Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nn93OFWtfubMtz2so94tZQYyV9Q.roa
File: nn93OFWtfubMtz2so94tZQYyV9Q.roa (raw, json)
Hash identifier: ryCv+BVGPyrBBUnc8NU4gNuubsglsBAmkzfEB0FQy3c=
Subject key identifier: 9E:7F:77:38:55:AD:7E:E6:CC:B7:3D:AC:A3:DE:2D:65:06:32:57:D4
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64BB50DDC7B109CAE24E4C4E3D4ECE
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nn93OFWtfubMtz2so94tZQYyV9Q.roa
Signing time: Thu 09 Jan 2025 09:28:23 +0000
ROA not before: Thu 09 Jan 2025 09:28:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200628
IP address blocks: 77.76.2.0/24 maxlen: 24
78.142.25.0/24 maxlen: 24
78.142.61.0/24 maxlen: 24
82.118.225.0/24 maxlen: 24
83.222.184.0/24 maxlen: 24
91.191.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:bb:50:dd:c7:b1:09:ca:e2:4e:4c:4e:3d:4e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e7f773855ad7ee6ccb73daca3de2d65063257d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:49:8d:ae:7f:b6:82:aa:cb:f1:9a:bd:89:
07:a9:a1:f5:09:ae:09:a1:48:74:88:98:51:0f:25:
eb:21:69:f0:76:18:f3:18:2b:29:5a:00:b2:62:d1:
69:c1:f4:23:2d:44:69:4b:2d:ad:cb:e4:c8:9e:f6:
45:c2:14:4c:18:9e:54:9c:80:d1:f1:c0:8c:ce:04:
d3:84:93:f8:64:b6:f1:6d:ea:0c:96:cb:b7:0b:ea:
b8:d3:22:71:ff:d5:b4:c3:e8:32:32:ce:72:a5:44:
7b:7b:49:28:24:4a:11:fd:6a:2c:56:9e:67:cf:b9:
27:68:07:0f:a8:d3:fe:a6:f0:7b:09:ec:80:d7:22:
dd:fc:05:b1:2d:10:21:c6:0f:47:b5:b7:23:5c:09:
8f:4b:6a:a8:87:27:86:97:f2:42:01:b1:1c:49:af:
8b:83:8f:5d:3c:4c:ba:a3:a0:e9:24:5b:eb:a9:e7:
d3:4b:05:d7:5e:b3:4a:08:91:b4:1e:f8:e5:70:02:
0b:ef:85:4f:83:1c:12:15:33:ce:40:20:4f:0b:3e:
54:36:20:81:86:a1:54:fe:e1:c3:ca:fd:3c:11:b9:
31:bd:f2:3a:98:32:be:b7:48:41:98:c4:a3:ef:6e:
a7:d3:88:bc:9f:c2:aa:b1:72:dc:07:36:c6:7f:af:
8b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7F:77:38:55:AD:7E:E6:CC:B7:3D:AC:A3:DE:2D:65:06:32:57:D4
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nn93OFWtfubMtz2so94tZQYyV9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.2.0/24
78.142.25.0/24
78.142.61.0/24
82.118.225.0/24
83.222.184.0/24
91.191.215.0/24
Signature Algorithm: sha256WithRSAEncryption
88:61:72:d5:62:78:c1:54:b5:ce:17:f8:1c:03:65:b0:27:1c:
41:f7:2c:c1:cc:16:fd:10:8b:d5:db:aa:17:21:3e:cf:08:5a:
97:b3:9d:4e:7f:cf:21:02:32:bb:39:d6:d5:94:14:ef:45:15:
25:94:59:d5:ca:b1:87:75:43:3d:46:29:b7:35:3e:67:1c:6f:
54:a1:44:9a:c6:f0:9c:3d:46:b9:74:74:8b:8e:17:99:62:b0:
d8:f8:f8:98:5b:d1:b0:fd:bb:bb:f4:38:f3:73:c1:db:3e:fc:
cf:cd:46:f0:ee:9a:dd:03:4e:68:8d:f7:b2:72:02:04:c5:fe:
97:95:91:20:c6:7d:ef:22:ed:da:41:88:05:21:8f:a4:96:73:
36:6d:84:31:92:9e:45:77:03:93:ba:15:27:80:e2:ac:49:c3:
d7:38:0f:e0:b3:85:d6:f2:54:1a:41:06:59:7e:71:33:f0:3f:
c9:33:44:8f:e6:b9:12:d2:d2:30:08:61:89:c8:55:4c:0c:fa:
f0:6e:4f:e0:cd:85:d6:92:7e:a5:e0:e9:ba:55:fa:f3:31:73:
bc:76:43:76:9e:92:3c:50:3a:d8:1b:f6:3b:e8:52:36:ca:dc:
d0:c0:6c:60:6c:ec:e6:ee:c6:db:03:95:df:17:fd:de:a1:bd:
76:33:13:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRKZLtQ3cexCcriTkxOPU7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTdmNzczODU1YWQ3ZWU2Y2NiNzNkYWNhM2RlMmQ2NTA2MzI1N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta1Jja5/toKqy/GavYkHqaH1Ca4J
oUh0iJhRDyXrIWnwdhjzGCspWgCyYtFpwfQjLURpSy2ty+TInvZFwhRMGJ5UnIDR
8cCMzgTThJP4ZLbxbeoMlsu3C+q40yJx/9W0w+gyMs5ypUR7e0koJEoR/WosVp5n
z7knaAcPqNP+pvB7CeyA1yLd/AWxLRAhxg9HtbcjXAmPS2qohyeGl/JCAbEcSa+L
g49dPEy6o6DpJFvrqefTSwXXXrNKCJG0HvjlcAIL74VPgxwSFTPOQCBPCz5UNiCB
hqFU/uHDyv08EbkxvfI6mDK+t0hBmMSj726n04i8n8KqsXLcBzbGf6+LZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ5/dzhVrX7mzLc9rKPeLWUGMlfUMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvbm45M09GV3RmdWJNdHoyc285NHRaUVl5VjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATUwCAwQA
To4ZAwQATo49AwQAUnbhAwQAU964AwQAW7/XMA0GCSqGSIb3DQEBCwUAA4IBAQCI
YXLVYnjBVLXOF/gcA2WwJxxB9yzBzBb9EIvV26oXIT7PCFqXs51Of88hAjK7OdbV
lBTvRRUllFnVyrGHdUM9Rim3NT5nHG9UoUSaxvCcPUa5dHSLjheZYrDY+PiYW9Gw
/bu79Djzc8HbPvzPzUbw7prdA05ojfeycgIExf6XlZEgxn3vIu3aQYgFIY+klnM2
bYQxkp5FdwOTuhUngOKsScPXOA/gs4XW8lQaQQZZfnEz8D/JM0SP5rkS0tIwCGGJ
yFVMDPrwbk/gzYXWkn6l4Om6VfrzMXO8dkN2npI8UDrYG/Y76FI2ytzQwGxgbOzm
7sbbA5XfF/3eob12MxP4
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:47 2025 by rpki-client