Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/gLQxQ30GY-0SBJFygMXIQ26xawI.roa
File: gLQxQ30GY-0SBJFygMXIQ26xawI.roa (raw, json)
Hash identifier: gj5h2W4hyKA/LGK+oYJM69Xumj+eGNGLhy+yO0lIxpw=
Subject key identifier: 80:B4:31:43:7D:06:63:ED:12:04:91:72:80:C5:C8:43:6E:B1:6B:02
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 019424453E4EF52509BBAD8CD669C75C63F8
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/gLQxQ30GY-0SBJFygMXIQ26xawI.roa
Signing time: Wed 01 Jan 2025 23:48:25 +0000
ROA not before: Wed 01 Jan 2025 23:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204383
IP address blocks: 77.78.78.0/23 maxlen: 23
77.78.112.0/22 maxlen: 22
77.78.116.0/23 maxlen: 23
82.208.32.0/23 maxlen: 23
82.208.60.0/22 maxlen: 22
109.123.206.0/23 maxlen: 23
217.11.232.0/23 maxlen: 23
217.11.246.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3e:4e:f5:25:09:bb:ad:8c:d6:69:c7:5c:63:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Jan 1 23:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80b431437d0663ed1204917280c5c8436eb16b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f3:e1:eb:a0:98:4f:52:8b:d3:3e:91:b7:61:
64:28:d3:6d:88:c0:53:26:97:51:e3:dd:87:53:83:
ce:88:9f:41:a4:20:40:90:c1:b2:65:d7:dd:df:da:
14:b9:5d:8f:ff:2f:01:be:f2:4b:07:24:1f:42:c4:
ac:1f:b1:39:14:12:43:a3:17:ea:66:e7:03:33:6b:
26:e7:61:ea:22:e8:52:65:20:76:c0:08:b6:67:af:
f8:d4:db:7e:a5:f3:56:e6:d8:68:75:c9:2a:00:9a:
59:6d:d1:6e:f8:88:30:29:49:3f:6d:5f:0d:1a:62:
cb:e2:a4:d2:c8:20:fc:c7:51:3b:ff:9e:76:59:e2:
66:11:c7:f7:bc:79:5e:64:81:f8:b4:cd:bc:dd:6d:
71:f0:e1:77:a3:1f:af:ff:a0:d1:21:72:a6:43:5e:
f9:f4:11:67:fc:3b:bc:f3:2a:15:95:34:f3:29:de:
fa:6e:82:04:f9:e2:13:a0:3d:8c:fb:62:46:11:fd:
91:4e:b1:53:b7:5f:e1:fd:8c:27:3f:61:de:6c:2c:
b2:1c:22:b5:c9:40:ff:16:ee:4f:56:29:6c:b1:13:
25:42:77:47:5a:40:bb:b6:d3:e7:33:65:3d:a5:9e:
59:26:5e:e8:e9:5f:d4:e4:c1:cf:5e:77:e3:7d:d3:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B4:31:43:7D:06:63:ED:12:04:91:72:80:C5:C8:43:6E:B1:6B:02
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/gLQxQ30GY-0SBJFygMXIQ26xawI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.78.0/23
77.78.112.0-77.78.117.255
82.208.32.0/23
82.208.60.0/22
109.123.206.0/23
217.11.232.0/23
217.11.246.0/23
Signature Algorithm: sha256WithRSAEncryption
81:e0:01:65:c2:0b:8f:44:d4:c3:f0:81:6f:de:e4:55:71:4d:
b4:37:5d:29:4e:13:2e:0b:9d:3a:3c:8f:33:ea:4c:67:6c:99:
ef:b5:bb:39:f1:53:03:13:de:df:bb:c2:32:30:75:75:1d:97:
4a:16:e0:de:45:48:49:14:3d:c6:46:c2:57:c7:46:19:f6:4b:
dc:89:06:14:3d:1c:80:aa:6b:86:08:20:b2:97:6e:a6:15:74:
67:4b:7c:00:91:cc:3b:7e:13:8a:62:ea:1a:ef:70:d8:59:85:
14:66:1a:17:78:67:78:94:07:e5:52:a5:b7:58:d1:99:41:d4:
1c:ad:2f:a4:66:8a:4d:d0:cf:bb:f9:a4:3b:f1:4f:92:4d:00:
84:11:86:f3:d7:3f:51:16:5e:d2:a6:09:ea:ee:de:60:57:6b:
4c:44:8b:70:fa:4a:95:9e:40:26:17:20:b3:40:c3:aa:d3:c5:
d0:b6:31:d4:51:87:00:25:23:38:e9:7a:9d:54:cc:c6:95:27:
e7:a4:f4:c7:88:db:19:ae:c3:be:0a:24:83:91:4e:75:fe:21:
42:b1:e6:b1:91:66:5c:ef:54:82:df:9f:40:72:77:9c:05:df:
c3:5f:c4:db:f0:0c:3f:c1:22:cb:cf:c6:79:09:08:0f:e9:8e:
8c:74:20:6c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQkRT5O9SUJu62M1mnHXGP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjUwMTAxMjM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI0MzE0MzdkMDY2M2VkMTIwNDkxNzI4MGM1Yzg0MzZlYjE2YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPPh66CYT1KL0z6Rt2FkKNNtiMBT
JpdR492HU4POiJ9BpCBAkMGyZdfd39oUuV2P/y8BvvJLByQfQsSsH7E5FBJDoxfq
ZucDM2sm52HqIuhSZSB2wAi2Z6/41Nt+pfNW5thodckqAJpZbdFu+IgwKUk/bV8N
GmLL4qTSyCD8x1E7/552WeJmEcf3vHleZIH4tM283W1x8OF3ox+v/6DRIXKmQ175
9BFn/Du88yoVlTTzKd76boIE+eIToD2M+2JGEf2RTrFTt1/h/YwnP2HebCyyHCK1
yUD/Fu5PVilssRMlQndHWkC7ttPnM2U9pZ5ZJl7o6V/U5MHPXnfjfdNWWwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIC0MUN9BmPtEgSRcoDFyENusWsCMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvZ0xReFEzMEdZLTBTQkpGeWdNWElRMjZ4YXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBTU5OMAwD
BARNTnADBAFNTnQDBAFS0CADBAJS0DwDBAFte84DBAHZC+gDBAHZC/YwDQYJKoZI
hvcNAQELBQADggEBAIHgAWXCC49E1MPwgW/e5FVxTbQ3XSlOEy4LnTo8jzPqTGds
me+1uznxUwMT3t+7wjIwdXUdl0oW4N5FSEkUPcZGwlfHRhn2S9yJBhQ9HICqa4YI
ILKXbqYVdGdLfACRzDt+E4pi6hrvcNhZhRRmGhd4Z3iUB+VSpbdY0ZlB1BytL6Rm
ik3Qz7v5pDvxT5JNAIQRhvPXP1EWXtKmCeru3mBXa0xEi3D6SpWeQCYXILNAw6rT
xdC2MdRRhwAlIzjpep1UzMaVJ+ek9MeI2xmuw74KJIORTnX+IUKx5rGRZlzvVILf
n0Byd5wF38NfxNvwDD/BIsvPxnkJCA/pjox0IGw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:39 2025 by rpki-client