Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/9NDvzR_WKUQO196L-TBCfw3PmmA.roa
File: 9NDvzR_WKUQO196L-TBCfw3PmmA.roa (raw, json)
Hash identifier: SlohtJFQX/x4xoPn1zolb9U015gVcD0ydJW/eKvlMPs=
Subject key identifier: F4:D0:EF:CD:1F:D6:29:44:0E:D7:DE:8B:F9:30:42:7F:0D:CF:9A:60
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 01942143A4E143A72503E43AAD7CF5B0234E
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/9NDvzR_WKUQO196L-TBCfw3PmmA.roa
Signing time: Wed 01 Jan 2025 09:47:48 +0000
ROA not before: Wed 01 Jan 2025 09:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39040
IP address blocks: 77.95.120.0/24 maxlen: 24
77.95.120.0/26 maxlen: 26
77.95.120.64/26 maxlen: 26
77.95.120.128/27 maxlen: 27
77.95.120.160/27 maxlen: 27
77.95.120.192/26 maxlen: 26
194.187.89.0/24 maxlen: 24
194.187.90.0/23 maxlen: 23
2a02:388::/32 maxlen: 32
2a02:388:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:a4:e1:43:a7:25:03:e4:3a:ad:7c:f5:b0:23:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Jan 1 09:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4d0efcd1fd629440ed7de8bf930427f0dcf9a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:93:2c:ec:5b:e5:f3:be:73:4e:d2:81:d5:64:
e6:80:f9:8f:b6:47:97:65:2d:a8:ae:17:77:29:3b:
0d:c0:96:f4:dc:0b:d9:d9:61:a0:d6:e3:ef:89:a9:
ef:c2:da:7c:8f:98:5c:61:7c:79:10:08:c6:db:31:
a4:9a:8f:0a:99:3f:df:0f:02:96:8f:8e:8c:73:6a:
36:b3:34:8e:93:de:81:a0:35:0d:bd:4b:af:b9:9f:
f8:9c:46:24:45:fe:59:5e:a7:56:e9:62:f4:4d:fc:
76:db:b9:4c:5b:32:d2:92:37:d6:9c:65:be:a1:27:
2a:8e:9e:fa:1c:f0:bb:b1:04:09:32:1b:e2:4f:b1:
36:50:1b:99:e9:8c:3f:4d:c1:48:ac:bf:a1:9a:6a:
8e:10:39:1d:47:11:b0:18:ee:d4:d1:ae:e7:84:7d:
00:30:c5:bf:2e:eb:85:eb:00:e3:dc:b5:7d:4a:d7:
b4:77:dc:49:cc:70:aa:c4:bc:ed:8a:92:aa:af:fd:
3a:27:8c:92:00:4b:1f:07:9b:ce:b6:ff:d0:2b:9e:
ff:d3:40:fa:24:69:ce:f4:87:50:0d:a7:55:fb:23:
07:b3:5b:da:e3:37:a1:00:97:2d:74:38:44:be:61:
db:bb:ed:d7:32:f2:e4:d1:5b:72:94:20:73:a8:4f:
bc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D0:EF:CD:1F:D6:29:44:0E:D7:DE:8B:F9:30:42:7F:0D:CF:9A:60
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/9NDvzR_WKUQO196L-TBCfw3PmmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/24
194.187.89.0-194.187.91.255
IPv6:
2a02:388::/32
Signature Algorithm: sha256WithRSAEncryption
8e:8b:9c:ab:c9:20:9e:bb:53:a5:b0:bf:ab:5d:65:d8:32:80:
a3:73:d1:39:a1:7b:d2:16:be:f5:65:82:4b:7e:bb:94:2d:41:
1b:35:aa:f6:30:e8:eb:db:5f:1e:e0:12:67:cc:4e:6e:41:39:
4a:83:51:1b:4d:d3:b7:c0:cc:ec:cf:52:07:80:63:12:2a:0a:
a1:7f:44:6a:53:5f:3f:a2:6a:27:b0:ce:7b:25:33:f8:83:32:
ff:16:46:a8:b9:ce:95:a4:26:b7:4b:6a:74:34:5e:18:ef:a2:
41:9a:c1:0b:d2:17:f6:a5:fa:90:76:f6:1d:94:e8:49:b4:af:
10:d0:a8:be:af:03:fa:eb:f7:5f:80:f9:9a:77:f6:e5:e7:23:
f6:1b:b7:c5:84:14:30:72:43:2b:90:45:ee:8b:5b:08:e8:53:
e3:49:ca:5f:28:c0:7f:5c:53:0a:4d:27:84:1b:ce:0d:46:48:
11:bc:4c:8b:80:f0:ca:ce:30:97:5a:c4:1a:f6:da:a1:24:fd:
a8:d9:08:35:95:49:5e:05:80:5b:64:4c:5d:af:da:ae:48:82:
3b:82:40:d5:d5:65:48:90:ec:4a:14:cf:e8:94:67:57:2b:d9:
a7:9a:ab:31:67:f6:22:db:fa:d4:9b:03:8e:75:62:c3:da:85:
2c:01:6c:57
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQhQ6ThQ6clA+Q6rXz1sCNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjUwMTAxMDk0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQwZWZjZDFmZDYyOTQ0MGVkN2RlOGJmOTMwNDI3ZjBkY2Y5YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZMs7Fvl875zTtKB1WTmgPmPtkeX
ZS2orhd3KTsNwJb03AvZ2WGg1uPvianvwtp8j5hcYXx5EAjG2zGkmo8KmT/fDwKW
j46Mc2o2szSOk96BoDUNvUuvuZ/4nEYkRf5ZXqdW6WL0Tfx227lMWzLSkjfWnGW+
oScqjp76HPC7sQQJMhviT7E2UBuZ6Yw/TcFIrL+hmmqOEDkdRxGwGO7U0a7nhH0A
MMW/LuuF6wDj3LV9Ste0d9xJzHCqxLztipKqr/06J4ySAEsfB5vOtv/QK57/00D6
JGnO9IdQDadV+yMHs1va4zehAJctdDhEvmHbu+3XMvLk0VtylCBzqE+8eQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPTQ780f1ilEDtfei/kwQn8Nz5pgMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvOU5EdnpSX1dLVVFPMTk2TC1UQkNmdzNQbW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQATV94MAwD
BADCu1kDBALCu1gwDQQCAAIwBwMFACoCA4gwDQYJKoZIhvcNAQELBQADggEBAI6L
nKvJIJ67U6Wwv6tdZdgygKNz0Tmhe9IWvvVlgkt+u5QtQRs1qvYw6OvbXx7gEmfM
Tm5BOUqDURtN07fAzOzPUgeAYxIqCqF/RGpTXz+iaiewznslM/iDMv8WRqi5zpWk
JrdLanQ0XhjvokGawQvSF/al+pB29h2U6Em0rxDQqL6vA/rr91+A+Zp39uXnI/Yb
t8WEFDByQyuQRe6LWwjoU+NJyl8owH9cUwpNJ4Qbzg1GSBG8TIuA8MrOMJdaxBr2
2qEk/ajZCDWVSV4FgFtkTF2v2q5IgjuCQNXVZUiQ7EoUz+iUZ1cr2aeaqzFn9iLb
+tSbA451YsPahSwBbFc=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:02 2025 by rpki-client on console.sobornost.net