Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/DNiv8WMGcPKANx-uQmW-sx5fNXI.roa
File: DNiv8WMGcPKANx-uQmW-sx5fNXI.roa (raw, json)
Hash identifier: Lj5hqHXoRMsEWF++FwaU7YyRf1SOoK6ggthX5YqRKwg=
Subject key identifier: 0C:D8:AF:F1:63:06:70:F2:80:37:1F:AE:42:65:BE:B3:1E:5F:35:72
Certificate issuer: /CN=9116dcbf78c62d51da9076a0d06adad36ee3b755
Certificate serial: 019421B24D0E43ACF49320200E16D76ED3AA
Authority key identifier: 91:16:DC:BF:78:C6:2D:51:DA:90:76:A0:D0:6A:DA:D3:6E:E3:B7:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRbcv3jGLVHakHag0Gra027jt1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/DNiv8WMGcPKANx-uQmW-sx5fNXI.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43272
IP address blocks: 77.247.248.0/21 maxlen: 21
77.247.248.0/24 maxlen: 24
77.247.249.0/24 maxlen: 24
77.247.250.0/24 maxlen: 24
77.247.251.0/24 maxlen: 24
77.247.252.0/24 maxlen: 24
77.247.253.0/24 maxlen: 24
77.247.254.0/24 maxlen: 24
77.247.255.0/24 maxlen: 24
185.177.28.0/22 maxlen: 22
185.177.28.0/24 maxlen: 24
185.177.29.0/24 maxlen: 24
185.177.30.0/24 maxlen: 24
185.177.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4d:0e:43:ac:f4:93:20:20:0e:16:d7:6e:d3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9116dcbf78c62d51da9076a0d06adad36ee3b755
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cd8aff1630670f280371fae4265beb31e5f3572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:03:8f:8d:ce:ea:42:1f:b0:09:43:1b:59:8c:
60:49:fc:b5:a6:7d:b3:af:04:b4:93:08:9d:33:3c:
95:f4:19:f5:89:60:9b:15:cd:6e:5d:4d:21:66:e5:
5a:7e:2f:57:de:70:41:29:25:d6:2a:66:48:0f:49:
11:64:7d:24:49:65:db:a8:ec:58:65:de:5b:ec:8f:
3e:fa:39:ae:ac:45:ee:ed:c3:5a:6d:31:75:bb:b7:
7f:a7:1e:ca:67:35:64:1e:6e:e0:80:16:7e:47:5b:
c8:58:8d:0b:ea:7e:ea:3c:05:56:7a:9b:6d:f1:8a:
eb:21:86:8e:cc:cf:f0:24:9a:70:a9:05:db:34:24:
df:8f:30:74:06:81:67:bd:b0:6b:6d:b9:f0:29:83:
2d:a5:a4:49:d2:c8:36:79:2f:57:84:96:bb:be:90:
ee:f2:ad:39:3f:b5:38:72:93:86:0b:7b:85:a1:a1:
76:26:c1:47:e2:0f:bb:eb:e6:9c:b6:03:23:66:65:
0f:97:af:1f:c7:9c:44:07:1f:ad:96:2f:28:bd:1d:
71:fe:8c:f3:87:89:af:3f:c2:7e:21:52:db:94:21:
71:f3:a8:fb:c6:d4:8f:4f:48:49:56:15:e6:c7:52:
86:52:3a:1c:ee:bd:01:f4:ac:38:40:9a:25:0b:a3:
2d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D8:AF:F1:63:06:70:F2:80:37:1F:AE:42:65:BE:B3:1E:5F:35:72
X509v3 Authority Key Identifier:
keyid:91:16:DC:BF:78:C6:2D:51:DA:90:76:A0:D0:6A:DA:D3:6E:E3:B7:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRbcv3jGLVHakHag0Gra027jt1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/DNiv8WMGcPKANx-uQmW-sx5fNXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/12f5d1-e760-4101-af25-7fc49da53d13/1/kRbcv3jGLVHakHag0Gra027jt1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.248.0/21
185.177.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:59:cb:d7:45:e7:d8:7b:10:22:be:71:2a:4f:2f:f5:5d:8b:
b5:0f:ea:51:ce:61:b2:9e:79:3c:f2:91:9f:f9:79:20:50:b6:
a3:8b:4a:be:40:40:9d:82:09:6d:9a:df:c2:a9:b5:a3:73:43:
80:3a:2a:16:36:fd:a8:31:d5:bb:35:a2:f8:11:f2:ca:67:8e:
bc:35:b7:28:cf:cc:dc:34:16:54:3c:89:f5:a9:cd:56:78:44:
12:29:be:fb:a1:95:f3:8b:0d:87:f7:62:8d:b5:dc:3d:08:74:
3d:55:5d:f6:a2:6c:da:39:8c:24:24:0f:03:48:b4:19:c9:d0:
9c:04:55:ca:e5:52:04:98:cd:f0:79:b6:65:12:21:cc:7c:b3:
98:9e:72:fe:f2:4e:91:39:e4:ab:6a:99:6c:16:d7:e7:1b:5e:
b9:dc:bc:ed:b6:a8:24:4f:ef:6a:76:7e:d0:f6:5d:c8:a8:c1:
71:cb:73:e4:78:9d:a9:5d:38:07:4a:f9:c5:04:9a:d2:8e:82:
8a:9c:c1:2f:96:d0:f3:81:27:99:75:6a:f8:c0:24:f2:84:2a:
e7:ac:2c:13:c6:2d:7e:92:cc:99:88:82:ae:af:86:b8:ba:9e:
67:a6:3e:16:7e:c9:4a:20:c1:a8:db:ab:f4:a9:fb:a1:86:3b:
13:cc:6f:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsk0OQ6z0kyAgDhbXbtOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTZkY2JmNzhjNjJkNTFkYTkwNzZhMGQwNmFkYWQzNmVl
M2I3NTUwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Q4YWZmMTYzMDY3MGYyODAzNzFmYWU0MjY1YmViMzFlNWYzNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QOPjc7qQh+wCUMbWYxgSfy1pn2z
rwS0kwidMzyV9Bn1iWCbFc1uXU0hZuVafi9X3nBBKSXWKmZID0kRZH0kSWXbqOxY
Zd5b7I8++jmurEXu7cNabTF1u7d/px7KZzVkHm7ggBZ+R1vIWI0L6n7qPAVWeptt
8YrrIYaOzM/wJJpwqQXbNCTfjzB0BoFnvbBrbbnwKYMtpaRJ0sg2eS9XhJa7vpDu
8q05P7U4cpOGC3uFoaF2JsFH4g+76+actgMjZmUPl68fx5xEBx+tli8ovR1x/ozz
h4mvP8J+IVLblCFx86j7xtSPT0hJVhXmx1KGUjoc7r0B9Kw4QJolC6MtzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAzYr/FjBnDygDcfrkJlvrMeXzVyMB8GA1UdIwQY
MBaAFJEW3L94xi1R2pB2oNBq2tNu47dVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JiY3YzakdMVkhha0hhZzBHcmEwMjdqdDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xMmY1ZDEtZTc2MC00MTAxLWFmMjUt
N2ZjNDlkYTUzZDEzLzEvRE5pdjhXTUdjUEtBTngtdVFtVy1zeDVmTlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xMmY1ZDEtZTc2MC00MTAxLWFmMjUtN2ZjNDlkYTUzZDEz
LzEva1JiY3YzakdMVkhha0hhZzBHcmEwMjdqdDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTff4AwQC
ubEcMA0GCSqGSIb3DQEBCwUAA4IBAQCkWcvXRefYexAivnEqTy/1XYu1D+pRzmGy
nnk88pGf+XkgULaji0q+QECdggltmt/CqbWjc0OAOioWNv2oMdW7NaL4EfLKZ468
Nbcoz8zcNBZUPIn1qc1WeEQSKb77oZXziw2H92KNtdw9CHQ9VV32omzaOYwkJA8D
SLQZydCcBFXK5VIEmM3webZlEiHMfLOYnnL+8k6ROeSraplsFtfnG1653Lzttqgk
T+9qdn7Q9l3IqMFxy3PkeJ2pXTgHSvnFBJrSjoKKnMEvltDzgSeZdWr4wCTyhCrn
rCwTxi1+ksyZiIKur4a4up5npj4WfslKIMGo26v0qfuhhjsTzG+Z
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:32:59 2025 by rpki-client