Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/YKpIbjQjCCsZqiHpkBH41dInsLA.roa
File: YKpIbjQjCCsZqiHpkBH41dInsLA.roa (raw, json)
Hash identifier: 90qNzwVdGwumShzZjUAaacAO5oHJIP5507f9Mtcj1Lg=
Subject key identifier: 60:AA:48:6E:34:23:08:2B:19:AA:21:E9:90:11:F8:D5:D2:27:B0:B0
Certificate issuer: /CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Certificate serial: 018E3366D756D5B653F66A5506434E127BF9
Authority key identifier: C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/YKpIbjQjCCsZqiHpkBH41dInsLA.roa
Signing time: Tue 12 Mar 2024 16:02:41 +0000
ROA not before: Tue 12 Mar 2024 16:02:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34569
IP address blocks: 77.78.0.0/18 maxlen: 24
77.78.20.0/23 maxlen: 24
77.78.38.0/24 maxlen: 24
77.78.56.0/22 maxlen: 24
77.78.60.0/22 maxlen: 24
109.120.192.0/18 maxlen: 24
109.120.213.0/24 maxlen: 24
109.120.215.0/24 maxlen: 24
109.120.218.0/23 maxlen: 24
109.120.220.0/23 maxlen: 24
109.120.222.0/23 maxlen: 24
109.120.224.0/22 maxlen: 24
109.120.228.0/23 maxlen: 24
109.120.230.0/23 maxlen: 24
109.120.232.0/23 maxlen: 24
109.120.238.0/23 maxlen: 24
109.120.240.0/23 maxlen: 24
109.120.242.0/23 maxlen: 24
109.120.244.0/22 maxlen: 24
109.120.248.0/22 maxlen: 24
109.120.252.0/23 maxlen: 24
185.211.200.0/23 maxlen: 24
212.25.32.0/19 maxlen: 24
212.25.58.0/24 maxlen: 24
212.25.62.0/24 maxlen: 24
2a13:86c0::/29 maxlen: 64
2a13:86c0::/40 maxlen: 40
2a13:86c1::/40 maxlen: 40
2a13:86c1:100::/40 maxlen: 40
2a13:86c1:200::/40 maxlen: 40
2a13:86c1:300::/40 maxlen: 40
2a13:86c1:400::/40 maxlen: 40
2a13:86c1:500::/40 maxlen: 40
2a13:86c1:600::/40 maxlen: 40
2a13:86c1:700::/40 maxlen: 40
2a13:86c1:800::/40 maxlen: 40
2a13:86c1:900::/40 maxlen: 40
2a13:86c1:a00::/40 maxlen: 40
2a13:86c1:b00::/40 maxlen: 40
2a13:86c1:c00::/40 maxlen: 40
2a13:86c1:d00::/40 maxlen: 40
2a13:86c1:e00::/40 maxlen: 40
2a13:86c1:f00::/40 maxlen: 40
2a13:86c1:1000::/40 maxlen: 40
2a13:86c2::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:66:d7:56:d5:b6:53:f6:6a:55:06:43:4e:12:7b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Validity
Not Before: Mar 12 16:02:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60aa486e3423082b19aa21e99011f8d5d227b0b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:95:09:ef:02:55:a6:0c:c0:df:e2:cf:4c:e8:
de:54:29:8a:26:17:f7:6b:83:5a:40:35:f5:82:a2:
83:de:84:10:a2:e0:07:df:04:dd:a3:d7:0f:2c:9b:
f5:40:9f:9e:60:f5:1b:d9:bb:90:eb:9d:21:92:41:
a2:ec:37:25:41:02:bb:e4:ae:8d:58:fb:27:a6:35:
f0:61:32:62:81:49:5c:13:cb:eb:01:a1:d5:60:54:
a9:fd:28:37:bf:2c:05:d2:8a:e9:af:c5:17:ab:5d:
62:a1:4b:67:3f:8d:76:fb:f0:bc:b8:0c:be:18:85:
6a:34:4d:7e:d7:ce:76:86:69:ec:38:cd:ed:54:d0:
a6:aa:d6:18:3a:90:c5:e3:62:b7:d3:84:a1:0e:44:
d5:6a:73:07:9f:84:16:18:8d:c6:4b:d6:02:fc:8d:
ec:cb:cc:66:fe:5f:23:b5:e9:36:aa:e3:17:7f:ec:
06:f2:72:90:72:82:1b:1a:ed:91:6a:54:5f:43:73:
f4:7c:89:34:72:73:66:79:9c:ab:82:4b:cd:1f:1e:
1d:77:61:d3:57:59:b5:e4:83:6e:57:31:89:cb:80:
a0:58:ea:18:39:fc:21:7d:4e:60:5d:f3:56:b8:74:
67:0e:23:c3:18:43:b3:82:a0:9e:32:09:3d:76:31:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AA:48:6E:34:23:08:2B:19:AA:21:E9:90:11:F8:D5:D2:27:B0:B0
X509v3 Authority Key Identifier:
keyid:C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/YKpIbjQjCCsZqiHpkBH41dInsLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.0.0/18
109.120.192.0/18
185.211.200.0/23
212.25.32.0/19
IPv6:
2a13:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:b2:42:e6:a7:da:c2:b2:e4:b0:b4:2d:3b:17:26:02:5e:89:
d5:35:b4:37:a0:ea:0c:05:e5:0a:45:27:3d:b8:8a:8a:d0:19:
15:6d:1e:6e:58:77:22:d5:6d:bf:e9:60:a8:e4:53:f1:2b:02:
4c:03:fb:9b:6c:3a:13:51:ab:76:3f:3f:b6:85:41:99:08:31:
1f:2f:2f:5f:6b:80:ac:b7:8b:42:83:4b:0b:17:59:53:7f:ba:
1d:7f:96:02:66:a1:b7:8a:43:9e:07:98:a2:fb:99:91:71:d0:
de:42:e8:a2:70:01:f9:a2:f0:5d:af:0c:fc:2b:0b:a3:ec:06:
33:5a:c7:2b:eb:84:0e:04:e8:a3:9e:3a:53:a8:bc:af:29:36:
42:d5:71:90:72:d0:97:81:89:74:20:8f:5e:66:0e:1a:bb:b8:
93:b4:33:d7:31:46:ac:dc:b6:e4:fc:a7:18:9c:b6:70:55:0e:
d6:15:34:78:7c:72:e0:42:d3:6f:68:e2:09:60:04:e8:90:d8:
1f:bb:a2:74:ad:ab:d3:83:68:53:ad:52:d2:7a:f6:ba:b6:b5:
ba:e6:a5:07:0a:dd:20:f9:08:fa:ae:6e:91:b8:70:04:e3:39:
80:12:5a:7d:88:ce:63:f9:a1:40:1d:c6:4f:00:78:39:d8:eb:
b8:31:4e:ab
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY4zZtdW1bZT9mpVBkNOEnv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGViN2VhMzUyMzhkMDI5OTdjNDJlYjU3NGEzOGEzMGU1
ZDAwZTcwHhcNMjQwMzEyMTYwMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGFhNDg2ZTM0MjMwODJiMTlhYTIxZTk5MDExZjhkNWQyMjdiMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZUJ7wJVpgzA3+LPTOjeVCmKJhf3
a4NaQDX1gqKD3oQQouAH3wTdo9cPLJv1QJ+eYPUb2buQ650hkkGi7DclQQK75K6N
WPsnpjXwYTJigUlcE8vrAaHVYFSp/Sg3vywF0orpr8UXq11ioUtnP412+/C8uAy+
GIVqNE1+1852hmnsOM3tVNCmqtYYOpDF42K304ShDkTVanMHn4QWGI3GS9YC/I3s
y8xm/l8jtek2quMXf+wG8nKQcoIbGu2RalRfQ3P0fIk0cnNmeZyrgkvNHx4dd2HT
V1m15INuVzGJy4CgWOoYOfwhfU5gXfNWuHRnDiPDGEOzgqCeMgk9djEnjwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGCqSG40IwgrGaoh6ZAR+NXSJ7CwMB8GA1UdIwQY
MBaAFMdOt+o1I40CmXxC61dKOKMOXQDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEt
MTU3ZTNjMTY5OTE4LzEvWUtwSWJqUWpDQ3NacWlIcGtCSDQxZEluc0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEtMTU3ZTNjMTY5OTE4
LzEveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTU4AAwQG
bXjAAwQBudPIAwQF1BkgMA0EAgACMAcDBQMqE4bAMA0GCSqGSIb3DQEBCwUAA4IB
AQAqskLmp9rCsuSwtC07FyYCXonVNbQ3oOoMBeUKRSc9uIqK0BkVbR5uWHci1W2/
6WCo5FPxKwJMA/ubbDoTUat2Pz+2hUGZCDEfLy9fa4Cst4tCg0sLF1lTf7odf5YC
ZqG3ikOeB5ii+5mRcdDeQuiicAH5ovBdrwz8Kwuj7AYzWscr64QOBOijnjpTqLyv
KTZC1XGQctCXgYl0II9eZg4au7iTtDPXMUas3Lbk/KcYnLZwVQ7WFTR4fHLgQtNv
aOIJYATokNgfu6J0ravTg2hTrVLSeva6trW65qUHCt0g+Qj6rm6RuHAE4zmAElp9
iM5j+aFAHcZPAHg52Ou4MU6r
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:51 2025 by rpki-client