Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/HZFkzzcaZETFpAbGIwGwgDmno3s.roa
File: HZFkzzcaZETFpAbGIwGwgDmno3s.roa (raw, json)
Hash identifier: +jVLCQlYL9nA2NZmJQOCYorDVusuR8l/so6wOsUTPQY=
Subject key identifier: 1D:91:64:CF:37:1A:64:44:C5:A4:06:C6:23:01:B0:80:39:A7:A3:7B
Certificate issuer: /CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Certificate serial: 030867CA
Authority key identifier: A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/HZFkzzcaZETFpAbGIwGwgDmno3s.roa
Signing time: Sat 01 Jan 2022 14:02:29 +0000
ROA not before: Sat 01 Jan 2022 14:02:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2111
IP address blocks: 77.71.96.0/21 maxlen: 21
77.71.96.0/20 maxlen: 20
77.71.96.0/22 maxlen: 22
77.71.100.0/22 maxlen: 22
77.71.104.0/22 maxlen: 22
77.71.104.0/21 maxlen: 21
77.71.108.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50882506 (0x30867ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Validity
Not Before: Jan 1 14:02:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d9164cf371a6444c5a406c62301b08039a7a37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f2:64:f9:36:a5:74:c9:25:78:24:c5:3c:81:
18:81:8d:d9:61:50:9a:85:8d:cc:f7:be:0c:7d:c1:
75:44:fe:04:8c:26:95:92:f8:98:69:1b:15:62:28:
1d:a1:32:fa:28:25:8d:66:ff:6b:06:44:af:b4:91:
1c:36:bc:c7:51:5a:ec:0a:fe:f2:8b:01:75:cb:73:
32:eb:96:4e:a7:ef:2b:04:fc:5a:e2:ed:56:47:cc:
6d:22:d8:37:b9:f3:48:0a:57:55:9f:6f:b2:52:89:
3a:a1:1c:89:4e:2b:88:1a:0f:04:2e:06:21:95:19:
13:6b:e3:e5:97:23:dd:7f:89:05:44:c8:47:02:be:
8f:30:0e:e0:3d:f9:c4:cd:3d:ca:c1:ec:e7:63:0d:
a2:be:ac:7c:c1:dd:70:d7:8d:ea:ea:11:25:28:bd:
5d:17:e2:90:9e:d5:c0:c2:f2:e1:30:f1:6f:4d:d9:
e1:0e:8e:a6:31:3d:f2:37:76:46:26:24:e8:f1:00:
dc:ae:1b:95:5c:38:e6:82:d0:33:0e:ff:33:f0:66:
4d:50:14:87:76:7c:4c:c5:6b:47:45:84:6e:5b:1d:
0f:c1:54:08:71:f6:7c:a9:2b:3d:93:ad:f6:02:c3:
98:2b:0d:d0:26:29:ea:2a:23:9b:12:2c:79:fa:80:
4d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:91:64:CF:37:1A:64:44:C5:A4:06:C6:23:01:B0:80:39:A7:A3:7B
X509v3 Authority Key Identifier:
keyid:A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/HZFkzzcaZETFpAbGIwGwgDmno3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.71.96.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:38:69:8d:55:0d:24:d2:93:72:80:2a:d9:6e:72:cc:83:f9:
a1:e6:10:cd:dc:d6:8c:7f:a3:94:fa:84:4f:02:ab:e4:d8:f8:
c8:64:a2:ca:29:8f:b1:36:11:a5:80:b1:7f:db:5b:5f:18:1e:
a6:44:eb:78:b0:8b:12:a2:9f:9b:23:c3:8d:fc:f5:53:46:a7:
3d:32:1a:2d:02:ab:15:f6:89:1e:62:fe:3f:93:21:74:36:12:
f6:0c:a6:aa:b2:35:f6:b1:03:26:d3:b9:52:78:41:8a:ef:de:
19:af:9c:cf:17:88:06:2a:60:65:48:0f:0c:f4:f6:de:a5:9d:
71:03:37:ff:bf:b7:6c:b5:4d:a2:37:f8:a6:39:52:b7:a5:c2:
81:49:aa:87:95:00:9d:81:c3:07:83:c4:8d:b8:7b:61:e5:1c:
87:1c:6a:12:f0:2b:3f:d9:4b:d2:a5:4f:8c:86:80:64:25:b8:
2a:7a:6a:42:c7:81:a3:40:89:de:18:c0:7b:83:63:aa:8a:05:
c0:1c:f0:51:6a:67:4e:f7:a2:cd:49:ba:0b:e7:48:0e:69:3b:
93:5e:5e:11:8b:81:df:0f:a3:d0:9e:8e:0c:af:3c:1d:ad:ab:
c0:a8:8e:10:67:1d:8a:97:44:fd:6b:41:8e:fc:7e:d3:11:34:
2e:e4:a5:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwhnyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGUwM2M3NzkyYTg4NDczNGVjZDM0ZWI0MmM3YzUwNDlmMGM3NjllMB4XDTIyMDEw
MTE0MDIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ5MTY0Y2YzNzFh
NjQ0NGM1YTQwNmM2MjMwMWIwODAzOWE3YTM3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPyZPk2pXTJJXgkxTyBGIGN2WFQmoWNzPe+DH3BdUT+BIwm
lZL4mGkbFWIoHaEy+igljWb/awZEr7SRHDa8x1Fa7Ar+8osBdctzMuuWTqfvKwT8
WuLtVkfMbSLYN7nzSApXVZ9vslKJOqEciU4riBoPBC4GIZUZE2vj5Zcj3X+JBUTI
RwK+jzAO4D35xM09ysHs52MNor6sfMHdcNeN6uoRJSi9XRfikJ7VwMLy4TDxb03Z
4Q6OpjE98jd2RiYk6PEA3K4blVw45oLQMw7/M/BmTVAUh3Z8TMVrR0WEblsdD8FU
CHH2fKkrPZOt9gLDmCsN0CYp6iojmxIsefqATRkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdkWTPNxpkRMWkBsYjAbCAOaejezAfBgNVHSMEGDAWgBSg4Dx3kqiEc07N
NOtCx8UEnwx2njAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29PQThkNUtvaEhOT3pUVHJRc2ZGQko4TWRwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvNDQ3OTY0LTA3NjUtNGJjYi1hNzYwLTcyNDhjODVlNWViOC8x
L0haRmt6emNhWkVURnBBYkdJd0d3Z0Rtbm8zcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
NDQ3OTY0LTA3NjUtNGJjYi1hNzYwLTcyNDhjODVlNWViOC8xL29PQThkNUtvaEhO
T3pUVHJRc2ZGQko4TWRwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE1HYDANBgkqhkiG9w0BAQsFAAOC
AQEAbDhpjVUNJNKTcoAq2W5yzIP5oeYQzdzWjH+jlPqETwKr5Nj4yGSiyimPsTYR
pYCxf9tbXxgepkTreLCLEqKfmyPDjfz1U0anPTIaLQKrFfaJHmL+P5MhdDYS9gym
qrI19rEDJtO5UnhBiu/eGa+czxeIBipgZUgPDPT23qWdcQM3/7+3bLVNojf4pjlS
t6XCgUmqh5UAnYHDB4PEjbh7YeUchxxqEvArP9lL0qVPjIaAZCW4KnpqQseBo0CJ
3hjAe4NjqooFwBzwUWpnTveizUm6C+dIDmk7k15eEYuB3w+j0J6ODK88Ha2rwKiO
EGcdipdE/WtBjvx+0xE0LuSlTw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:12:55 2025 by rpki-client