Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/9I8dngV1JT7KKjRI32gIyKSSyUk.roa
File: 9I8dngV1JT7KKjRI32gIyKSSyUk.roa (raw, json)
Hash identifier: mTvlNqWvha6TIOSslNPhqnseo6bfcEXwllcJxrieLVA=
Subject key identifier: F4:8F:1D:9E:05:75:25:3E:CA:2A:34:48:DF:68:08:C8:A4:92:C9:49
Certificate issuer: /CN=79646b38c3d87d33145b634b4e1dcc2145f6416c
Certificate serial: 0194236994066309F79E1706DE9C953DD873
Authority key identifier: 79:64:6B:38:C3:D8:7D:33:14:5B:63:4B:4E:1D:CC:21:45:F6:41:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eWRrOMPYfTMUW2NLTh3MIUX2QWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/9I8dngV1JT7KKjRI32gIyKSSyUk.roa
Signing time: Wed 01 Jan 2025 19:48:29 +0000
ROA not before: Wed 01 Jan 2025 19:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48424
IP address blocks: 77.32.240.0/24 maxlen: 24
77.32.242.0/24 maxlen: 24
77.32.244.0/24 maxlen: 24
77.32.245.0/24 maxlen: 24
77.32.246.0/24 maxlen: 24
91.210.240.0/24 maxlen: 24
91.210.241.0/24 maxlen: 24
91.210.242.0/24 maxlen: 24
91.210.243.0/24 maxlen: 24
95.182.25.0/24 maxlen: 24
95.182.27.0/24 maxlen: 24
95.182.28.0/24 maxlen: 24
95.182.29.0/24 maxlen: 24
95.182.31.0/24 maxlen: 24
185.48.176.0/24 maxlen: 24
185.48.177.0/24 maxlen: 24
185.48.178.0/24 maxlen: 24
185.48.179.0/24 maxlen: 24
188.95.24.0/24 maxlen: 24
188.95.25.0/24 maxlen: 24
188.95.26.0/24 maxlen: 24
188.95.27.0/24 maxlen: 24
188.95.28.0/24 maxlen: 24
188.95.29.0/24 maxlen: 24
188.95.30.0/24 maxlen: 24
188.95.31.0/24 maxlen: 24
188.164.240.0/24 maxlen: 24
188.164.241.0/24 maxlen: 24
188.164.242.0/24 maxlen: 24
188.164.243.0/24 maxlen: 24
188.164.244.0/24 maxlen: 24
188.164.245.0/24 maxlen: 24
188.164.246.0/24 maxlen: 24
188.164.247.0/24 maxlen: 24
2a02:5ac0::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:94:06:63:09:f7:9e:17:06:de:9c:95:3d:d8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79646b38c3d87d33145b634b4e1dcc2145f6416c
Validity
Not Before: Jan 1 19:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f48f1d9e0575253eca2a3448df6808c8a492c949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:48:2e:76:da:f7:9f:28:39:ba:e9:ef:47:41:
fa:b0:93:64:0e:69:58:6c:3e:64:88:bc:a3:fd:f9:
72:ad:53:3f:24:6c:f6:af:15:bd:8a:5d:34:07:5b:
a8:64:21:ce:32:8d:64:98:57:a7:27:06:e9:e2:81:
ac:7f:61:c5:b0:4d:0c:e6:32:d5:39:b0:63:e7:ba:
1a:2a:da:ba:d8:f9:99:1f:4c:d5:32:43:fb:ff:2a:
21:39:b5:86:f3:ed:20:10:d7:fc:2e:00:50:a3:0b:
3e:f5:80:b7:38:16:0d:1d:8c:06:9f:19:69:9d:29:
fe:39:ac:4b:13:16:e8:be:f1:8b:86:a4:53:f7:bc:
c3:b3:a2:99:b2:c3:2d:29:73:53:bb:af:b0:60:30:
9d:2e:13:13:90:a3:d5:d2:2c:20:6d:4a:7d:1b:b6:
29:24:ec:7c:18:48:29:ef:26:97:57:0f:e3:27:94:
cf:bd:26:14:84:60:50:13:a5:c6:62:7f:8b:fb:09:
fc:fd:56:8d:a7:0e:c1:f6:50:bf:a9:52:9b:35:8a:
92:9a:8c:b9:dc:a2:f1:f9:7f:eb:ef:00:76:1c:d0:
60:f7:40:3f:c8:23:09:6f:9b:85:14:43:de:a6:13:
61:00:1a:f9:65:6c:8a:93:de:1f:51:52:ee:4a:e9:
ef:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:8F:1D:9E:05:75:25:3E:CA:2A:34:48:DF:68:08:C8:A4:92:C9:49
X509v3 Authority Key Identifier:
keyid:79:64:6B:38:C3:D8:7D:33:14:5B:63:4B:4E:1D:CC:21:45:F6:41:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eWRrOMPYfTMUW2NLTh3MIUX2QWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/9I8dngV1JT7KKjRI32gIyKSSyUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b378e0-cf99-41b1-a38a-e136c989be33/1/eWRrOMPYfTMUW2NLTh3MIUX2QWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.32.240.0/24
77.32.242.0/24
77.32.244.0-77.32.246.255
91.210.240.0/22
95.182.25.0/24
95.182.27.0-95.182.29.255
95.182.31.0/24
185.48.176.0/22
188.95.24.0/21
188.164.240.0/21
IPv6:
2a02:5ac0::/33
Signature Algorithm: sha256WithRSAEncryption
0c:2c:d3:0d:c9:b6:77:bf:c2:38:9f:c3:04:f1:5c:d5:4e:01:
dd:75:40:c3:e8:c7:ea:fa:5a:f4:13:fd:b9:c5:39:0b:f3:ca:
94:1e:69:3a:b5:35:bf:87:38:bf:2b:c5:e1:9e:ae:ff:ea:dc:
10:50:ae:ac:eb:c2:a5:45:19:41:a3:bd:35:e5:53:32:5b:93:
01:d2:de:28:2c:67:88:a0:3d:42:4a:ba:82:7b:e7:6d:5d:09:
58:cd:68:57:0c:86:21:1f:71:c2:7f:8b:8c:3d:00:4a:e2:16:
5d:55:20:b6:60:12:22:37:52:b0:36:24:78:c4:63:9e:b4:2f:
f3:94:51:8a:86:e7:38:0d:ae:9b:9b:3e:61:19:06:09:3b:c0:
33:18:f4:77:1a:56:2d:6f:f4:71:01:78:0f:70:f5:78:12:9c:
b9:4d:fa:8e:f6:fb:5d:9d:77:ae:95:4e:96:4f:33:a5:52:d3:
41:c4:f4:98:3f:f2:33:4f:a8:e3:c6:3e:d8:d3:ed:13:79:c3:
3e:41:12:ab:7a:06:f3:88:27:b9:89:6c:c5:8b:47:01:8a:0d:
cb:a5:ff:c7:e6:45:0b:7d:2c:3c:a7:6b:65:5e:3f:9b:1f:89:
74:fe:92:6d:be:ab:8e:2f:e7:57:a0:7c:5b:65:15:44:8d:d5:
b6:83:76:b1
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQjaZQGYwn3nhcG3pyVPdhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NjQ2YjM4YzNkODdkMzMxNDViNjM0YjRlMWRjYzIxNDVm
NjQxNmMwHhcNMjUwMTAxMTk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDhmMWQ5ZTA1NzUyNTNlY2EyYTM0NDhkZjY4MDhjOGE0OTJjOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Egudtr3nyg5uunvR0H6sJNkDmlY
bD5kiLyj/flyrVM/JGz2rxW9il00B1uoZCHOMo1kmFenJwbp4oGsf2HFsE0M5jLV
ObBj57oaKtq62PmZH0zVMkP7/yohObWG8+0gENf8LgBQows+9YC3OBYNHYwGnxlp
nSn+OaxLExbovvGLhqRT97zDs6KZssMtKXNTu6+wYDCdLhMTkKPV0iwgbUp9G7Yp
JOx8GEgp7yaXVw/jJ5TPvSYUhGBQE6XGYn+L+wn8/VaNpw7B9lC/qVKbNYqSmoy5
3KLx+X/r7wB2HNBg90A/yCMJb5uFFEPephNhABr5ZWyKk94fUVLuSunvvQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPSPHZ4FdSU+yio0SN9oCMikkslJMB8GA1UdIwQY
MBaAFHlkazjD2H0zFFtjS04dzCFF9kFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVdSck9NUFlmVE1VVzJOTFRoM01JVVgyUVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iMzc4ZTAtY2Y5OS00MWIxLWEzOGEt
ZTEzNmM5ODliZTMzLzEvOUk4ZG5nVjFKVDdLS2pSSTMyZ0l5S1NTeVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iMzc4ZTAtY2Y5OS00MWIxLWEzOGEtZTEzNmM5ODliZTMz
LzEvZVdSck9NUFlmVE1VVzJOTFRoM01JVVgyUVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBSBAIAATBMAwQATSDwAwQA
TSDyMAwDBAJNIPQDBABNIPYDBAJb0vADBABfthkwDAMEAF+2GwMEAV+2HAMEAF+2
HwMEArkwsAMEA7xfGAMEA7yk8DAOBAIAAjAIAwYHKgJawAAwDQYJKoZIhvcNAQEL
BQADggEBAAws0w3Jtne/wjifwwTxXNVOAd11QMPox+r6WvQT/bnFOQvzypQeaTq1
Nb+HOL8rxeGerv/q3BBQrqzrwqVFGUGjvTXlUzJbkwHS3igsZ4igPUJKuoJ7521d
CVjNaFcMhiEfccJ/i4w9AEriFl1VILZgEiI3UrA2JHjEY560L/OUUYqG5zgNrpub
PmEZBgk7wDMY9HcaVi1v9HEBeA9w9XgSnLlN+o72+12dd66VTpZPM6VS00HE9Jg/
8jNPqOPGPtjT7RN5wz5BEqt6BvOIJ7mJbMWLRwGKDcul/8fmRQt9LDyna2VeP5sf
iXT+km2+q44v51egfFtlFUSN1baDdrE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:28:52 2025 by rpki-client