Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/cZTdH7vf_vUsZSA9Bkrj9O3ow_4.roa
File: cZTdH7vf_vUsZSA9Bkrj9O3ow_4.roa (raw, json)
Hash identifier: nta1g/RvN2MBRkggXlvKzqyMNronRUI3y0vVkrzhbVE=
Subject key identifier: 71:94:DD:1F:BB:DF:FE:F5:2C:65:20:3D:06:4A:E3:F4:ED:E8:C3:FE
Certificate issuer: /CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Certificate serial: 0194221F32FE99D4CE7691E4378DA30E1E01
Authority key identifier: 1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/cZTdH7vf_vUsZSA9Bkrj9O3ow_4.roa
Signing time: Wed 01 Jan 2025 13:47:37 +0000
ROA not before: Wed 01 Jan 2025 13:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53550
IP address blocks: 77.111.208.0/22 maxlen: 24
185.37.220.0/22 maxlen: 24
2a00:fa60::/32 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:32:fe:99:d4:ce:76:91:e4:37:8d:a3:0e:1e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Validity
Not Before: Jan 1 13:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7194dd1fbbdffef52c65203d064ae3f4ede8c3fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d1:bd:d3:9c:11:4a:fb:1b:65:1e:06:32:46:
4f:d8:6c:5e:8d:a3:e1:4e:03:0e:88:9b:f8:26:e0:
f6:78:60:12:4c:7a:79:6f:49:e5:8d:e5:23:c6:8e:
8b:97:9b:76:5f:a1:ae:38:d0:c2:c5:3a:62:9f:82:
2f:30:22:d6:39:32:46:35:8a:65:d3:70:86:64:5d:
62:a6:93:5b:16:25:43:a7:ec:40:40:94:c4:d1:a4:
94:d6:5f:4a:b7:36:6c:42:a9:5d:40:1a:a9:c6:99:
a9:5e:55:2d:a3:2e:23:4f:ff:a8:26:42:93:be:a9:
f5:f0:1f:aa:90:0e:0b:81:4c:28:9f:87:01:fb:94:
c5:b8:96:90:b0:3a:87:dc:9a:a2:83:e6:6b:fd:3c:
a8:df:05:d9:95:56:c1:1c:66:cd:0d:9d:63:5f:28:
b5:03:0d:4e:20:4d:b0:0f:8c:67:9a:7c:1f:77:b8:
d9:f9:2b:b0:85:ce:97:eb:b2:e6:22:34:20:b0:34:
35:67:00:c0:a8:49:6d:d3:4c:08:d5:da:b9:2c:b4:
df:1b:1b:6c:f9:50:9e:5b:fe:0f:f1:b5:60:c3:7c:
bb:c4:a6:01:c9:1e:4a:4b:b9:d7:ea:2a:75:51:11:
ef:62:7c:18:f9:65:ee:1e:c9:1e:fa:90:3a:30:a9:
9a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:94:DD:1F:BB:DF:FE:F5:2C:65:20:3D:06:4A:E3:F4:ED:E8:C3:FE
X509v3 Authority Key Identifier:
keyid:1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/cZTdH7vf_vUsZSA9Bkrj9O3ow_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.208.0/22
185.37.220.0/22
IPv6:
2a00:fa60::/32
Signature Algorithm: sha256WithRSAEncryption
5f:72:54:f7:92:3d:2d:8b:50:2c:8f:da:70:64:ba:e1:2e:79:
35:c0:0b:79:36:8f:71:4d:d8:d5:c5:db:7d:f9:7e:76:d9:10:
83:45:3d:31:74:ce:53:6f:70:99:2c:a2:3c:48:b4:92:e2:1c:
70:e9:95:7a:f0:a5:f4:bc:5a:3c:95:44:6b:4a:be:4f:15:21:
48:f2:aa:00:e2:c2:21:53:49:80:2a:73:f9:26:c1:2e:93:ad:
a4:e5:11:d3:14:9f:16:3c:bb:fe:72:b1:43:81:ce:d3:71:98:
dd:92:6c:b1:c0:7d:86:b2:f3:e6:b9:7c:ce:0a:6d:77:8e:e3:
81:cb:1d:01:9d:b1:b0:6d:5d:b0:f8:ec:ae:4f:92:0e:db:b3:
ea:75:5f:ad:da:24:0f:42:e4:35:43:c3:2f:bc:a7:f3:2d:1e:
e8:88:80:b9:66:05:17:d7:b2:3c:21:da:cc:99:cb:55:45:96:
08:5c:2a:50:74:0f:e4:eb:04:9c:6f:2b:9c:61:af:c8:f0:73:
f5:4f:bf:27:c9:6c:46:85:4b:7f:07:d3:31:bc:c5:92:92:e8:
ef:3a:0f:be:f8:d5:09:94:09:bd:7e:73:bd:ba:c8:4e:58:06:
6d:1a:04:a7:a3:d4:75:f8:1e:9e:8f:95:e2:6e:07:a7:8c:79:
6e:47:b2:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiHzL+mdTOdpHkN42jDh4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjkzMTJjZWE1YWE3NDM4YjRkOTBjMDgzNmM4MmYwNTBh
MmEwMGEwHhcNMjUwMTAxMTM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk0ZGQxZmJiZGZmZWY1MmM2NTIwM2QwNjRhZTNmNGVkZThjM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NG905wRSvsbZR4GMkZP2GxejaPh
TgMOiJv4JuD2eGASTHp5b0nljeUjxo6Ll5t2X6GuONDCxTpin4IvMCLWOTJGNYpl
03CGZF1ippNbFiVDp+xAQJTE0aSU1l9KtzZsQqldQBqpxpmpXlUtoy4jT/+oJkKT
vqn18B+qkA4LgUwon4cB+5TFuJaQsDqH3Jqig+Zr/Tyo3wXZlVbBHGbNDZ1jXyi1
Aw1OIE2wD4xnmnwfd7jZ+Suwhc6X67LmIjQgsDQ1ZwDAqElt00wI1dq5LLTfGxts
+VCeW/4P8bVgw3y7xKYByR5KS7nX6ip1URHvYnwY+WXuHske+pA6MKmacQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHGU3R+73/71LGUgPQZK4/Tt6MP+MB8GA1UdIwQY
MBaAFB75MSzqWqdDi02QwINsgvBQoqAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUt
MGI4MDFiZjgwZDUzLzEvY1pUZEg3dmZfdlVzWlNBOUJrcmo5TzNvd180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUtMGI4MDFiZjgwZDUz
LzEvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTW/QAwQC
uSXcMA0EAgACMAcDBQAqAPpgMA0GCSqGSIb3DQEBCwUAA4IBAQBfclT3kj0ti1As
j9pwZLrhLnk1wAt5No9xTdjVxdt9+X522RCDRT0xdM5Tb3CZLKI8SLSS4hxw6ZV6
8KX0vFo8lURrSr5PFSFI8qoA4sIhU0mAKnP5JsEuk62k5RHTFJ8WPLv+crFDgc7T
cZjdkmyxwH2GsvPmuXzOCm13juOByx0BnbGwbV2w+OyuT5IO27PqdV+t2iQPQuQ1
Q8MvvKfzLR7oiIC5ZgUX17I8IdrMmctVRZYIXCpQdA/k6wScbyucYa/I8HP1T78n
yWxGhUt/B9MxvMWSkujvOg+++NUJlAm9fnO9ushOWAZtGgSno9R1+B6ej5Xibgen
jHluR7J8
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:48 2025 by rpki-client on console.sobornost.net