Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BAMDF4MUDfi8UneIXrFvOlSF6fU.roa
File: BAMDF4MUDfi8UneIXrFvOlSF6fU.roa (raw, json)
Hash identifier: jeJf3DUMqqysbajqNvr+M41/6NOtaO7Fq/OHS3KCAYw=
Subject key identifier: 04:03:03:17:83:14:0D:F8:BC:52:77:88:5E:B1:6F:3A:54:85:E9:F5
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C75B5FAF00F7175B5145A60EF1AC8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BAMDF4MUDfi8UneIXrFvOlSF6fU.roa
Signing time: Thu 02 Jan 2025 09:50:29 +0000
ROA not before: Thu 02 Jan 2025 09:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41190
IP address blocks: 77.72.248.0/24 maxlen: 24
77.72.249.0/24 maxlen: 24
77.72.250.0/24 maxlen: 24
77.72.251.0/24 maxlen: 24
77.72.252.0/24 maxlen: 24
77.72.253.0/24 maxlen: 24
77.72.254.0/24 maxlen: 24
77.72.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:75:b5:fa:f0:0f:71:75:b5:14:5a:60:ef:1a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0403031783140df8bc5277885eb16f3a5485e9f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:4d:c7:3f:27:49:e3:62:33:19:07:5a:f5:
8d:9c:01:6b:ff:ca:a9:55:57:aa:0c:e8:38:c4:34:
40:ee:2b:6b:be:02:6a:f3:ca:20:15:04:80:10:28:
e8:a4:c7:0b:6b:1a:03:61:cb:5e:83:c4:da:4c:ef:
60:18:ab:af:87:80:f9:50:b3:88:c1:34:e0:75:e1:
04:06:fe:88:30:a2:ff:26:c6:21:05:cc:fa:3d:d2:
74:b4:a7:f7:3f:18:7f:b2:dd:8f:27:14:e3:ad:3d:
fc:31:4b:3a:c6:5d:3e:45:3b:64:ce:b1:e0:2a:76:
56:dd:a1:4f:f1:20:4c:61:f7:17:9d:85:5b:eb:b2:
c8:0b:40:38:ac:98:8d:e3:96:f4:25:c6:c4:2f:69:
0f:83:d0:77:25:19:19:93:2f:a7:62:72:e3:1d:8e:
88:4f:37:e2:ed:56:e4:82:4c:75:cf:00:b1:73:50:
24:b2:67:e7:94:d0:9a:84:dc:1f:99:99:a0:d9:bd:
31:a8:0c:68:14:13:d5:54:7c:87:64:1b:a3:f9:05:
3a:1f:db:89:f8:4a:86:92:ca:b1:dd:31:c7:69:61:
f4:21:2a:ee:7e:0b:5f:a0:86:f0:3d:01:de:ba:18:
5c:f9:2f:0c:7d:5d:5e:ed:fb:33:57:61:1a:f8:40:
17:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:03:03:17:83:14:0D:F8:BC:52:77:88:5E:B1:6F:3A:54:85:E9:F5
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BAMDF4MUDfi8UneIXrFvOlSF6fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.248.0/21
Signature Algorithm: sha256WithRSAEncryption
29:e7:1e:f6:6b:d0:14:29:7a:ca:21:84:78:17:f0:b3:2e:e7:
6d:f2:40:17:bb:c6:49:a0:fe:cd:0d:f6:a8:ca:4c:f5:dc:07:
73:12:5c:e4:fc:e9:ea:15:1a:8b:88:93:3e:26:0a:70:bf:6a:
a3:1b:49:ed:7a:44:c5:9d:d9:2b:7e:14:97:70:b1:60:6c:ec:
62:39:a8:a6:70:b4:89:8e:c1:2e:b3:29:b0:64:04:bb:72:58:
1f:7b:fd:d2:c5:32:b4:78:44:1e:6a:48:db:d0:ff:15:77:82:
42:e7:00:c6:64:76:0c:ff:ed:45:de:77:ee:0e:31:d1:f0:58:
4f:82:80:47:77:01:8e:47:52:7c:e4:ad:4c:ff:f7:7f:0f:b5:
d2:ec:c3:33:22:cb:eb:8e:da:c4:f9:40:fc:9d:11:44:57:27:
c1:12:ac:f7:99:4e:a4:16:2b:23:cc:cb:33:f0:15:bf:0f:09:
ff:5b:18:5c:d0:03:6c:78:74:e9:bf:74:76:00:5f:1f:72:6d:
5f:8b:07:7e:25:bd:0b:f3:3b:54:04:70:f4:76:a3:c0:fa:6a:
dd:95:d6:fb:91:d0:aa:b1:52:95:73:9f:b9:a0:6c:49:8a:fc:
7e:5c:96:bd:19:ce:ac:87:d8:ad:5f:56:84:c8:33:35:5f:dc:
45:ef:56:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbHW1+vAPcXW1FFpg7xrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDAzMDMxNzgzMTQwZGY4YmM1Mjc3ODg1ZWIxNmYzYTU0ODVlOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQFNxz8nSeNiMxkHWvWNnAFr/8qp
VVeqDOg4xDRA7itrvgJq88ogFQSAECjopMcLaxoDYcteg8TaTO9gGKuvh4D5ULOI
wTTgdeEEBv6IMKL/JsYhBcz6PdJ0tKf3Pxh/st2PJxTjrT38MUs6xl0+RTtkzrHg
KnZW3aFP8SBMYfcXnYVb67LIC0A4rJiN45b0JcbEL2kPg9B3JRkZky+nYnLjHY6I
Tzfi7Vbkgkx1zwCxc1AksmfnlNCahNwfmZmg2b0xqAxoFBPVVHyHZBuj+QU6H9uJ
+EqGksqx3THHaWH0ISrufgtfoIbwPQHeuhhc+S8MfV1e7fszV2Ea+EAX3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQDAxeDFA34vFJ3iF6xbzpUhen1MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQkFNREY0TVVEZmk4VW5lSVhyRnZPbFNGNmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTUj4MA0G
CSqGSIb3DQEBCwUAA4IBAQAp5x72a9AUKXrKIYR4F/CzLudt8kAXu8ZJoP7NDfao
ykz13AdzElzk/OnqFRqLiJM+Jgpwv2qjG0ntekTFndkrfhSXcLFgbOxiOaimcLSJ
jsEusymwZAS7clgfe/3SxTK0eEQeakjb0P8Vd4JC5wDGZHYM/+1F3nfuDjHR8FhP
goBHdwGOR1J85K1M//d/D7XS7MMzIsvrjtrE+UD8nRFEVyfBEqz3mU6kFisjzMsz
8BW/Dwn/Wxhc0ANseHTpv3R2AF8fcm1fiwd+Jb0L8ztUBHD0dqPA+mrdldb7kdCq
sVKVc5+5oGxJivx+XJa9Gc6sh9itX1aEyDM1X9xF71bm
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:23 2025 by rpki-client