAbOXmJJ7Xoo0nMAFKJs10o3yyYlh
ThAzOoKn/h3+OpWpE+4z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:52 2025 by rpki-client