Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/HxTfLakaEJ_LVNn3ZqoJElNbHoQ.roa
File: HxTfLakaEJ_LVNn3ZqoJElNbHoQ.roa (raw, json)
Hash identifier: tPr0Odj47LnuFpxE16P/cF19VVsL1tXW82ffakF0EeE=
Subject key identifier: 1F:14:DF:2D:A9:1A:10:9F:CB:54:D9:F7:66:AA:09:12:53:5B:1E:84
Certificate issuer: /CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Certificate serial: 019425218893E1DC4B55AD0D5AE346E1FEF3
Authority key identifier: BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/HxTfLakaEJ_LVNn3ZqoJElNbHoQ.roa
Signing time: Thu 02 Jan 2025 03:49:02 +0000
ROA not before: Thu 02 Jan 2025 03:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42421
IP address blocks: 77.72.184.0/24 maxlen: 24
77.72.185.0/24 maxlen: 24
77.72.186.0/24 maxlen: 24
77.72.187.0/24 maxlen: 24
77.72.188.0/24 maxlen: 24
77.72.189.0/24 maxlen: 24
2a03:c6c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:88:93:e1:dc:4b:55:ad:0d:5a:e3:46:e1:fe:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Validity
Not Before: Jan 2 03:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f14df2da91a109fcb54d9f766aa0912535b1e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c7:0e:6e:99:e4:1b:e5:a8:29:e4:23:db:62:
20:67:7c:c2:aa:c8:ee:d3:21:7d:e5:57:89:d1:ae:
e0:20:52:e3:69:b1:05:aa:36:ba:03:37:99:a2:c5:
26:88:c4:f2:8f:57:f0:5c:9a:59:29:5a:33:96:f8:
38:be:6d:61:ee:d3:43:9d:97:7f:f1:d2:0d:9e:c2:
c9:45:3c:7c:8e:71:5a:8d:d8:3f:66:de:d4:ae:5d:
23:7a:71:ff:d5:02:43:c8:db:21:fd:50:00:f6:36:
69:39:3a:44:cd:31:a9:89:f7:a4:92:08:12:75:a5:
35:64:f3:06:d6:93:00:84:f8:b8:f2:0f:64:e9:2a:
89:75:11:c8:45:3f:15:31:91:86:09:e0:a7:02:bb:
0d:f8:69:21:65:5a:be:73:c3:30:9e:f1:de:35:f9:
fd:5a:d8:b1:48:38:85:be:cc:cb:90:6b:8c:bf:aa:
0e:ea:64:cf:7a:52:6d:92:c3:ae:28:ae:c0:60:d8:
a4:cd:8e:35:f9:cd:6d:71:65:ba:21:d9:ea:27:56:
a9:4d:cd:8b:01:01:bd:f6:ba:42:10:1e:10:7f:cc:
10:ca:c0:f6:c9:9f:53:f2:9a:c2:70:a4:c0:1b:82:
47:64:2e:05:c3:2a:9f:2f:92:1a:73:6c:a7:10:82:
22:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:14:DF:2D:A9:1A:10:9F:CB:54:D9:F7:66:AA:09:12:53:5B:1E:84
X509v3 Authority Key Identifier:
keyid:BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/HxTfLakaEJ_LVNn3ZqoJElNbHoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.184.0-77.72.189.255
IPv6:
2a03:c6c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:48:93:27:00:5a:a1:ae:e5:05:c6:38:4f:7e:ed:bb:3e:76:
ab:d7:36:93:ba:c7:34:4f:8d:9a:20:75:29:10:cb:7c:81:5a:
55:21:95:4d:ae:e4:a8:bf:ea:42:c3:85:3f:89:46:a4:ba:54:
ea:32:f0:1e:49:fe:80:7d:0f:5d:55:8a:41:17:a4:0c:50:20:
d0:6a:78:94:f4:56:cb:7e:37:b7:c8:a2:39:2a:6c:3c:f4:65:
dc:3c:5f:71:5d:a5:99:9f:59:4a:ae:a7:f7:ab:64:bd:da:50:
9f:ea:ea:c6:db:e6:0f:60:66:ee:5b:4f:dc:85:f8:66:96:af:
df:f7:db:95:4f:c9:33:36:23:0e:44:34:85:0c:a7:33:3d:31:
79:7a:65:38:ef:c7:1b:a7:cb:aa:05:1b:2f:fe:8d:db:e6:d8:
68:0b:35:93:d7:e3:42:e0:ed:97:6b:7a:00:dc:a7:bf:d0:7e:
48:64:0f:9d:49:e6:ee:46:91:68:79:0f:f7:55:22:7d:b0:e9:
1d:56:aa:96:a6:f9:1b:62:5c:db:3c:48:b6:ac:c7:eb:78:a2:
c3:84:67:66:34:d9:2c:7c:f4:89:e1:cb:0f:40:b0:71:af:ee:
62:ce:dd:90:9d:65:70:59:6d:50:48:ef:4b:a9:d2:fc:07:df:
a1:1a:af:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQlIYiT4dxLVa0NWuNG4f7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmE4ZWNjZDk3ZTk2MTg5ZmY2ZTMzY2YxMTBhNmM5YTQ3
NzQ1OWMwHhcNMjUwMTAyMDM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE0ZGYyZGE5MWExMDlmY2I1NGQ5Zjc2NmFhMDkxMjUzNWIxZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMcObpnkG+WoKeQj22IgZ3zCqsju
0yF95VeJ0a7gIFLjabEFqja6AzeZosUmiMTyj1fwXJpZKVozlvg4vm1h7tNDnZd/
8dINnsLJRTx8jnFajdg/Zt7Url0jenH/1QJDyNsh/VAA9jZpOTpEzTGpifekkggS
daU1ZPMG1pMAhPi48g9k6SqJdRHIRT8VMZGGCeCnArsN+GkhZVq+c8MwnvHeNfn9
WtixSDiFvszLkGuMv6oO6mTPelJtksOuKK7AYNikzY41+c1tcWW6IdnqJ1apTc2L
AQG99rpCEB4Qf8wQysD2yZ9T8prCcKTAG4JHZC4FwyqfL5Iac2ynEIIihQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8U3y2pGhCfy1TZ92aqCRJTWx6EMB8GA1UdIwQY
MBaAFLu6jszZfpYYn/bjPPEQpsmkd0WcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjIt
ZWU1YjUxNjhiZjJmLzEvSHhUZkxha2FFSl9MVk5uM1pxb0pFbE5iSG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjItZWU1YjUxNjhiZjJm
LzEvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBANNSLgD
BAFNSLwwDwQCAAIwCQMHACoDxsAAADANBgkqhkiG9w0BAQsFAAOCAQEAlkiTJwBa
oa7lBcY4T37tuz52q9c2k7rHNE+NmiB1KRDLfIFaVSGVTa7kqL/qQsOFP4lGpLpU
6jLwHkn+gH0PXVWKQRekDFAg0Gp4lPRWy343t8iiOSpsPPRl3DxfcV2lmZ9ZSq6n
96tkvdpQn+rqxtvmD2Bm7ltP3IX4Zpav3/fblU/JMzYjDkQ0hQynMz0xeXplOO/H
G6fLqgUbL/6N2+bYaAs1k9fjQuDtl2t6ANynv9B+SGQPnUnm7kaRaHkP91UifbDp
HVaqlqb5G2Jc2zxItqzH63iiw4RnZjTZLHz0ieHLD0Cwca/uYs7dkJ1lcFltUEjv
S6nS/AffoRqv0g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net