Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Rb9wx66yMsT57KgysgPxTyQwLFo.roa
File: Rb9wx66yMsT57KgysgPxTyQwLFo.roa (raw, json)
Hash identifier: oMR4pbnfLKOJPLTSlz3MKs04aDxc3EyHqskg/IzeXV0=
Subject key identifier: 45:BF:70:C7:AE:B2:32:C4:F9:EC:A8:32:B2:03:F1:4F:24:30:2C:5A
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747EB70437919BCD2EB015199740D3A
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Rb9wx66yMsT57KgysgPxTyQwLFo.roa
Signing time: Thu 02 Jan 2025 13:50:12 +0000
ROA not before: Thu 02 Jan 2025 13:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43202
IP address blocks: 77.85.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:eb:70:43:79:19:bc:d2:eb:01:51:99:74:0d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45bf70c7aeb232c4f9eca832b203f14f24302c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:f1:f8:62:79:e5:a1:62:12:86:0f:0b:9a:
23:c8:56:4a:03:9c:83:f2:fc:01:ae:17:2c:9d:d6:
22:21:57:ea:18:12:18:cd:1d:d7:62:13:81:fa:f6:
35:ba:48:b8:ae:1a:c7:fa:f5:b6:b5:a1:ff:11:05:
89:ed:90:e2:52:92:06:a0:88:4f:75:01:06:88:68:
72:6e:3e:76:f5:5d:08:67:e2:0e:c3:de:31:72:e8:
6f:36:15:d0:b8:11:d6:13:fe:5c:04:98:22:45:4c:
53:4e:34:fa:00:c0:90:d3:18:85:f8:ea:bb:ff:a6:
3a:a9:c0:54:b1:7d:40:f7:94:6b:2b:9a:78:05:c6:
8a:63:ef:3a:ae:cb:35:bb:a0:c3:8e:0c:c1:ff:87:
db:c6:47:64:56:54:30:0d:6a:8a:af:18:13:c0:e4:
85:8e:be:f6:4a:6a:aa:a0:5f:be:8d:cd:07:eb:0a:
fa:31:52:36:5a:35:92:d7:74:6f:a6:ee:5b:fb:ad:
c6:1d:b6:f8:70:e8:08:25:90:fd:c0:3e:90:a8:ca:
c8:32:e3:da:6d:17:5a:53:f4:01:de:21:b5:d2:28:
b7:7b:4a:0e:78:02:4e:69:69:3d:37:32:72:b3:6d:
d9:a5:38:74:03:46:89:64:6f:3f:3e:cf:bc:d8:41:
85:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BF:70:C7:AE:B2:32:C4:F9:EC:A8:32:B2:03:F1:4F:24:30:2C:5A
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Rb9wx66yMsT57KgysgPxTyQwLFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.174.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:82:db:81:63:af:2c:a4:62:1a:d6:fc:77:26:5f:f9:73:fb:
87:25:c4:e5:56:05:33:c6:59:80:8b:91:ec:6f:62:e8:84:2b:
b2:38:7c:18:02:85:7d:6c:cf:f9:ab:d5:4b:66:3b:00:0d:4f:
16:64:cf:4a:83:d2:0c:f9:4f:ef:d7:36:58:99:be:ec:7b:a6:
ad:2d:50:3b:89:70:c1:21:e1:cc:ac:51:0b:08:06:c0:57:30:
e3:95:d9:b2:4a:13:94:dc:3c:b8:05:52:e9:58:4a:75:4f:a9:
0c:9e:d9:75:eb:41:46:d4:5b:2e:23:0a:78:0f:fa:2b:89:31:
53:4f:fa:47:8f:1b:1f:da:e4:f3:33:ef:17:ec:bf:eb:d1:86:
3c:40:73:c4:34:d5:8a:c9:a6:55:98:d3:72:cd:74:0c:d8:c0:
a4:be:39:c3:b9:f2:dd:1b:64:dd:6b:1d:49:27:e4:80:a6:15:
aa:08:5e:6a:8a:de:dc:4f:b5:80:fd:af:cb:b0:69:e9:ba:90:
a3:a3:e4:49:55:34:ba:ce:ea:3b:b1:41:dd:4e:53:cd:49:94:
35:b4:ed:5a:5c:2c:04:6b:ff:a9:38:2f:05:36:7a:09:93:fc:
3e:02:ca:60:f2:af:eb:3f:b2:6b:eb:55:58:9b:28:23:3e:44:
24:38:d4:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR+twQ3kZvNLrAVGZdA06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJmNzBjN2FlYjIzMmM0ZjllY2E4MzJiMjAzZjE0ZjI0MzAyYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk7x+GJ55aFiEoYPC5ojyFZKA5yD
8vwBrhcsndYiIVfqGBIYzR3XYhOB+vY1uki4rhrH+vW2taH/EQWJ7ZDiUpIGoIhP
dQEGiGhybj529V0IZ+IOw94xcuhvNhXQuBHWE/5cBJgiRUxTTjT6AMCQ0xiF+Oq7
/6Y6qcBUsX1A95RrK5p4BcaKY+86rss1u6DDjgzB/4fbxkdkVlQwDWqKrxgTwOSF
jr72SmqqoF++jc0H6wr6MVI2WjWS13Rvpu5b+63GHbb4cOgIJZD9wD6QqMrIMuPa
bRdaU/QB3iG10ii3e0oOeAJOaWk9NzJys23ZpTh0A0aJZG8/Ps+82EGFPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEW/cMeusjLE+eyoMrID8U8kMCxaMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvUmI5d3g2NnlNc1Q1N0tneXNnUHhUeVF3TEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVWuMA0G
CSqGSIb3DQEBCwUAA4IBAQC0gtuBY68spGIa1vx3Jl/5c/uHJcTlVgUzxlmAi5Hs
b2LohCuyOHwYAoV9bM/5q9VLZjsADU8WZM9Kg9IM+U/v1zZYmb7se6atLVA7iXDB
IeHMrFELCAbAVzDjldmyShOU3Dy4BVLpWEp1T6kMntl160FG1FsuIwp4D/oriTFT
T/pHjxsf2uTzM+8X7L/r0YY8QHPENNWKyaZVmNNyzXQM2MCkvjnDufLdG2Tdax1J
J+SAphWqCF5qit7cT7WA/a/LsGnpupCjo+RJVTS6zuo7sUHdTlPNSZQ1tO1aXCwE
a/+pOC8FNnoJk/w+Aspg8q/rP7Jr61VYmygjPkQkONQu
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:52:24 2025 by rpki-client