Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/6e6405-dbe7-42b2-887c-ffdebec8f505/1/_XjaBTnGilvxo492cNgJd58fijk.roa
File: _XjaBTnGilvxo492cNgJd58fijk.roa (raw, json)
Hash identifier: 9Lk0tQib0MF/TXW1qYNyMKPFWzbGaF3+CQ2+XIAZq0E=
Subject key identifier: FD:78:DA:05:39:C6:8A:5B:F1:A3:8F:76:70:D8:09:77:9F:1F:8A:39
Certificate issuer: /CN=e4db0301fe2461c6de3f718d847cb5dc7c00b2d2
Certificate serial: 019422FBB6FCE300D5D01BB4CD863F37AD7D
Authority key identifier: E4:DB:03:01:FE:24:61:C6:DE:3F:71:8D:84:7C:B5:DC:7C:00:B2:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5NsDAf4kYcbeP3GNhHy13HwAstI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/6e6405-dbe7-42b2-887c-ffdebec8f505/1/_XjaBTnGilvxo492cNgJd58fijk.roa
Signing time: Wed 01 Jan 2025 17:48:29 +0000
ROA not before: Wed 01 Jan 2025 17:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29107
IP address blocks: 77.87.144.0/22 maxlen: 22
77.87.148.0/22 maxlen: 22
91.216.176.0/24 maxlen: 24
92.249.64.0/18 maxlen: 18
178.54.0.0/17 maxlen: 17
178.54.4.0/24 maxlen: 24
178.54.5.0/24 maxlen: 24
178.54.6.0/24 maxlen: 24
178.54.7.0/24 maxlen: 24
178.54.8.0/24 maxlen: 24
178.54.9.0/24 maxlen: 24
178.54.10.0/24 maxlen: 24
178.54.11.0/24 maxlen: 24
178.54.79.0/24 maxlen: 24
178.54.120.0/24 maxlen: 24
178.54.121.0/24 maxlen: 24
193.201.80.0/23 maxlen: 23
194.0.88.0/22 maxlen: 22
194.0.88.0/23 maxlen: 23
194.0.90.0/23 maxlen: 23
194.0.90.0/24 maxlen: 24
195.69.84.0/22 maxlen: 22
195.69.84.0/23 maxlen: 23
195.69.86.0/23 maxlen: 23
2001:67c:2b14::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:b6:fc:e3:00:d5:d0:1b:b4:cd:86:3f:37:ad:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4db0301fe2461c6de3f718d847cb5dc7c00b2d2
Validity
Not Before: Jan 1 17:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd78da0539c68a5bf1a38f7670d809779f1f8a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:50:5a:ff:4f:57:85:bd:60:60:4a:9f:04:b0:
83:92:e8:96:13:fa:4c:c9:00:79:03:4e:c2:65:2d:
9a:da:e3:87:39:39:c9:6a:38:0e:ca:32:67:c5:6d:
08:ba:c7:5b:7b:79:10:b9:5b:da:8a:2b:3a:de:87:
09:1f:75:26:9d:dc:db:46:97:23:23:65:a0:fb:c9:
c0:d9:e8:51:7a:68:ab:18:69:af:88:cb:61:ff:31:
d5:a1:75:d4:4a:3d:b6:b8:13:fc:ac:97:1f:dd:a3:
f2:f1:07:dc:d9:b3:75:cc:44:6f:dd:a7:ef:27:44:
38:d9:76:ef:08:4d:b2:da:45:ac:cb:65:a3:dd:f8:
e0:a2:85:5d:2e:2b:ef:e8:8e:2d:42:e9:35:c8:38:
1a:5c:9c:8e:b6:1f:98:8d:98:eb:07:66:7a:ae:f6:
17:0e:86:43:29:71:c4:db:7b:3d:09:d2:89:19:7a:
67:5f:62:4b:ac:da:59:1a:e4:ed:a8:a5:f0:10:b2:
5a:96:d2:2b:ff:67:e4:76:1b:b3:66:6a:87:9e:da:
c0:4c:26:b6:f2:80:e6:e9:54:a6:7b:fd:b0:ac:02:
83:4a:b1:22:d7:a7:f3:32:66:e9:27:5c:8d:cd:54:
2a:d1:31:6f:83:41:c7:d6:c6:96:cd:1f:38:1e:0c:
7b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:78:DA:05:39:C6:8A:5B:F1:A3:8F:76:70:D8:09:77:9F:1F:8A:39
X509v3 Authority Key Identifier:
keyid:E4:DB:03:01:FE:24:61:C6:DE:3F:71:8D:84:7C:B5:DC:7C:00:B2:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NsDAf4kYcbeP3GNhHy13HwAstI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6e6405-dbe7-42b2-887c-ffdebec8f505/1/_XjaBTnGilvxo492cNgJd58fijk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6e6405-dbe7-42b2-887c-ffdebec8f505/1/5NsDAf4kYcbeP3GNhHy13HwAstI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.144.0/21
91.216.176.0/24
92.249.64.0/18
178.54.0.0/17
193.201.80.0/23
194.0.88.0/22
195.69.84.0/22
IPv6:
2001:67c:2b14::/48
Signature Algorithm: sha256WithRSAEncryption
3a:76:49:eb:ef:27:13:d9:1f:60:0d:01:7e:d6:01:cc:6e:40:
81:d4:18:79:50:49:75:3b:8c:de:15:53:11:70:ab:73:58:4a:
88:f4:0f:e5:45:2a:7c:9b:0d:95:3e:47:e7:95:d1:72:f2:e4:
1a:df:a3:d4:82:53:70:89:61:cd:73:00:dc:60:80:66:e5:93:
80:72:b2:9c:42:43:1d:ef:86:10:49:be:be:7c:e8:96:d4:28:
50:27:4e:6c:22:c2:db:86:50:51:0d:07:b3:54:c6:0c:23:60:
43:84:0a:e6:04:2c:95:52:27:1b:e0:e9:7d:52:b6:84:f8:d9:
c7:57:90:b4:87:b1:36:27:78:e6:ef:69:59:db:a2:d2:b0:c1:
96:ad:61:04:51:d7:67:78:35:99:be:f2:33:2a:3d:ef:9b:33:
76:1d:98:85:e3:83:1c:75:05:91:06:f2:35:f5:59:e8:e8:a3:
c6:e8:6d:72:73:21:f7:c9:2f:eb:86:b8:ad:33:9d:c1:46:93:
88:68:a3:35:87:03:13:c5:43:3f:e8:4c:b5:fd:d0:d9:6d:a0:
35:e5:df:8b:38:59:c3:0e:96:f9:94:4b:be:1a:9e:27:d6:af:
32:83:c1:f6:3c:0b:bf:08:01:88:f5:9f:cb:07:c2:5a:5e:8b:
5b:df:41:56
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQi+7b84wDV0Bu0zYY/N619MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZGIwMzAxZmUyNDYxYzZkZTNmNzE4ZDg0N2NiNWRjN2Mw
MGIyZDIwHhcNMjUwMTAxMTc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc4ZGEwNTM5YzY4YTViZjFhMzhmNzY3MGQ4MDk3NzlmMWY4YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FBa/09Xhb1gYEqfBLCDkuiWE/pM
yQB5A07CZS2a2uOHOTnJajgOyjJnxW0Iusdbe3kQuVvaiis63ocJH3UmndzbRpcj
I2Wg+8nA2ehRemirGGmviMth/zHVoXXUSj22uBP8rJcf3aPy8Qfc2bN1zERv3afv
J0Q42XbvCE2y2kWsy2Wj3fjgooVdLivv6I4tQuk1yDgaXJyOth+YjZjrB2Z6rvYX
DoZDKXHE23s9CdKJGXpnX2JLrNpZGuTtqKXwELJaltIr/2fkdhuzZmqHntrATCa2
8oDm6VSme/2wrAKDSrEi16fzMmbpJ1yNzVQq0TFvg0HH1saWzR84Hgx77QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFP142gU5xopb8aOPdnDYCXefH4o5MB8GA1UdIwQY
MBaAFOTbAwH+JGHG3j9xjYR8tdx8ALLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5zREFmNGtZY2JlUDNHTmhIeTEzSHdBc3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82ZTY0MDUtZGJlNy00MmIyLTg4N2Mt
ZmZkZWJlYzhmNTA1LzEvX1hqYUJUbkdpbHZ4bzQ5MmNOZ0pkNThmaWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82ZTY0MDUtZGJlNy00MmIyLTg4N2MtZmZkZWJlYzhmNTA1
LzEvNU5zREFmNGtZY2JlUDNHTmhIeTEzSHdBc3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDTVeQAwQA
W9iwAwQGXPlAAwQHsjYAAwQBwclQAwQCwgBYAwQCw0VUMA8EAgACMAkDBwAgAQZ8
KxQwDQYJKoZIhvcNAQELBQADggEBADp2SevvJxPZH2ANAX7WAcxuQIHUGHlQSXU7
jN4VUxFwq3NYSoj0D+VFKnybDZU+R+eV0XLy5Brfo9SCU3CJYc1zANxggGblk4By
spxCQx3vhhBJvr586JbUKFAnTmwiwtuGUFENB7NUxgwjYEOECuYELJVSJxvg6X1S
toT42cdXkLSHsTYneObvaVnbotKwwZatYQRR12d4NZm+8jMqPe+bM3YdmIXjgxx1
BZEG8jX1Wejoo8bobXJzIffJL+uGuK0zncFGk4hoozWHAxPFQz/oTLX90NltoDXl
34s4WcMOlvmUS74anifWrzKDwfY8C78IAYj1n8sHwlpei1vfQVY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:03:26 2025 by rpki-client