Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/bAMnl2_6RRTmNV4zQKgmKBPIhlw.roa
File: bAMnl2_6RRTmNV4zQKgmKBPIhlw.roa (raw, json)
Hash identifier: V9YqmjnltEXUALOTq/OVrSw9uYwMaY1gDtJwBPznHa8=
Subject key identifier: 6C:03:27:97:6F:FA:45:14:E6:35:5E:33:40:A8:26:28:13:C8:86:5C
Certificate issuer: /CN=7ebb888f2b99de9972e2446eba058ab8e2cd7b3f
Certificate serial: 0194228DDB0622F749E77B9CAF5D0FB55071
Authority key identifier: 7E:BB:88:8F:2B:99:DE:99:72:E2:44:6E:BA:05:8A:B8:E2:CD:7B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/bAMnl2_6RRTmNV4zQKgmKBPIhlw.roa
Signing time: Wed 01 Jan 2025 15:48:29 +0000
ROA not before: Wed 01 Jan 2025 15:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216018
IP address blocks: 185.77.88.0/24 maxlen: 24
185.77.91.0/24 maxlen: 24
2a05:60c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:db:06:22:f7:49:e7:7b:9c:af:5d:0f:b5:50:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ebb888f2b99de9972e2446eba058ab8e2cd7b3f
Validity
Not Before: Jan 1 15:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c0327976ffa4514e6355e3340a8262813c8865c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:30:f4:9d:f5:3e:4f:45:03:25:59:ef:aa:b8:
9b:69:f6:fb:dc:19:f1:ec:d0:2c:bc:44:47:a9:2a:
fe:2c:ee:fd:ae:d4:3e:e3:de:b0:1d:e4:e9:71:a2:
6c:a4:0c:31:18:40:96:26:bb:e9:f1:d3:93:37:1c:
3e:18:c5:a3:6a:19:48:98:b5:5b:8c:4f:2c:f1:3f:
b4:46:52:69:3a:84:5b:f9:33:ec:22:82:dd:87:8b:
59:c5:f0:35:55:66:10:0e:27:62:a0:fd:0f:91:f7:
96:8e:ce:ae:9c:90:24:1c:28:61:43:ed:08:11:de:
69:30:11:a6:da:1e:08:19:a5:53:d5:1e:01:56:cf:
9f:34:82:8f:e7:c6:b1:ff:9d:38:bc:6b:f6:1f:3b:
63:72:f5:ce:19:a9:24:2c:8d:e8:74:72:a7:13:81:
f1:b9:dd:15:ae:ad:59:fb:80:95:72:68:f3:75:09:
16:c0:eb:30:52:64:d3:91:04:76:c4:ec:c1:19:ba:
95:b5:86:a3:e8:4c:79:21:85:31:fa:9c:3e:86:3b:
57:84:d1:53:3a:8f:33:db:2a:36:cb:9c:7b:45:d3:
5b:ad:db:e0:42:c2:16:3d:c1:07:1b:7e:a1:5f:e9:
11:33:07:14:7a:2a:72:f3:18:35:97:d7:d9:11:cd:
54:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:03:27:97:6F:FA:45:14:E6:35:5E:33:40:A8:26:28:13:C8:86:5C
X509v3 Authority Key Identifier:
keyid:7E:BB:88:8F:2B:99:DE:99:72:E2:44:6E:BA:05:8A:B8:E2:CD:7B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/bAMnl2_6RRTmNV4zQKgmKBPIhlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/fruIjyuZ3ply4kRuugWKuOLNez8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.88.0/24
185.77.91.0/24
IPv6:
2a05:60c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
42:4d:b8:b5:36:35:a0:42:a9:3d:f1:44:86:f9:90:30:d1:52:
f7:0e:3b:da:84:d7:d5:54:57:22:41:95:1f:0c:f6:d2:7b:9f:
f5:96:86:6b:6e:f0:7f:ba:04:93:60:fe:92:79:24:b8:8a:ce:
55:e5:1e:c1:44:78:2a:80:da:7b:d5:29:fa:6c:f7:ad:e1:1c:
54:fa:40:ae:19:a9:bf:24:20:2a:a9:8e:36:ff:84:cb:b3:c2:
d0:d1:26:eb:46:d4:82:7a:a5:6d:21:2d:b1:43:41:c9:3b:66:
33:78:cf:35:59:00:91:33:b9:cb:db:0a:6b:c6:ec:c8:6d:8d:
bb:6d:9e:0b:cb:f5:f1:84:87:57:12:ea:de:de:35:fb:d0:71:
a6:af:b7:ca:bd:2e:ff:f7:7e:37:23:ee:f1:a6:cd:e8:e5:d8:
48:bb:24:1c:ef:48:71:34:a3:bd:73:1a:46:d3:e9:bf:31:fc:
ef:8e:e0:86:7b:8e:bf:25:57:7c:89:04:aa:19:f4:a1:0c:85:
a2:cb:7e:db:69:52:c8:7f:d4:8a:34:62:28:d6:1c:fe:a0:7d:
5b:63:38:2a:63:9d:e7:5f:4e:f1:c0:dc:4a:2d:ed:b8:a5:46:
34:57:e0:9e:41:69:3e:5c:4b:88:50:77:93:78:52:67:a7:58:
a3:63:9f:3b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijdsGIvdJ53ucr10PtVBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYmI4ODhmMmI5OWRlOTk3MmUyNDQ2ZWJhMDU4YWI4ZTJj
ZDdiM2YwHhcNMjUwMTAxMTU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzAzMjc5NzZmZmE0NTE0ZTYzNTVlMzM0MGE4MjYyODEzYzg4NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjD0nfU+T0UDJVnvqribafb73Bnx
7NAsvERHqSr+LO79rtQ+496wHeTpcaJspAwxGECWJrvp8dOTNxw+GMWjahlImLVb
jE8s8T+0RlJpOoRb+TPsIoLdh4tZxfA1VWYQDidioP0PkfeWjs6unJAkHChhQ+0I
Ed5pMBGm2h4IGaVT1R4BVs+fNIKP58ax/504vGv2HztjcvXOGakkLI3odHKnE4Hx
ud0Vrq1Z+4CVcmjzdQkWwOswUmTTkQR2xOzBGbqVtYaj6Ex5IYUx+pw+hjtXhNFT
Oo8z2yo2y5x7RdNbrdvgQsIWPcEHG36hX+kRMwcUeipy8xg1l9fZEc1UrwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGwDJ5dv+kUU5jVeM0CoJigTyIZcMB8GA1UdIwQY
MBaAFH67iI8rmd6ZcuJEbroFirjizXs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJ1SWp5dVozcGx5NGtSdXVnV0t1T0xOZXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lMWIzNGEtZjM4OC00ZGRkLTkyY2Qt
ZTFjMGE0ZDA0OTE3LzEvYkFNbmwyXzZSUlRtTlY0elFLZ21LQlBJaGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9lMWIzNGEtZjM4OC00ZGRkLTkyY2QtZTFjMGE0ZDA0OTE3
LzEvZnJ1SWp5dVozcGx5NGtSdXVnV0t1T0xOZXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuU1YAwQA
uU1bMA8EAgACMAkDBwAqBWDAAAIwDQYJKoZIhvcNAQELBQADggEBAEJNuLU2NaBC
qT3xRIb5kDDRUvcOO9qE19VUVyJBlR8M9tJ7n/WWhmtu8H+6BJNg/pJ5JLiKzlXl
HsFEeCqA2nvVKfps963hHFT6QK4Zqb8kICqpjjb/hMuzwtDRJutG1IJ6pW0hLbFD
Qck7ZjN4zzVZAJEzucvbCmvG7MhtjbttngvL9fGEh1cS6t7eNfvQcaavt8q9Lv/3
fjcj7vGmzejl2Ei7JBzvSHE0o71zGkbT6b8x/O+O4IZ7jr8lV3yJBKoZ9KEMhaLL
fttpUsh/1Io0YijWHP6gfVtjOCpjnedfTvHA3Eot7bilRjRX4J5BaT5cS4hQd5N4
UmenWKNjnzs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:15 2025 by rpki-client on console.sobornost.net