Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/nqYwnImTJ0DJvE-1bzUEmkvdPZk.roa
File: nqYwnImTJ0DJvE-1bzUEmkvdPZk.roa (raw, json)
Hash identifier: q+JkDAgRhLOlQ5800QMGZxn6HkBZliLF59BtT7O2E1w=
Subject key identifier: 9E:A6:30:9C:89:93:27:40:C9:BC:4F:B5:6F:35:04:9A:4B:DD:3D:99
Certificate issuer: /CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Certificate serial: 018CC94E36A6682BB10A918D0326126E7F4F
Authority key identifier: A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/nqYwnImTJ0DJvE-1bzUEmkvdPZk.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2111
IP address blocks: 77.71.96.0/21 maxlen: 21
77.71.96.0/20 maxlen: 20
77.71.96.0/22 maxlen: 22
77.71.100.0/22 maxlen: 22
77.71.104.0/22 maxlen: 22
77.71.104.0/21 maxlen: 21
77.71.108.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:36:a6:68:2b:b1:0a:91:8d:03:26:12:6e:7f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ea6309c89932740c9bc4fb56f35049a4bdd3d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:07:65:e4:10:1b:06:b1:98:df:9c:47:1a:52:
44:83:57:3e:c9:89:c4:2a:ee:a6:47:d4:9f:8a:23:
18:03:e7:62:32:fc:f2:33:3f:ba:b7:46:9b:12:b3:
56:7d:cf:04:7f:5f:c6:1b:c8:7e:22:ff:ce:bb:4c:
ca:20:2d:9b:5b:62:69:81:3c:8b:7c:b0:02:ba:05:
22:d7:98:56:18:56:24:c2:b9:07:8d:bc:ac:a9:09:
2c:08:7e:11:68:ba:03:37:16:42:e2:4c:75:79:30:
c8:f5:72:e9:86:fb:a0:38:20:ed:f1:49:8e:79:8f:
5b:e3:7f:c1:91:da:fe:d7:3c:6d:b5:22:9d:86:09:
0e:9d:85:fc:22:7f:23:05:a2:f1:46:5b:39:32:6a:
f0:d4:cd:f7:10:82:d5:3b:b0:ce:8c:d5:75:f2:40:
6f:80:40:14:b1:b3:c4:6b:e3:d0:b8:ff:3a:e7:6f:
34:b3:f4:98:76:29:1f:05:c7:39:40:a8:07:92:2c:
ce:d9:b9:96:8f:2a:00:75:cf:ba:cb:89:93:55:b1:
5c:dc:0d:ac:5e:88:85:a2:7e:73:8c:7c:a9:87:c7:
a2:36:92:e9:41:ac:83:7f:89:41:fb:2d:5e:08:1a:
90:0e:69:e2:f4:c4:ff:f1:b6:17:04:85:a3:a3:dc:
f9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A6:30:9C:89:93:27:40:C9:BC:4F:B5:6F:35:04:9A:4B:DD:3D:99
X509v3 Authority Key Identifier:
keyid:A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/nqYwnImTJ0DJvE-1bzUEmkvdPZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.71.96.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:85:9d:34:63:c9:cb:53:1d:27:87:bc:f1:d6:7b:23:ec:ee:
f2:8e:72:dc:85:98:21:5e:ff:b8:0f:7d:ea:63:28:93:31:74:
22:dd:c7:22:80:b3:75:61:8b:52:9c:10:bf:e0:eb:d4:a4:01:
1d:d9:5c:a1:b9:38:58:f3:be:b6:6b:a9:5b:e8:7d:7f:3f:8b:
89:67:32:a3:05:8c:ac:9b:d4:9a:38:86:76:ef:ca:de:be:17:
69:aa:62:b3:1f:a6:f1:92:c7:2b:53:9e:45:99:41:65:76:d5:
9f:37:66:68:16:f2:34:1b:24:22:3c:39:70:10:95:6e:32:bc:
f1:3f:69:5d:85:51:56:94:c1:3b:98:65:d4:44:99:29:ec:de:
f5:44:85:94:18:b4:e0:15:9d:be:19:ab:4c:5a:25:2e:e7:03:
9a:0e:9d:57:53:49:1c:97:bb:f4:63:f8:b8:cf:6b:94:66:f6:
92:6c:af:72:bd:ce:7f:ac:61:fb:98:90:84:4e:2d:77:e5:31:
8b:42:1e:46:69:72:af:77:e6:66:c2:9a:ef:1e:5a:b3:24:dc:
6e:0b:e9:7b:b1:76:d9:e5:e7:3e:0e:ca:a6:39:9c:77:36:ed:
39:56:8b:ee:e9:88:f8:51:71:e2:de:ff:a2:ab:14:de:45:64:
7b:df:41:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTjamaCuxCpGNAyYSbn9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTAzYzc3OTJhODg0NzM0ZWNkMzRlYjQyYzdjNTA0OWYw
Yzc2OWUwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE2MzA5Yzg5OTMyNzQwYzliYzRmYjU2ZjM1MDQ5YTRiZGQzZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwdl5BAbBrGY35xHGlJEg1c+yYnE
Ku6mR9SfiiMYA+diMvzyMz+6t0abErNWfc8Ef1/GG8h+Iv/Ou0zKIC2bW2JpgTyL
fLACugUi15hWGFYkwrkHjbysqQksCH4RaLoDNxZC4kx1eTDI9XLphvugOCDt8UmO
eY9b43/Bkdr+1zxttSKdhgkOnYX8In8jBaLxRls5Mmrw1M33EILVO7DOjNV18kBv
gEAUsbPEa+PQuP865280s/SYdikfBcc5QKgHkizO2bmWjyoAdc+6y4mTVbFc3A2s
XoiFon5zjHyph8eiNpLpQayDf4lB+y1eCBqQDmni9MT/8bYXBIWjo9z5JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6mMJyJkydAybxPtW81BJpL3T2ZMB8GA1UdIwQY
MBaAFKDgPHeSqIRzTs0060LHxQSfDHaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09BOGQ1S29oSE5PelRUclFzZkZCSjhNZHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC80NDc5NjQtMDc2NS00YmNiLWE3NjAt
NzI0OGM4NWU1ZWI4LzEvbnFZd25JbVRKMERKdkUtMWJ6VUVta3ZkUFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC80NDc5NjQtMDc2NS00YmNiLWE3NjAtNzI0OGM4NWU1ZWI4
LzEvb09BOGQ1S29oSE5PelRUclFzZkZCSjhNZHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETUdgMA0G
CSqGSIb3DQEBCwUAA4IBAQB/hZ00Y8nLUx0nh7zx1nsj7O7yjnLchZghXv+4D33q
YyiTMXQi3ccigLN1YYtSnBC/4OvUpAEd2VyhuThY8762a6lb6H1/P4uJZzKjBYys
m9SaOIZ278revhdpqmKzH6bxkscrU55FmUFldtWfN2ZoFvI0GyQiPDlwEJVuMrzx
P2ldhVFWlME7mGXURJkp7N71RIWUGLTgFZ2+GatMWiUu5wOaDp1XU0kcl7v0Y/i4
z2uUZvaSbK9yvc5/rGH7mJCETi135TGLQh5GaXKvd+ZmwprvHlqzJNxuC+l7sXbZ
5ec+DsqmOZx3Nu05Vovu6Yj4UXHi3v+iqxTeRWR730Fa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:08 2025 by rpki-client