Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/X8QaGYxkZPHdhH1mpB82GdlecEA.roa
File: X8QaGYxkZPHdhH1mpB82GdlecEA.roa (raw, json)
Hash identifier: 3EMglu+VZq26RhQAUEQ35HunGo4EzpXL4iftGlBpH7Y=
Subject key identifier: 5F:C4:1A:19:8C:64:64:F1:DD:84:7D:66:A4:1F:36:19:D9:5E:70:40
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 018A52DD3A002A02836DD18829414084DD34
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/X8QaGYxkZPHdhH1mpB82GdlecEA.roa
Signing time: Fri 01 Sep 2023 22:29:04 +0000
ROA not before: Fri 01 Sep 2023 22:29:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208308
IP address blocks: 77.223.200.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
79.139.64.0/23 maxlen: 24
79.139.84.0/22 maxlen: 24
198.14.16.0/20 maxlen: 24
77.223.192.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:dd:3a:00:2a:02:83:6d:d1:88:29:41:40:84:dd:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Sep 1 22:29:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fc41a198c6464f1dd847d66a41f3619d95e7040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0d:3a:27:b9:10:e8:6a:e1:e5:59:1c:df:35:
d1:7d:e1:ff:22:de:d4:a1:77:2c:85:0b:9a:0f:f1:
f6:a8:81:d3:29:3d:3e:3e:73:1a:72:3b:73:ac:a3:
6b:63:64:3a:d6:68:91:74:d5:4b:fb:c2:dc:cc:c3:
f3:a8:c5:86:5b:6f:30:23:2f:bf:ce:9e:83:f6:c8:
77:24:aa:e6:e2:ba:dd:00:58:a3:7d:33:e6:42:1e:
f4:04:a9:7f:ec:93:ab:d2:8a:e5:f0:84:c7:8e:31:
65:b9:9a:39:5a:6c:00:3d:d8:e8:c3:6d:a5:c9:58:
d7:0a:76:c8:24:01:8c:5c:15:5e:38:00:95:e2:aa:
1e:58:31:b0:92:15:c7:ef:e3:50:9a:7b:7f:3a:34:
65:0e:4a:bb:c5:a8:2b:cf:68:e9:3c:a2:ef:91:b2:
90:91:f3:e1:2f:b5:80:a6:18:e0:65:45:44:bf:d7:
dc:97:a5:67:63:d6:2a:a6:c5:d7:e1:93:84:d3:66:
a4:c4:a1:fd:b6:18:64:07:7b:48:0d:68:a7:67:9b:
eb:39:9a:19:c6:78:0c:43:43:17:eb:4c:9f:26:a5:
a1:09:b6:0d:af:f9:5e:bb:f9:fa:f9:c7:21:47:10:
9a:c2:86:7c:fe:af:f1:a1:80:42:36:68:28:63:22:
b7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C4:1A:19:8C:64:64:F1:DD:84:7D:66:A4:1F:36:19:D9:5E:70:40
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/X8QaGYxkZPHdhH1mpB82GdlecEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
79.139.84.0/22
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
Signature Algorithm: sha256WithRSAEncryption
65:e9:41:8a:19:27:0b:21:24:6e:04:e1:7c:29:43:dc:fb:5b:
c8:fe:f1:77:c1:67:0c:0e:49:7f:63:83:70:9d:aa:03:8f:85:
00:7d:7d:cf:c1:ed:01:15:b0:39:66:7d:54:6b:1a:0a:37:c5:
7a:74:e4:91:97:6b:2c:03:ef:44:93:35:6c:13:f0:3a:28:1d:
73:80:71:74:1e:45:c2:29:61:76:b8:fa:65:ca:14:e6:7c:b1:
ee:84:3d:11:11:60:29:84:61:17:4d:dd:f2:e2:15:9c:be:6f:
f5:23:d9:b6:3b:94:ab:ed:10:4b:a8:03:b9:23:f0:6d:eb:f8:
66:cc:e3:42:35:e1:48:03:f1:55:3e:ac:c9:b4:ee:ca:84:b8:
f6:01:aa:1a:88:9b:2e:a3:0a:9e:16:f2:c8:9d:25:c3:3a:61:
da:32:a0:a1:f1:9f:ec:33:32:aa:f7:fd:a5:6a:8f:82:dc:be:
37:6a:c3:06:8f:b2:fa:5f:cd:b8:79:77:97:e0:ac:1f:81:35:
be:8b:0b:36:d8:94:ac:21:54:9f:7d:5a:46:c6:8f:b2:cf:82:
37:6f:50:73:19:c4:83:30:21:2d:fe:ff:5a:83:49:2b:b6:32:
a2:07:c0:83:de:1c:fe:20:5f:51:a8:30:fa:dc:e6:ac:64:18:
ee:3b:34:a4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYpS3ToAKgKDbdGIKUFAhN00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwOTAxMjIyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmM0MWExOThjNjQ2NGYxZGQ4NDdkNjZhNDFmMzYxOWQ5NWU3MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw06J7kQ6Grh5Vkc3zXRfeH/It7U
oXcshQuaD/H2qIHTKT0+PnMacjtzrKNrY2Q61miRdNVL+8LczMPzqMWGW28wIy+/
zp6D9sh3JKrm4rrdAFijfTPmQh70BKl/7JOr0orl8ITHjjFluZo5WmwAPdjow22l
yVjXCnbIJAGMXBVeOACV4qoeWDGwkhXH7+NQmnt/OjRlDkq7xagrz2jpPKLvkbKQ
kfPhL7WAphjgZUVEv9fcl6VnY9YqpsXX4ZOE02akxKH9thhkB3tIDWinZ5vrOZoZ
xngMQ0MX60yfJqWhCbYNr/leu/n6+cchRxCawoZ8/q/xoYBCNmgoYyK3cwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF/EGhmMZGTx3YR9ZqQfNhnZXnBAMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvWDhRYUdZeGtaUEhkaEgxbXBCODJHZGxlY0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAZN38AD
BAFN38gDBAFPi0ADBAJPi1QDBAKw3jADBAOy2LgDBATGDhAwDQYJKoZIhvcNAQEL
BQADggEBAGXpQYoZJwshJG4E4XwpQ9z7W8j+8XfBZwwOSX9jg3CdqgOPhQB9fc/B
7QEVsDlmfVRrGgo3xXp05JGXaywD70STNWwT8DooHXOAcXQeRcIpYXa4+mXKFOZ8
se6EPRERYCmEYRdN3fLiFZy+b/Uj2bY7lKvtEEuoA7kj8G3r+GbM40I14UgD8VU+
rMm07sqEuPYBqhqImy6jCp4W8sidJcM6YdoyoKHxn+wzMqr3/aVqj4LcvjdqwwaP
svpfzbh5d5fgrB+BNb6LCzbYlKwhVJ99WkbGj7LPgjdvUHMZxIMwIS3+/1qDSSu2
MqIHwIPeHP4gX1GoMPrc5qxkGO47NKQ=
-----END CERTIFICATE-----
Generated at Sun May 11 12:27:12 2025 by rpki-client