Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/sonKZ6RLZeWxN59PkZsMbIW_dgQ.roa
File: sonKZ6RLZeWxN59PkZsMbIW_dgQ.roa (raw, json)
Hash identifier: U+YmmIIsbPg2a19Hq1tCZyulxVqTtZ1DrsXtoHgjVqg=
Subject key identifier: B2:89:CA:67:A4:4B:65:E5:B1:37:9F:4F:91:9B:0C:6C:85:BF:76:04
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 019425FD8108DE1F1188B42F8D70FDBC2577
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/sonKZ6RLZeWxN59PkZsMbIW_dgQ.roa
Signing time: Thu 02 Jan 2025 07:49:18 +0000
ROA not before: Thu 02 Jan 2025 07:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25233
IP address blocks: 77.64.0.0/17 maxlen: 17
77.64.40.0/24 maxlen: 24
78.93.0.0/16 maxlen: 16
78.93.28.0/24 maxlen: 24
78.93.45.0/24 maxlen: 24
78.93.50.0/24 maxlen: 24
78.93.92.0/22 maxlen: 22
78.93.96.0/22 maxlen: 22
78.93.107.0/24 maxlen: 24
78.93.108.0/24 maxlen: 24
78.93.109.0/24 maxlen: 24
78.93.144.0/24 maxlen: 24
78.93.145.0/24 maxlen: 24
78.93.146.0/24 maxlen: 24
78.93.147.0/24 maxlen: 24
78.93.148.0/24 maxlen: 24
78.93.149.0/24 maxlen: 24
78.93.150.0/24 maxlen: 24
78.93.151.0/24 maxlen: 24
78.93.152.0/24 maxlen: 24
78.93.153.0/24 maxlen: 24
78.93.154.0/24 maxlen: 24
78.93.155.0/24 maxlen: 24
78.93.156.0/24 maxlen: 24
78.93.157.0/24 maxlen: 24
78.93.158.0/24 maxlen: 24
78.93.159.0/24 maxlen: 24
78.93.160.0/24 maxlen: 24
78.93.161.0/24 maxlen: 24
84.22.224.0/19 maxlen: 19
84.22.231.0/24 maxlen: 24
84.22.234.0/24 maxlen: 24
84.22.238.0/24 maxlen: 24
84.22.241.0/24 maxlen: 24
84.22.254.0/24 maxlen: 24
86.60.64.0/18 maxlen: 18
86.60.101.0/24 maxlen: 24
86.60.107.0/24 maxlen: 24
86.60.109.0/24 maxlen: 24
86.60.112.0/21 maxlen: 21
86.60.126.0/24 maxlen: 24
212.93.192.0/19 maxlen: 19
212.93.196.0/24 maxlen: 24
212.100.192.0/19 maxlen: 19
212.100.210.0/24 maxlen: 24
212.100.218.0/24 maxlen: 24
212.116.192.0/19 maxlen: 19
213.184.160.0/19 maxlen: 19
2a02:df0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:81:08:de:1f:11:88:b4:2f:8d:70:fd:bc:25:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Jan 2 07:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b289ca67a44b65e5b1379f4f919b0c6c85bf7604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:23:f7:d0:64:ae:e9:f3:97:14:fa:0e:e1:
86:25:70:bf:eb:57:a1:fb:0b:b1:7b:23:a5:78:e6:
9b:06:ae:40:05:83:0f:40:fe:cd:95:61:d0:dd:ef:
ac:99:fb:70:ec:10:d9:cf:5c:dc:d9:f8:37:e7:72:
c5:8b:f3:00:3e:bf:5d:e9:07:c2:5c:9d:96:07:68:
7e:e4:23:47:cd:23:d0:4f:71:fd:6a:39:0c:13:82:
79:59:3a:f8:51:54:10:bf:98:25:32:b9:03:99:4f:
d3:22:36:b3:e5:5a:05:00:c5:ce:54:d9:27:00:ec:
2f:99:7b:86:5f:83:58:38:40:70:65:f5:54:00:97:
5f:70:6e:ac:f5:2c:88:2d:f6:2a:41:3d:e6:a0:a8:
1c:53:ea:2d:68:57:0c:b4:62:b5:10:fd:f4:cf:0e:
cd:57:d2:06:d1:00:93:fa:9b:f7:7a:95:73:3e:4f:
7d:0c:f9:b3:2a:87:70:5a:d9:1a:e9:03:43:af:f7:
81:ca:e1:08:79:28:be:ff:38:22:86:6e:6c:9a:ed:
bd:3b:37:c6:2f:f7:26:44:1c:59:8c:48:2c:cd:9d:
52:1e:95:6a:a7:f6:91:41:40:8b:fa:bb:ea:83:2d:
2a:d5:92:04:75:8b:e1:9b:ad:74:ab:46:35:b3:c2:
b6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:CA:67:A4:4B:65:E5:B1:37:9F:4F:91:9B:0C:6C:85:BF:76:04
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/sonKZ6RLZeWxN59PkZsMbIW_dgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.0.0/17
78.93.0.0/16
84.22.224.0/19
86.60.64.0/18
212.93.192.0/19
212.100.192.0/19
212.116.192.0/19
213.184.160.0/19
IPv6:
2a02:df0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:c8:eb:6c:ab:6c:6c:72:4e:d4:9c:81:4f:81:be:2a:c1:13:
28:ce:9f:c2:bb:a2:30:74:e6:8a:c7:5e:b9:e7:87:15:72:c5:
14:74:ab:e3:fc:5f:77:3f:a8:00:d6:b1:fc:9a:e2:61:8e:db:
0d:b3:a5:10:40:44:19:aa:9d:ea:42:83:25:d5:af:80:61:fb:
6e:46:53:d6:5c:da:ae:fa:14:ad:78:db:c7:9c:27:aa:4d:11:
66:8f:89:8f:4c:28:90:57:99:c6:40:68:b6:b2:e2:96:b4:17:
9c:2e:d9:4b:cc:d6:fd:dc:c5:69:0e:f1:8c:fa:79:b4:e3:e7:
2a:a5:2c:dc:7c:bc:cb:b8:e0:94:89:02:9a:f7:0e:0d:54:c6:
8b:71:66:fc:b1:37:62:b2:16:1f:06:39:6a:f5:43:95:13:1f:
63:58:c8:48:75:c9:e7:75:3f:19:43:be:e4:c0:5c:6e:ff:41:
1c:da:90:fc:c3:f2:88:00:22:92:a1:ed:fa:d7:f9:01:07:04:
3c:a2:2f:4c:34:2a:9b:00:e0:60:2e:56:c2:a5:02:ee:74:97:
9f:e0:e3:79:af:9a:d8:a3:a3:c6:25:61:d5:4e:8d:b4:32:03:
64:77:3f:d7:fe:ac:ba:12:95:46:f6:55:73:4e:ab:c8:61:b0:
1e:7e:2a:ba
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZQl/YEI3h8RiLQvjXD9vCV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjUwMTAyMDc0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg5Y2E2N2E0NGI2NWU1YjEzNzlmNGY5MTliMGM2Yzg1YmY3NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc8j99BkrunzlxT6DuGGJXC/61eh
+wuxeyOleOabBq5ABYMPQP7NlWHQ3e+smftw7BDZz1zc2fg353LFi/MAPr9d6QfC
XJ2WB2h+5CNHzSPQT3H9ajkME4J5WTr4UVQQv5glMrkDmU/TIjaz5VoFAMXOVNkn
AOwvmXuGX4NYOEBwZfVUAJdfcG6s9SyILfYqQT3moKgcU+otaFcMtGK1EP30zw7N
V9IG0QCT+pv3epVzPk99DPmzKodwWtka6QNDr/eByuEIeSi+/zgihm5smu29OzfG
L/cmRBxZjEgszZ1SHpVqp/aRQUCL+rvqgy0q1ZIEdYvhm610q0Y1s8K2cQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLKJymekS2XlsTefT5GbDGyFv3YEMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvc29uS1o2UkxaZVd4TjU5UGtac01iSVdfZGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQHTUAAAwMA
Tl0DBAVUFuADBAZWPEADBAXUXcADBAXUZMADBAXUdMADBAXVuKAwDQQCAAIwBwMF
ACoCDfAwDQYJKoZIhvcNAQELBQADggEBAKDI62yrbGxyTtScgU+BvirBEyjOn8K7
ojB05orHXrnnhxVyxRR0q+P8X3c/qADWsfya4mGO2w2zpRBARBmqnepCgyXVr4Bh
+25GU9Zc2q76FK1428ecJ6pNEWaPiY9MKJBXmcZAaLay4pa0F5wu2UvM1v3cxWkO
8Yz6ebTj5yqlLNx8vMu44JSJApr3Dg1UxotxZvyxN2KyFh8GOWr1Q5UTH2NYyEh1
yed1PxlDvuTAXG7/QRzakPzD8ogAIpKh7frX+QEHBDyiL0w0KpsA4GAuVsKlAu50
l5/g43mvmtijo8YlYdVOjbQyA2R3P9f+rLoSlUb2VXNOq8hhsB5+Kro=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:27 2025 by rpki-client