Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/Rjlay2bsLeiLaIl-NsumYdJm6Mk.roa
File: Rjlay2bsLeiLaIl-NsumYdJm6Mk.roa (raw, json)
Hash identifier: Nxxu/I2qHn6XTGTRcNBX012HcDX5qyNV7NJNim7iGOg=
Subject key identifier: 46:39:5A:CB:66:EC:2D:E8:8B:68:89:7E:36:CB:A6:61:D2:66:E8:C9
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 01942068251C51ECB42ECBB3CFF6F327C674
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/Rjlay2bsLeiLaIl-NsumYdJm6Mk.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29422
IP address blocks: 77.86.128.0/17 maxlen: 17
77.91.209.0/24 maxlen: 24
77.91.210.0/23 maxlen: 23
77.91.212.0/22 maxlen: 22
80.69.160.0/21 maxlen: 21
80.69.168.0/22 maxlen: 22
81.17.192.0/21 maxlen: 21
83.145.192.0/18 maxlen: 18
83.150.64.0/18 maxlen: 18
84.20.128.0/19 maxlen: 19
84.239.128.0/17 maxlen: 17
84.239.208.0/20 maxlen: 20
94.101.0.0/20 maxlen: 20
109.75.224.0/21 maxlen: 21
185.123.116.0/22 maxlen: 22
188.117.0.0/18 maxlen: 18
193.104.38.0/24 maxlen: 24
194.29.192.0/21 maxlen: 21
194.79.16.0/22 maxlen: 22
213.157.64.0/19 maxlen: 19
217.30.176.0/20 maxlen: 20
217.149.48.0/20 maxlen: 20
2001:67c:70::/48 maxlen: 48
2001:1bc8::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c0::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:25:1c:51:ec:b4:2e:cb:b3:cf:f6:f3:27:c6:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46395acb66ec2de88b68897e36cba661d266e8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5e:de:fb:36:4f:32:97:2d:da:88:f8:5a:86:
24:3d:f8:de:fd:a7:84:af:ee:4f:60:cc:5f:96:b8:
6c:b0:92:ba:f3:0c:f7:1f:94:47:b5:72:0b:ff:d8:
0c:f8:0b:af:b1:54:0d:1d:cb:cd:31:a1:96:ba:ee:
ff:ef:63:4d:dd:f6:48:62:95:27:dd:89:dc:c2:f9:
36:a8:06:b9:86:7f:29:f2:b8:95:64:5a:02:4f:1b:
ac:f1:a6:22:63:bb:b9:0d:a0:a3:ee:e7:f0:b7:8a:
93:fa:6d:36:cb:37:08:80:18:cf:9d:80:fd:23:55:
13:25:99:e0:5e:3f:1b:3c:27:df:20:f0:4c:8a:e8:
2e:17:69:9d:fa:56:7c:fc:a7:cb:57:dc:0a:cf:15:
13:ee:93:ba:50:47:ab:c8:b9:43:38:72:55:1d:fa:
97:73:38:09:2b:ac:35:cf:8f:d1:10:26:03:4c:f2:
c4:3c:e4:23:1a:b5:7a:aa:18:0f:92:95:26:03:0b:
71:08:bd:c4:5e:2d:97:b6:a8:0f:52:91:c0:7e:2d:
2d:67:f2:55:85:51:a0:54:2b:26:14:3f:38:9d:df:
44:e7:02:4f:32:f3:23:82:35:3d:26:af:14:54:6d:
11:03:a6:94:74:ae:1f:73:a2:a6:7d:02:85:1d:ec:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:39:5A:CB:66:EC:2D:E8:8B:68:89:7E:36:CB:A6:61:D2:66:E8:C9
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/Rjlay2bsLeiLaIl-NsumYdJm6Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.86.128.0/17
77.91.209.0-77.91.215.255
80.69.160.0-80.69.171.255
81.17.192.0/21
83.145.192.0/18
83.150.64.0/18
84.20.128.0/19
84.239.128.0/17
94.101.0.0/20
109.75.224.0/21
185.123.116.0/22
188.117.0.0/18
193.104.38.0/24
194.29.192.0/21
194.79.16.0/22
213.157.64.0/19
217.30.176.0/20
217.149.48.0/20
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:ad:b0:a7:95:f1:36:98:0b:eb:ac:ff:4e:e5:1e:b0:16:ac:
4e:60:b9:f4:98:2f:15:b1:77:67:bc:07:25:f6:35:72:06:22:
fb:ab:8c:6b:a7:50:67:72:8e:89:4b:6e:4f:b2:cf:34:87:ef:
4d:b5:4f:26:89:87:92:5f:3f:42:67:f6:0f:16:cd:20:98:5d:
eb:41:3d:00:8d:63:0c:3a:e7:4c:c3:96:58:8e:86:53:b0:78:
c0:9c:e2:e1:8f:dc:89:ba:90:a6:ca:71:2f:81:97:95:d9:d9:
d3:8f:fb:17:c5:d6:68:23:cd:7c:65:8e:61:ab:88:fe:99:d8:
6d:4f:24:16:86:8e:e3:de:4d:80:d8:e8:35:bf:9a:6c:4f:28:
c3:3b:e1:eb:d3:7b:26:3f:0b:0d:e7:92:c4:09:c0:90:5d:71:
f4:fe:ae:59:4f:31:68:bc:a2:9b:59:4a:40:f6:13:55:24:5f:
04:71:5d:18:a5:78:e2:c2:42:65:36:b0:f9:2a:ae:03:f9:fe:
54:07:fd:1d:a1:35:5a:a0:d7:9a:63:ab:aa:8f:13:1a:a1:a1:
c6:2f:60:7b:0e:ec:75:05:33:28:95:83:36:eb:34:a0:d4:40:
92:f0:f0:4e:d4:3f:a8:fa:71:4c:c6:6a:b5:8c:e6:51:50:c9:
f8:bf:e5:d4
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZQgaCUcUey0Lsuzz/bzJ8Z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjM5NWFjYjY2ZWMyZGU4OGI2ODg5N2UzNmNiYTY2MWQyNjZlOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV7e+zZPMpct2oj4WoYkPfje/aeE
r+5PYMxflrhssJK68wz3H5RHtXIL/9gM+AuvsVQNHcvNMaGWuu7/72NN3fZIYpUn
3Yncwvk2qAa5hn8p8riVZFoCTxus8aYiY7u5DaCj7ufwt4qT+m02yzcIgBjPnYD9
I1UTJZngXj8bPCffIPBMiuguF2md+lZ8/KfLV9wKzxUT7pO6UEeryLlDOHJVHfqX
czgJK6w1z4/RECYDTPLEPOQjGrV6qhgPkpUmAwtxCL3EXi2XtqgPUpHAfi0tZ/JV
hVGgVCsmFD84nd9E5wJPMvMjgjU9Jq8UVG0RA6aUdK4fc6KmfQKFHeww9QIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFEY5Wstm7C3oi2iJfjbLpmHSZujJMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvUmpsYXkyYnNMZWlMYUlsLU5zdW1ZZEptNk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBggQCAAEwfAMEB01W
gDAMAwQATVvRAwQDTVvQMAwDBAVQRaADBAJQRagDBANREcADBAZTkcADBAZTlkAD
BAVUFIADBAdU74ADBAReZQADBANtS+ADBAK5e3QDBAa8dQADBADBaCYDBAPCHcAD
BALCTxADBAXVnUADBATZHrADBATZlTAwHQQCAAIwFwMHACABBnwAcAMFAyABG8gD
BQMqAVHAMA0GCSqGSIb3DQEBCwUAA4IBAQACrbCnlfE2mAvrrP9O5R6wFqxOYLn0
mC8VsXdnvAcl9jVyBiL7q4xrp1Bnco6JS25Pss80h+9NtU8miYeSXz9CZ/YPFs0g
mF3rQT0AjWMMOudMw5ZYjoZTsHjAnOLhj9yJupCmynEvgZeV2dnTj/sXxdZoI818
ZY5hq4j+mdhtTyQWho7j3k2A2Og1v5psTyjDO+Hr03smPwsN55LECcCQXXH0/q5Z
TzFovKKbWUpA9hNVJF8EcV0YpXjiwkJlNrD5Kq4D+f5UB/0doTVaoNeaY6uqjxMa
oaHGL2B7Dux1BTMolYM26zSg1ECS8PBO1D+o+nFMxmq1jOZRUMn4v+XU
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:54:39 2025 by rpki-client