Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/a4nCtFb8gS4fhvVOcSTSHXS8VdY.roa
File: a4nCtFb8gS4fhvVOcSTSHXS8VdY.roa (raw, json)
Hash identifier: HfZHdMI1lRZGkKS3cttqfsA0KnNxlMrClipPN3xW8uM=
Subject key identifier: 6B:89:C2:B4:56:FC:81:2E:1F:86:F5:4E:71:24:D2:1D:74:BC:55:D6
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0194236A2BC16A5CE7F23CFF1D31D46E4A12
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/a4nCtFb8gS4fhvVOcSTSHXS8VdY.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44112
IP address blocks: 77.222.32.0/24 maxlen: 24
77.222.36.0/22 maxlen: 24
77.222.40.0/21 maxlen: 24
77.222.48.0/20 maxlen: 24
77.222.48.0/23 maxlen: 24
2a02:408:7722::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:c1:6a:5c:e7:f2:3c:ff:1d:31:d4:6e:4a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b89c2b456fc812e1f86f54e7124d21d74bc55d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7b:0f:4f:93:0c:3d:41:93:bd:0c:19:3a:e7:
b5:df:cf:29:5e:f5:ab:22:ac:1c:04:19:18:71:57:
22:64:c4:4a:41:2e:b3:90:b5:62:c5:38:b4:cf:16:
a2:4f:a5:b2:c9:d1:c9:6d:4e:e3:bf:e2:47:ba:87:
01:38:fe:42:80:33:c4:88:a4:62:1a:71:93:6f:16:
e4:ea:2d:96:fe:57:94:df:09:a5:67:21:1b:cb:55:
44:13:60:75:2f:54:52:4f:64:26:97:e5:39:b5:5b:
84:19:ca:2d:41:81:19:78:13:a2:41:3e:2e:92:32:
ea:41:1b:6e:ec:61:2e:a3:56:13:98:32:fe:f6:61:
f6:db:d4:cd:91:d9:70:23:07:9c:a0:1c:25:6a:fb:
f1:ab:99:c1:ec:3e:1d:2f:c8:dc:ba:fe:e8:e3:96:
85:d8:a8:63:98:80:1d:81:d2:8d:9f:5d:4a:20:99:
94:5d:11:2d:8d:e3:dc:b5:b9:ef:56:d8:14:c7:6d:
2f:b6:89:70:52:96:c0:e5:62:2f:4d:f1:8e:f6:13:
e4:66:b2:33:86:ca:6c:62:67:f6:31:5f:51:80:bd:
20:df:f4:4a:f4:ce:bf:ef:0e:e4:cf:98:cf:fd:9c:
00:ae:4c:df:d3:27:83:3b:0c:bf:62:71:f4:cb:a5:
96:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:89:C2:B4:56:FC:81:2E:1F:86:F5:4E:71:24:D2:1D:74:BC:55:D6
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/a4nCtFb8gS4fhvVOcSTSHXS8VdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.32.0/24
77.222.36.0-77.222.63.255
IPv6:
2a02:408:7722::/48
Signature Algorithm: sha256WithRSAEncryption
50:30:01:72:79:fd:73:0f:d7:c8:c9:a0:06:39:2b:fc:5e:90:
36:cc:fa:7a:ab:59:fd:55:8e:41:1c:29:3f:5b:38:dd:fd:75:
c3:2e:d7:11:65:57:d7:c5:fb:47:ca:25:a8:8f:3e:71:29:1b:
49:88:a1:48:1b:5a:dc:05:53:2d:fe:77:6e:68:f6:fe:86:88:
e8:0f:39:84:e8:6d:3a:d5:6d:a8:df:3d:e3:5d:22:04:60:37:
e5:68:82:2c:d7:e9:1b:cb:e4:65:9b:4c:10:4c:25:99:7b:0f:
d3:c0:65:05:97:a4:f6:11:c4:1f:cf:40:1f:63:22:71:46:34:
2d:4f:11:7b:86:45:3c:eb:56:c4:f6:02:46:94:05:d8:38:f5:
ba:58:b3:50:14:14:2b:d1:cc:a0:9f:dc:1c:1f:7a:6d:22:5c:
8c:f9:01:17:14:6c:11:38:21:3a:47:7c:9c:f0:07:c1:52:03:
a1:1e:66:91:84:0d:12:71:91:4b:ed:0b:db:b6:c5:e4:ca:16:
95:aa:86:6b:2d:ff:92:bd:9c:39:dd:23:f6:f3:a3:ac:89:45:
9d:43:81:5b:f7:11:e2:da:e4:36:54:b9:01:22:cc:7b:5a:d0:
3c:1c:38:63:75:cc:39:ab:2b:f0:22:1f:65:b0:e3:2f:58:37:
9d:49:97:21
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQjaivBalzn8jz/HTHUbkoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg5YzJiNDU2ZmM4MTJlMWY4NmY1NGU3MTI0ZDIxZDc0YmM1NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3sPT5MMPUGTvQwZOue1388pXvWr
IqwcBBkYcVciZMRKQS6zkLVixTi0zxaiT6WyydHJbU7jv+JHuocBOP5CgDPEiKRi
GnGTbxbk6i2W/leU3wmlZyEby1VEE2B1L1RST2Qml+U5tVuEGcotQYEZeBOiQT4u
kjLqQRtu7GEuo1YTmDL+9mH229TNkdlwIwecoBwlavvxq5nB7D4dL8jcuv7o45aF
2KhjmIAdgdKNn11KIJmUXREtjePctbnvVtgUx20vtolwUpbA5WIvTfGO9hPkZrIz
hspsYmf2MV9RgL0g3/RK9M6/7w7kz5jP/ZwArkzf0yeDOwy/YnH0y6WWTQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFGuJwrRW/IEuH4b1TnEk0h10vFXWMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvYTRuQ3RGYjhnUzRmaHZWT2NTVFNIWFM4VmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQATd4gMAwD
BAJN3iQDBAZN3gAwDwQCAAIwCQMHACoCBAh3IjANBgkqhkiG9w0BAQsFAAOCAQEA
UDABcnn9cw/XyMmgBjkr/F6QNsz6eqtZ/VWOQRwpP1s43f11wy7XEWVX18X7R8ol
qI8+cSkbSYihSBta3AVTLf53bmj2/oaI6A85hOhtOtVtqN89410iBGA35WiCLNfp
G8vkZZtMEEwlmXsP08BlBZek9hHEH89AH2MicUY0LU8Re4ZFPOtWxPYCRpQF2Dj1
ulizUBQUK9HMoJ/cHB96bSJcjPkBFxRsETghOkd8nPAHwVIDoR5mkYQNEnGRS+0L
27bF5MoWlaqGay3/kr2cOd0j9vOjrIlFnUOBW/cR4trkNlS5ASLMe1rQPBw4Y3XM
Oasr8CIfZbDjL1g3nUmXIQ==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:41 2025 by rpki-client on console.sobornost.net