Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tHjp2XQk-GJmfdIii5-GUJJhF7c.roa
File: tHjp2XQk-GJmfdIii5-GUJJhF7c.roa (raw, json)
Hash identifier: uCQHnHAoOL8dbaR83Z7pi4Hj0a+5ff89CKhQniDidaA=
Subject key identifier: B4:78:E9:D9:74:24:F8:62:66:7D:D2:22:8B:9F:86:50:92:61:17:B7
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195C73ABC961764FD7F5FAB43DE5FB06D78
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tHjp2XQk-GJmfdIii5-GUJJhF7c.roa
Signing time: Mon 24 Mar 2025 08:17:50 +0000
ROA not before: Mon 24 Mar 2025 08:17:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214771
IP address blocks: 77.90.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:3a:bc:96:17:64:fd:7f:5f:ab:43:de:5f:b0:6d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 24 08:17:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b478e9d97424f862667dd2228b9f8650926117b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:09:a6:32:46:ca:3c:6c:8c:a7:e7:c7:c5:5f:
66:9d:61:ee:d9:b6:10:5e:fd:f0:cc:57:12:bf:34:
21:54:e1:72:f5:eb:fe:f5:70:e5:08:9b:f8:18:f9:
8c:6d:e5:46:07:2b:94:a6:ac:47:38:3d:14:5d:68:
19:88:7b:56:aa:5c:11:bc:07:7d:14:0f:2a:b2:83:
2c:af:a6:b9:d7:fa:fa:1c:8c:07:52:bc:32:e2:06:
52:58:39:fd:84:c6:ae:f7:a6:7b:f9:49:49:cd:f0:
91:53:2f:9c:30:c6:ae:ca:b8:04:33:3a:dc:e6:3e:
d7:33:cf:93:23:7f:cc:8a:d9:61:2a:25:30:f8:97:
98:bb:c5:e2:53:89:97:c1:03:d6:b8:05:4c:64:bf:
98:78:24:a9:e2:2c:c4:8d:30:2c:34:f2:3b:21:60:
ce:b4:8a:bc:fa:47:32:4f:6b:87:22:81:f0:56:df:
51:6e:57:7b:42:48:30:21:7a:80:ab:e4:36:71:ef:
f3:fb:1d:35:39:3b:8f:1f:f4:b4:c0:94:64:fe:f7:
44:6c:05:01:7c:52:17:e9:52:f6:f7:64:45:f8:56:
c4:5c:d3:98:e7:d4:2f:43:0d:7e:f9:29:7c:a9:75:
71:a0:65:dd:d8:7b:3d:ad:f4:09:57:01:ab:b1:5a:
3d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:78:E9:D9:74:24:F8:62:66:7D:D2:22:8B:9F:86:50:92:61:17:B7
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tHjp2XQk-GJmfdIii5-GUJJhF7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.20.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:26:d1:a7:31:26:c5:8b:13:74:ba:3a:3f:9a:ea:23:4c:49:
cc:a3:78:d0:f3:51:68:9b:ad:1a:8b:fd:88:8f:b6:b6:3b:0b:
68:06:82:ec:c5:fd:0d:8e:9d:a6:e0:84:f3:99:ff:c4:41:b6:
de:32:a0:0b:be:06:af:96:b7:c0:d9:4e:2e:eb:73:65:fd:ee:
c3:1a:10:d5:7f:1b:c4:a9:6d:19:85:5d:b5:84:81:ed:5a:d6:
ad:71:37:f2:47:2c:cf:1c:63:2a:7a:cb:38:a8:6c:09:fb:99:
d0:18:b6:61:23:98:cb:0b:d4:22:27:43:bb:e7:b7:e8:66:b9:
22:5e:42:21:11:ea:cb:04:42:51:31:f0:71:d8:e2:21:6d:7c:
e8:fb:b7:e6:fc:7b:5b:81:93:a1:fc:ea:6c:26:5d:09:73:8f:
16:3c:33:a5:92:3b:1e:54:fa:2a:a1:01:ce:b9:ef:ef:fb:56:
8b:27:91:76:59:f7:f2:8c:f8:e0:42:7b:49:18:e3:ba:d1:6e:
9e:67:e1:98:bf:3e:75:ec:0d:ac:76:68:bd:08:88:42:b1:d7:
f1:ae:15:94:f9:3d:03:90:73:20:e1:c6:6b:c5:22:62:e4:73:
10:47:38:48:3b:a6:36:71:00:07:2d:76:bd:93:bb:00:ab:12:
26:b5:fc:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXHOryWF2T9f1+rQ95fsG14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzI0MDgxNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc4ZTlkOTc0MjRmODYyNjY3ZGQyMjI4YjlmODY1MDkyNjExN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QmmMkbKPGyMp+fHxV9mnWHu2bYQ
Xv3wzFcSvzQhVOFy9ev+9XDlCJv4GPmMbeVGByuUpqxHOD0UXWgZiHtWqlwRvAd9
FA8qsoMsr6a51/r6HIwHUrwy4gZSWDn9hMau96Z7+UlJzfCRUy+cMMauyrgEMzrc
5j7XM8+TI3/MitlhKiUw+JeYu8XiU4mXwQPWuAVMZL+YeCSp4izEjTAsNPI7IWDO
tIq8+kcyT2uHIoHwVt9Rbld7QkgwIXqAq+Q2ce/z+x01OTuPH/S0wJRk/vdEbAUB
fFIX6VL292RF+FbEXNOY59QvQw1++Sl8qXVxoGXd2Hs9rfQJVwGrsVo9nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLR46dl0JPhiZn3SIoufhlCSYRe3MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdEhqcDJYUWstR0ptZmRJaWk1LUdVSkpoRjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVoUMA0G
CSqGSIb3DQEBCwUAA4IBAQDHJtGnMSbFixN0ujo/muojTEnMo3jQ81Fom60ai/2I
j7a2OwtoBoLsxf0Njp2m4ITzmf/EQbbeMqALvgavlrfA2U4u63Nl/e7DGhDVfxvE
qW0ZhV21hIHtWtatcTfyRyzPHGMqess4qGwJ+5nQGLZhI5jLC9QiJ0O757foZrki
XkIhEerLBEJRMfBx2OIhbXzo+7fm/HtbgZOh/OpsJl0Jc48WPDOlkjseVPoqoQHO
ue/v+1aLJ5F2WffyjPjgQntJGOO60W6eZ+GYvz517A2sdmi9CIhCsdfxrhWU+T0D
kHMg4cZrxSJi5HMQRzhIO6Y2cQAHLXa9k7sAqxImtfxM
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:37:56 2025 by rpki-client