Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/f8wMF_0nYOjBC4T-3T9maTV9XOg.roa
File: f8wMF_0nYOjBC4T-3T9maTV9XOg.roa (raw, json)
Hash identifier: HH9Xx2RMXttctrpMSPb7lv2kW9EcD2NdHUms9yLQH2E=
Subject key identifier: 7F:CC:0C:17:FD:27:60:E8:C1:0B:84:FE:DD:3F:66:69:35:7D:5C:E8
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01952B3623A6FBC9D96EFCD24B1E1291BE89
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/f8wMF_0nYOjBC4T-3T9maTV9XOg.roa
Signing time: Sat 22 Feb 2025 01:12:03 +0000
ROA not before: Sat 22 Feb 2025 01:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50495
IP address blocks: 77.83.232.0/22 maxlen: 22
91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
2a06:ef40::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2b:36:23:a6:fb:c9:d9:6e:fc:d2:4b:1e:12:91:be:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Feb 22 01:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fcc0c17fd2760e8c10b84fedd3f6669357d5ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2e:37:35:1f:b0:ec:84:66:c3:d4:d1:1f:28:
5e:66:7c:0f:fd:ee:e9:db:86:22:cb:28:bf:e2:c5:
a6:66:6c:22:c2:cb:0f:29:db:fd:a1:7a:ba:03:c8:
30:57:c0:bd:f5:b2:61:91:44:d5:e5:9c:6e:62:89:
32:3d:d7:6f:47:39:42:6e:f3:35:43:77:50:84:2f:
12:57:5f:0d:82:3c:0f:8b:d1:64:c5:78:2c:5f:39:
6b:a4:2d:00:8e:76:67:29:7b:23:4b:84:b0:ed:9a:
a4:ee:75:97:6f:f6:51:cb:9b:9e:5c:7a:53:5e:aa:
00:46:b6:3e:53:8c:5a:a6:02:3f:0c:91:3c:35:20:
4e:6f:64:2a:b6:28:0d:6c:d4:28:07:ba:f2:8e:be:
27:fd:8e:e5:73:af:a9:13:b9:7f:52:8b:db:b3:60:
50:91:9f:c8:cb:e7:92:90:6c:e8:c9:6a:a8:d5:d8:
d4:f9:b0:dc:aa:fe:28:bb:23:8a:aa:c8:7a:60:a6:
38:06:a9:8d:03:12:8a:e8:6a:c3:36:15:6c:3b:d2:
8e:7c:fe:47:8c:f2:f2:99:2b:bd:d6:17:6e:65:c1:
12:a5:09:06:ec:e2:c0:8f:2d:30:9c:56:d1:42:c1:
94:f9:0c:f6:cc:03:18:2a:bb:0c:11:7e:8a:d9:16:
2b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CC:0C:17:FD:27:60:E8:C1:0B:84:FE:DD:3F:66:69:35:7D:5C:E8
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/f8wMF_0nYOjBC4T-3T9maTV9XOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
194.39.32.0/22
IPv6:
2a06:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
14:dc:cd:7c:39:13:9a:c7:a9:57:18:b3:6c:e0:cc:3d:e5:58:
f1:89:1a:6c:b4:29:42:8b:f2:e1:8c:cd:75:32:13:a1:6a:35:
f1:f8:d8:c3:9d:93:04:9c:f0:06:9d:67:ee:58:5b:2e:d5:fd:
75:73:bf:29:d4:97:25:10:a9:43:b2:02:2c:87:4b:e8:80:d6:
23:2b:b5:3b:a2:e4:57:39:6b:01:bb:ca:cf:76:88:d1:33:19:
13:61:29:1f:92:21:a0:c0:b9:17:35:86:4e:3e:10:ba:2b:8f:
4f:3b:04:e2:d4:c2:8d:4c:4d:f7:14:c1:7d:5a:0c:02:18:2a:
2c:2f:5a:e3:0e:75:97:7c:70:63:c1:c4:5a:fa:81:59:20:45:
5d:dd:b3:6a:11:c4:c5:26:24:27:5e:23:27:04:c6:b4:21:20:
5c:fb:03:dd:3b:03:ed:15:fb:0d:ff:e4:82:de:72:6a:ff:0c:
b4:8b:b9:6e:eb:56:6b:5d:d3:5c:82:23:a9:eb:e3:2c:e5:58:
6e:b0:d6:90:9a:c6:6b:42:c0:9d:8f:b1:c4:79:49:0b:d6:6b:
ec:60:5b:ab:5c:22:c1:c2:5f:c5:f7:e9:12:f9:18:6f:be:f9:
2d:fb:f5:c9:5b:30:8c:84:b1:ff:d0:e9:c1:a7:96:82:fc:81:
07:ec:67:cd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZUrNiOm+8nZbvzSSx4Skb6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMjIyMDExMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNjMGMxN2ZkMjc2MGU4YzEwYjg0ZmVkZDNmNjY2OTM1N2Q1Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS43NR+w7IRmw9TRHyheZnwP/e7p
24Yiyyi/4sWmZmwiwssPKdv9oXq6A8gwV8C99bJhkUTV5ZxuYokyPddvRzlCbvM1
Q3dQhC8SV18NgjwPi9FkxXgsXzlrpC0AjnZnKXsjS4Sw7Zqk7nWXb/ZRy5ueXHpT
XqoARrY+U4xapgI/DJE8NSBOb2QqtigNbNQoB7ryjr4n/Y7lc6+pE7l/Uovbs2BQ
kZ/Iy+eSkGzoyWqo1djU+bDcqv4ouyOKqsh6YKY4BqmNAxKK6GrDNhVsO9KOfP5H
jPLymSu91hduZcESpQkG7OLAjy0wnFbRQsGU+Qz2zAMYKrsMEX6K2RYrwQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH/MDBf9J2DowQuE/t0/Zmk1fVzoMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvZjh3TUZfMG5ZT2pCQzRULTNUOW1hVFY5WE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCTVPoAwQA
W99jAwQAW99mAwQAW99+AwQCwicgMA0EAgACMAcDBQAqBu9AMA0GCSqGSIb3DQEB
CwUAA4IBAQAU3M18OROax6lXGLNs4Mw95VjxiRpstClCi/LhjM11MhOhajXx+NjD
nZMEnPAGnWfuWFsu1f11c78p1JclEKlDsgIsh0vogNYjK7U7ouRXOWsBu8rPdojR
MxkTYSkfkiGgwLkXNYZOPhC6K49POwTi1MKNTE33FMF9WgwCGCosL1rjDnWXfHBj
wcRa+oFZIEVd3bNqEcTFJiQnXiMnBMa0ISBc+wPdOwPtFfsN/+SC3nJq/wy0i7lu
61ZrXdNcgiOp6+Ms5VhusNaQmsZrQsCdj7HEeUkL1mvsYFurXCLBwl/F9+kS+Rhv
vvkt+/XJWzCMhLH/0OnBp5aC/IEH7GfN
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:28:16 2025 by rpki-client