Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/qvYpsZQGhS3eiJYFcpoDInx2DkE.roa
File: qvYpsZQGhS3eiJYFcpoDInx2DkE.roa (raw, json)
Hash identifier: AzKXVpJ7rQhInqcKxYMIE20bjXuo9eJ0x8CLUXTV+A0=
Subject key identifier: AA:F6:29:B1:94:06:85:2D:DE:88:96:05:72:9A:03:22:7C:76:0E:41
Certificate issuer: /CN=88a62cf8100e8c1b475443fd94cd58d8ef2a33ae
Certificate serial: 01942144612A9F75B4FB8BBA50F6FB30675C
Authority key identifier: 88:A6:2C:F8:10:0E:8C:1B:47:54:43:FD:94:CD:58:D8:EF:2A:33:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKYs-BAOjBtHVEP9lM1Y2O8qM64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/qvYpsZQGhS3eiJYFcpoDInx2DkE.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201127
IP address blocks: 77.39.220.0/22 maxlen: 24
185.84.88.0/22 maxlen: 24
2a05:a3c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:61:2a:9f:75:b4:fb:8b:ba:50:f6:fb:30:67:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a62cf8100e8c1b475443fd94cd58d8ef2a33ae
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaf629b19406852dde889605729a03227c760e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6b:49:a3:05:13:29:ff:02:6b:a4:1e:22:f2:
8e:1f:af:c0:01:65:7f:db:dd:40:4e:47:45:c7:a9:
d5:3f:38:55:e7:be:aa:08:84:f2:67:06:80:0a:04:
33:2d:c6:4b:e1:eb:06:55:18:f1:8b:1f:23:b7:3a:
91:4a:dd:fa:21:67:11:90:d7:ff:db:83:48:77:bb:
8c:c8:8d:9c:0c:48:d6:db:ac:c9:83:22:3e:d6:c0:
b0:34:71:c2:ae:79:dc:b1:21:ab:ef:53:40:d2:79:
62:17:00:ed:80:aa:e8:99:82:46:d8:aa:16:84:73:
1e:85:af:44:43:98:4d:6d:1f:4c:0f:47:f6:b2:d0:
58:7b:e8:d0:4f:ab:cf:43:39:ad:bb:de:63:34:9c:
fc:e4:d3:66:14:92:e6:0d:a4:fb:4a:f8:99:5b:04:
6f:f7:42:ee:c4:00:49:be:f6:70:54:25:05:99:c1:
fb:7a:06:c4:b9:a0:70:3e:6a:c7:cb:34:09:75:82:
7e:7b:70:e4:8c:63:a0:01:fe:32:61:e7:bd:07:cf:
1f:9c:39:60:9d:09:c0:60:54:3f:03:42:8a:0b:5a:
69:8b:58:ff:a8:ed:fe:a8:d2:1f:66:a9:0b:ec:fd:
07:5c:d7:43:95:7b:14:1e:c5:44:91:89:f8:bb:87:
b1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F6:29:B1:94:06:85:2D:DE:88:96:05:72:9A:03:22:7C:76:0E:41
X509v3 Authority Key Identifier:
keyid:88:A6:2C:F8:10:0E:8C:1B:47:54:43:FD:94:CD:58:D8:EF:2A:33:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKYs-BAOjBtHVEP9lM1Y2O8qM64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/qvYpsZQGhS3eiJYFcpoDInx2DkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/iKYs-BAOjBtHVEP9lM1Y2O8qM64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.220.0/22
185.84.88.0/22
IPv6:
2a05:a3c0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:72:e0:bd:ab:c1:e3:36:cd:c8:67:e9:c9:6f:98:2c:9e:37:
f3:c8:62:47:87:9d:43:44:08:f6:48:6e:ac:30:70:2e:90:f7:
22:b2:f7:38:be:c7:f4:d8:b4:ee:97:4b:56:b8:ca:7a:8d:99:
a6:16:34:b3:3a:a4:68:ae:ad:0a:dd:a5:04:d7:04:e6:06:c8:
05:f9:0d:ad:ed:50:6b:ed:46:25:8c:2a:2c:33:a3:9c:db:75:
46:f5:2b:b9:e6:d5:98:32:c2:3e:e5:5e:62:80:f0:df:47:0a:
9e:1e:f8:df:0e:ca:12:fa:e1:52:53:fe:93:e1:a4:0f:29:67:
7d:44:f0:11:e0:c3:f3:c9:79:18:05:ae:22:de:74:f2:12:38:
0c:e4:1e:21:c2:e7:ce:67:98:c3:57:41:4e:97:cf:58:4c:70:
f1:bc:3d:b5:a8:5d:4b:ba:64:8e:6b:af:dc:d9:0e:1f:8d:c2:
dc:81:e8:72:e3:2a:12:04:20:d2:44:2a:f1:24:91:57:c4:f6:
08:6a:ae:8b:a2:26:58:6c:52:df:29:98:d2:5c:10:8b:0e:4f:
dd:32:9a:59:a2:59:21:66:a3:a6:a6:6d:8d:3f:ec:28:41:a7:
9f:08:e2:35:f4:8e:76:5b:cb:58:b3:d9:83:e5:ca:dd:2a:58:
2c:76:9c:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRGEqn3W0+4u6UPb7MGdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTYyY2Y4MTAwZThjMWI0NzU0NDNmZDk0Y2Q1OGQ4ZWYy
YTMzYWUwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWY2MjliMTk0MDY4NTJkZGU4ODk2MDU3MjlhMDMyMjdjNzYwZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmtJowUTKf8Ca6QeIvKOH6/AAWV/
291ATkdFx6nVPzhV576qCITyZwaACgQzLcZL4esGVRjxix8jtzqRSt36IWcRkNf/
24NId7uMyI2cDEjW26zJgyI+1sCwNHHCrnncsSGr71NA0nliFwDtgKromYJG2KoW
hHMeha9EQ5hNbR9MD0f2stBYe+jQT6vPQzmtu95jNJz85NNmFJLmDaT7SviZWwRv
90LuxABJvvZwVCUFmcH7egbEuaBwPmrHyzQJdYJ+e3DkjGOgAf4yYee9B88fnDlg
nQnAYFQ/A0KKC1ppi1j/qO3+qNIfZqkL7P0HXNdDlXsUHsVEkYn4u4exOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKr2KbGUBoUt3oiWBXKaAyJ8dg5BMB8GA1UdIwQY
MBaAFIimLPgQDowbR1RD/ZTNWNjvKjOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtZcy1CQU9qQnRIVkVQOWxNMVkyTzhxTTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lZWYwMzUtMjYyOS00ZTNlLWJlYmMt
MTVhMGRkZGQ3NDljLzEvcXZZcHNaUUdoUzNlaUpZRmNwb0RJbngyRGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lZWYwMzUtMjYyOS00ZTNlLWJlYmMtMTVhMGRkZGQ3NDlj
LzEvaUtZcy1CQU9qQnRIVkVQOWxNMVkyTzhxTTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTSfcAwQC
uVRYMA0EAgACMAcDBQMqBaPAMA0GCSqGSIb3DQEBCwUAA4IBAQA9cuC9q8HjNs3I
Z+nJb5gsnjfzyGJHh51DRAj2SG6sMHAukPcisvc4vsf02LTul0tWuMp6jZmmFjSz
OqRorq0K3aUE1wTmBsgF+Q2t7VBr7UYljCosM6Oc23VG9Su55tWYMsI+5V5igPDf
RwqeHvjfDsoS+uFSU/6T4aQPKWd9RPAR4MPzyXkYBa4i3nTyEjgM5B4hwufOZ5jD
V0FOl89YTHDxvD21qF1LumSOa6/c2Q4fjcLcgehy4yoSBCDSRCrxJJFXxPYIaq6L
oiZYbFLfKZjSXBCLDk/dMppZolkhZqOmpm2NP+woQaefCOI19I52W8tYs9mD5crd
Klgsdpz5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net