Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/B7T3sZebBoQYg5x0RYsPBj23iEo.roa
File: B7T3sZebBoQYg5x0RYsPBj23iEo.roa (raw, json)
Hash identifier: O9yZ4KZ+ahHkW7NK8lCiaskHOdR7GD8prEJOvXc4vRI=
Subject key identifier: 07:B4:F7:B1:97:9B:06:84:18:83:9C:74:45:8B:0F:06:3D:B7:88:4A
Certificate issuer: /CN=16f145727d34ae6607a615301283eeebd5d6291c
Certificate serial: 01941F8C9056B14EA7750D29BD27B22F8FDF
Authority key identifier: 16:F1:45:72:7D:34:AE:66:07:A6:15:30:12:83:EE:EB:D5:D6:29:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FvFFcn00rmYHphUwEoPu69XWKRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/B7T3sZebBoQYg5x0RYsPBj23iEo.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10310
IP address blocks: 77.238.189.0/24 maxlen: 25
2a00:1288:f03e::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:90:56:b1:4e:a7:75:0d:29:bd:27:b2:2f:8f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16f145727d34ae6607a615301283eeebd5d6291c
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07b4f7b1979b068418839c74458b0f063db7884a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:17:89:05:4d:dd:2b:f2:b7:2a:b1:4f:a7:15:
0a:98:4b:b2:c6:26:5e:fc:f1:dc:2a:42:3b:a0:c5:
cd:e2:7f:d4:67:73:45:b2:17:e2:75:77:74:76:78:
84:52:1a:95:26:cf:13:a6:74:ea:ff:c5:e5:e3:ef:
24:9e:19:dc:e7:7c:47:23:62:c9:77:b8:f6:48:c9:
bc:7b:d5:0c:28:2c:15:e7:9a:3f:e3:6a:47:5a:1a:
27:16:2a:17:ad:69:01:ba:c6:e8:d1:ba:a1:c1:cd:
05:8f:1f:7c:7d:b7:cf:5a:6b:85:f6:dd:b4:61:6c:
3c:c0:3f:b0:f7:b8:70:fd:50:99:e7:0a:f9:31:6d:
7f:65:6a:ce:c7:d6:2d:10:fb:7b:71:77:58:81:35:
e7:84:b4:cb:c2:bc:bc:f5:7d:23:df:ad:95:87:5d:
99:e4:f6:68:10:87:e1:8f:71:b2:2b:cd:30:bf:31:
d0:67:ce:76:f6:e5:80:01:13:62:b8:96:8e:eb:01:
1a:19:86:3e:5a:14:d4:27:8a:fe:a8:b8:21:c2:27:
10:cd:3b:9e:dd:27:22:ee:a2:a3:88:3e:66:fd:92:
a1:93:72:1d:76:fc:7e:15:95:9e:a1:96:1b:b2:6c:
1e:a8:9d:93:ef:2e:bf:15:0b:b1:43:6e:50:59:3d:
d1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B4:F7:B1:97:9B:06:84:18:83:9C:74:45:8B:0F:06:3D:B7:88:4A
X509v3 Authority Key Identifier:
keyid:16:F1:45:72:7D:34:AE:66:07:A6:15:30:12:83:EE:EB:D5:D6:29:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FvFFcn00rmYHphUwEoPu69XWKRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/B7T3sZebBoQYg5x0RYsPBj23iEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/FvFFcn00rmYHphUwEoPu69XWKRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.238.189.0/24
IPv6:
2a00:1288:f03e::/48
Signature Algorithm: sha256WithRSAEncryption
33:86:cf:2a:c1:90:24:b1:8f:f2:5b:36:62:42:ea:d1:00:6e:
57:59:32:76:24:20:00:a0:85:59:7a:24:74:4b:3f:96:f5:8b:
f0:f1:10:01:d0:fa:59:13:a4:2d:dc:fb:1e:f5:42:2d:af:09:
94:ae:53:49:35:59:d3:88:5b:41:fd:d1:84:50:88:c2:7a:5d:
f5:db:c8:9c:a9:e6:63:41:9d:0b:7a:3c:d0:e7:f0:24:24:3e:
33:5f:79:2a:0a:d4:38:db:7d:48:11:d9:6d:c4:74:2c:61:87:
b9:07:a9:46:cf:28:e5:73:60:e0:b8:f7:3a:8e:e3:c3:d0:91:
41:ab:d1:f4:5e:fe:2a:3c:68:b1:38:02:23:c2:b1:36:3c:5d:
ea:5d:65:12:af:b5:ca:33:69:cb:3c:fe:b5:10:06:3c:19:fe:
16:db:35:dd:42:c6:26:d5:e8:c9:ed:4c:f7:db:b7:5f:7d:7e:
43:df:55:39:d8:53:ba:22:89:bb:5a:4a:8d:c3:4a:ab:e1:12:
2b:88:fb:0b:eb:0d:9b:e8:44:a1:4c:f1:66:af:66:af:49:ef:
ff:6b:c8:8b:85:7e:18:10:3d:51:34:28:27:96:3c:39:a4:bb:
f2:bd:fe:ec:5e:b9:2c:b5:f5:34:66:92:45:f9:da:db:93:58:
d2:31:fd:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjJBWsU6ndQ0pvSeyL4/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZjE0NTcyN2QzNGFlNjYwN2E2MTUzMDEyODNlZWViZDVk
NjI5MWMwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2I0ZjdiMTk3OWIwNjg0MTg4MzljNzQ0NThiMGYwNjNkYjc4ODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsheJBU3dK/K3KrFPpxUKmEuyxiZe
/PHcKkI7oMXN4n/UZ3NFshfidXd0dniEUhqVJs8TpnTq/8Xl4+8knhnc53xHI2LJ
d7j2SMm8e9UMKCwV55o/42pHWhonFioXrWkBusbo0bqhwc0Fjx98fbfPWmuF9t20
YWw8wD+w97hw/VCZ5wr5MW1/ZWrOx9YtEPt7cXdYgTXnhLTLwry89X0j362Vh12Z
5PZoEIfhj3GyK80wvzHQZ8529uWAARNiuJaO6wEaGYY+WhTUJ4r+qLghwicQzTue
3Sci7qKjiD5m/ZKhk3Iddvx+FZWeoZYbsmweqJ2T7y6/FQuxQ25QWT3RMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAe097GXmwaEGIOcdEWLDwY9t4hKMB8GA1UdIwQY
MBaAFBbxRXJ9NK5mB6YVMBKD7uvV1ikcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnZGRmNuMDBybVlIcGhVd0VvUHU2OVhXS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82YzgwOGUtMDAxNS00ZDYyLTgxZDgt
ZWNiN2FlMjcyMmMxLzEvQjdUM3NaZWJCb1FZZzV4MFJZc1BCajIzaUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82YzgwOGUtMDAxNS00ZDYyLTgxZDgtZWNiN2FlMjcyMmMx
LzEvRnZGRmNuMDBybVlIcGhVd0VvUHU2OVhXS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQATe69MA8E
AgACMAkDBwAqABKI8D4wDQYJKoZIhvcNAQELBQADggEBADOGzyrBkCSxj/JbNmJC
6tEAbldZMnYkIACghVl6JHRLP5b1i/DxEAHQ+lkTpC3c+x71Qi2vCZSuU0k1WdOI
W0H90YRQiMJ6XfXbyJyp5mNBnQt6PNDn8CQkPjNfeSoK1DjbfUgR2W3EdCxhh7kH
qUbPKOVzYOC49zqO48PQkUGr0fRe/io8aLE4AiPCsTY8XepdZRKvtcozacs8/rUQ
BjwZ/hbbNd1CxibV6MntTPfbt199fkPfVTnYU7oiibtaSo3DSqvhEiuI+wvrDZvo
RKFM8WavZq9J7/9ryIuFfhgQPVE0KCeWPDmku/K9/uxeuSy19TRmkkX52tuTWNIx
/Qw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:34:59 2025 by rpki-client