Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/hXYgFaLhg1h4smB81OExsZ5kDYA.roa
File: hXYgFaLhg1h4smB81OExsZ5kDYA.roa (raw, json)
Hash identifier: J1LdPvY1o2Z/PcEpdVjEoKRtwcTpNQB0rwhpVoUBM7k=
Subject key identifier: 85:76:20:15:A2:E1:83:58:78:B2:60:7C:D4:E1:31:B1:9E:64:0D:80
Certificate issuer: /CN=044aacab9a49e143de68979ad156b42dabddde8c
Certificate serial: 01942067E3D3D81609083483EA5CB8489D1A
Authority key identifier: 04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/hXYgFaLhg1h4smB81OExsZ5kDYA.roa
Signing time: Wed 01 Jan 2025 05:47:46 +0000
ROA not before: Wed 01 Jan 2025 05:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2259
IP address blocks: 77.72.40.0/21 maxlen: 21
130.79.0.0/16 maxlen: 16
185.155.92.0/22 maxlen: 22
2a07:2e40::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e3:d3:d8:16:09:08:34:83:ea:5c:b8:48:9d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044aacab9a49e143de68979ad156b42dabddde8c
Validity
Not Before: Jan 1 05:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85762015a2e1835878b2607cd4e131b19e640d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:a4:88:75:d1:39:0c:8a:a0:f7:04:d9:a6:
ad:6c:79:d0:78:dd:ae:7b:c0:b9:43:d2:e0:15:24:
69:d4:69:e7:86:db:c3:ac:a2:f1:00:43:c6:c6:54:
93:f2:22:40:ff:66:6d:16:03:ad:55:e5:f1:a6:65:
47:1e:c2:7b:27:1b:1e:6f:e6:93:c7:10:56:9f:0a:
3f:bd:1e:b9:76:a3:0a:a0:8f:8f:97:74:54:a1:9a:
07:2b:b3:36:a5:16:36:8a:b5:52:b1:6d:a9:10:11:
74:4e:10:08:e1:b2:23:bf:77:16:93:98:a2:ce:78:
0f:06:8a:c1:44:74:6e:06:09:73:10:58:73:03:60:
82:56:5e:0b:38:5f:e7:13:c2:15:84:0a:81:4a:8e:
41:7d:1f:d0:09:63:b6:d1:70:67:b1:54:16:db:d6:
82:fc:22:93:9c:29:69:ec:28:fa:96:b5:e0:5f:3f:
01:21:fb:c8:11:55:1d:f7:87:95:64:e7:64:c7:28:
54:9a:e1:72:db:2c:19:94:a4:40:72:cc:73:53:9c:
4c:ac:db:01:b7:fd:ea:5a:c5:9c:f6:60:f4:d7:bd:
88:87:f8:f5:7e:eb:3a:b4:bc:0e:f0:90:59:1c:4f:
10:82:bd:ed:50:7c:04:0d:38:87:02:d7:e0:f6:8a:
89:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:76:20:15:A2:E1:83:58:78:B2:60:7C:D4:E1:31:B1:9E:64:0D:80
X509v3 Authority Key Identifier:
keyid:04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/hXYgFaLhg1h4smB81OExsZ5kDYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/BEqsq5pJ4UPeaJea0Va0Lavd3ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.40.0/21
130.79.0.0/16
185.155.92.0/22
IPv6:
2a07:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
04:49:62:fe:ea:98:f2:7e:4e:3e:02:03:7b:ee:c1:0f:3b:20:
6a:c2:95:5d:79:9a:20:f5:20:e0:8d:86:1d:bc:3a:8d:69:b7:
3a:4b:4b:20:de:23:4a:39:a1:99:f1:81:71:b9:61:64:3e:a0:
6c:81:82:7e:a8:b7:d2:28:e8:d9:ad:c5:5c:2d:16:c8:2f:f3:
fe:c7:32:1b:c6:29:bd:a7:4e:c3:3e:42:aa:8a:78:29:25:01:
e9:61:af:d1:10:1e:10:e0:e9:5c:51:b0:05:a9:ce:13:d3:84:
d6:33:84:b3:5a:dc:43:0f:2c:c4:15:f7:33:a2:9c:c1:ae:25:
2b:84:28:0b:09:b3:19:06:18:a8:79:8c:f4:28:75:df:ca:a6:
be:77:c6:fe:4a:0e:8b:61:0f:63:61:42:a5:03:2d:8e:24:e4:
c8:ae:3a:c5:38:1c:8b:10:bc:71:0b:9f:25:3a:7f:cb:9f:42:
91:75:d7:f9:eb:b6:47:f1:28:6f:6a:bc:a6:f6:a8:53:da:52:
3f:5c:1a:22:e3:c2:a2:87:b6:8c:96:27:29:df:9c:84:42:99:
82:bf:99:2c:98:5c:69:55:aa:55:5f:14:0b:be:db:08:2a:51:
99:52:6f:db:4f:4d:4e:e0:9a:b6:13:89:40:13:e7:9a:0d:20:
02:ba:58:fd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQgZ+PT2BYJCDSD6ly4SJ0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGFhY2FiOWE0OWUxNDNkZTY4OTc5YWQxNTZiNDJkYWJk
ZGRlOGMwHhcNMjUwMTAxMDU0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc2MjAxNWEyZTE4MzU4NzhiMjYwN2NkNGUxMzFiMTllNjQwZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcGkiHXROQyKoPcE2aatbHnQeN2u
e8C5Q9LgFSRp1GnnhtvDrKLxAEPGxlST8iJA/2ZtFgOtVeXxpmVHHsJ7Jxseb+aT
xxBWnwo/vR65dqMKoI+Pl3RUoZoHK7M2pRY2irVSsW2pEBF0ThAI4bIjv3cWk5ii
zngPBorBRHRuBglzEFhzA2CCVl4LOF/nE8IVhAqBSo5BfR/QCWO20XBnsVQW29aC
/CKTnClp7Cj6lrXgXz8BIfvIEVUd94eVZOdkxyhUmuFy2ywZlKRAcsxzU5xMrNsB
t/3qWsWc9mD0172Ih/j1fus6tLwO8JBZHE8Qgr3tUHwEDTiHAtfg9oqJNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIV2IBWi4YNYeLJgfNThMbGeZA2AMB8GA1UdIwQY
MBaAFARKrKuaSeFD3miXmtFWtC2r3d6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDIt
M2JiOTI2ODc2MDJjLzEvaFhZZ0ZhTGhnMWg0c21CODFPRXhzWjVrRFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDItM2JiOTI2ODc2MDJj
LzEvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQDTUgoAwMA
gk8DBAK5m1wwDQQCAAIwBwMFAyoHLkAwDQYJKoZIhvcNAQELBQADggEBAARJYv7q
mPJ+Tj4CA3vuwQ87IGrClV15miD1IOCNhh28Oo1ptzpLSyDeI0o5oZnxgXG5YWQ+
oGyBgn6ot9Io6NmtxVwtFsgv8/7HMhvGKb2nTsM+QqqKeCklAelhr9EQHhDg6VxR
sAWpzhPThNYzhLNa3EMPLMQV9zOinMGuJSuEKAsJsxkGGKh5jPQodd/Kpr53xv5K
DothD2NhQqUDLY4k5MiuOsU4HIsQvHELnyU6f8ufQpF11/nrtkfxKG9qvKb2qFPa
Uj9cGiLjwqKHtoyWJynfnIRCmYK/mSyYXGlVqlVfFAu+2wgqUZlSb9tPTU7gmrYT
iUAT55oNIAK6WP0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:33:20 2025 by rpki-client