Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/2aa218-7e1e-4994-8cb0-1f76e9dcff92/1/kZOSQmU6A2elFsqdm-zFawpP2VM.roa
File: kZOSQmU6A2elFsqdm-zFawpP2VM.roa (raw, json)
Hash identifier: bGe5j2ABlU0093SdrMDiQuuHNz672BXZ6vQ6WijSw+E=
Subject key identifier: 91:93:92:42:65:3A:03:67:A5:16:CA:9D:9B:EC:C5:6B:0A:4F:D9:53
Certificate issuer: /CN=052b10e547e89ff6c7b39b6ca97fb16b3fdfbe4f
Certificate serial: 0194221FED34A123F8DA9FD804B8C68E04B5
Authority key identifier: 05:2B:10:E5:47:E8:9F:F6:C7:B3:9B:6C:A9:7F:B1:6B:3F:DF:BE:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSsQ5Ufon_bHs5tsqX-xaz_fvk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/2aa218-7e1e-4994-8cb0-1f76e9dcff92/1/kZOSQmU6A2elFsqdm-zFawpP2VM.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 77.72.64.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ed:34:a1:23:f8:da:9f:d8:04:b8:c6:8e:04:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=052b10e547e89ff6c7b39b6ca97fb16b3fdfbe4f
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91939242653a0367a516ca9d9becc56b0a4fd953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:cf:04:52:5f:fc:7d:df:8a:e3:1b:2f:10:
e3:41:05:3b:62:4a:05:0e:fa:4f:d4:f3:5e:98:41:
91:7b:88:86:3a:14:6a:15:68:f5:65:21:a0:9c:e1:
47:31:45:ac:cd:77:c7:2e:3f:b2:37:af:06:dc:98:
5e:ed:f0:f7:63:01:2c:63:8f:30:05:77:16:b6:fc:
92:73:dc:00:76:44:bd:ae:2e:8a:bd:b7:98:17:a3:
3e:58:e9:ad:f0:c8:eb:09:c6:ae:05:08:5f:9f:96:
12:d0:5d:76:c8:15:e9:71:3a:ec:b9:ee:3e:48:5f:
21:20:64:b3:ee:a3:e5:80:67:05:c3:98:2d:1b:7d:
43:a1:82:95:aa:29:68:fe:0b:1e:d0:32:9f:38:21:
0d:7b:e8:4a:f2:54:97:f2:17:74:52:02:cb:a5:be:
5e:06:ab:92:dc:1a:62:94:9a:13:f7:95:41:a4:59:
d2:f9:ca:72:57:c1:c6:c4:62:5e:17:40:b9:b4:3b:
bb:ba:c3:79:d9:44:23:1e:12:6e:a0:9d:cf:bb:aa:
8a:42:ec:4b:d7:a8:2c:bf:5e:6b:49:8a:c9:58:b2:
c6:0d:81:22:bc:78:c4:d7:a9:b5:71:fe:1a:84:d6:
4f:06:c4:e6:c9:ad:0c:75:9b:a2:b7:42:76:be:25:
d1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:93:92:42:65:3A:03:67:A5:16:CA:9D:9B:EC:C5:6B:0A:4F:D9:53
X509v3 Authority Key Identifier:
keyid:05:2B:10:E5:47:E8:9F:F6:C7:B3:9B:6C:A9:7F:B1:6B:3F:DF:BE:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSsQ5Ufon_bHs5tsqX-xaz_fvk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/2aa218-7e1e-4994-8cb0-1f76e9dcff92/1/kZOSQmU6A2elFsqdm-zFawpP2VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/2aa218-7e1e-4994-8cb0-1f76e9dcff92/1/BSsQ5Ufon_bHs5tsqX-xaz_fvk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.64.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:0f:9a:8c:4d:aa:0c:19:9f:86:70:37:71:ef:33:f7:a1:d0:
61:d8:6c:07:93:e9:5b:1a:c3:7a:3d:fc:e0:7e:85:d9:35:34:
58:d9:7b:ee:70:6f:2a:06:a5:91:ae:86:b4:35:f9:61:4e:d0:
8b:5c:24:11:0d:87:26:87:74:4e:8f:e9:00:cb:27:fa:b0:94:
38:15:75:56:dc:2b:42:ef:2d:e8:e1:99:f1:ea:32:12:4b:fb:
f1:d7:9c:0a:d2:70:3c:89:31:8f:fa:79:77:39:27:ab:fb:df:
7d:69:de:07:33:d0:fc:0c:be:f6:4c:b2:1b:3c:10:8a:a0:16:
0f:0c:ca:39:f4:d6:0e:e6:9e:96:e4:84:ce:65:f7:69:66:bf:
39:e3:59:1e:3d:25:39:0b:65:e4:82:41:3b:bf:7f:d1:b2:16:
86:15:b4:f2:ca:0c:96:6c:36:33:1a:e5:fe:9a:33:d0:70:d4:
20:8b:a7:3c:bd:27:c0:c0:cd:25:1e:3f:dc:ee:e9:ec:0f:1a:
c3:26:de:d6:21:20:e4:f2:1f:19:ae:81:4f:68:f3:13:bc:4b:
c4:f2:0a:ff:8c:1e:1e:29:83:d7:d4:d2:23:bb:a3:54:de:1a:
84:05:fe:d7:7a:06:1d:8b:d2:88:d8:02:4a:85:94:07:2d:5d:
22:30:e9:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+00oSP42p/YBLjGjgS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MmIxMGU1NDdlODlmZjZjN2IzOWI2Y2E5N2ZiMTZiM2Zk
ZmJlNGYwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTkzOTI0MjY1M2EwMzY3YTUxNmNhOWQ5YmVjYzU2YjBhNGZkOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD7PBFJf/H3fiuMbLxDjQQU7YkoF
DvpP1PNemEGRe4iGOhRqFWj1ZSGgnOFHMUWszXfHLj+yN68G3Jhe7fD3YwEsY48w
BXcWtvySc9wAdkS9ri6KvbeYF6M+WOmt8MjrCcauBQhfn5YS0F12yBXpcTrsue4+
SF8hIGSz7qPlgGcFw5gtG31DoYKVqilo/gse0DKfOCENe+hK8lSX8hd0UgLLpb5e
BquS3BpilJoT95VBpFnS+cpyV8HGxGJeF0C5tDu7usN52UQjHhJuoJ3Pu6qKQuxL
16gsv15rSYrJWLLGDYEivHjE16m1cf4ahNZPBsTmya0MdZuit0J2viXRnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGTkkJlOgNnpRbKnZvsxWsKT9lTMB8GA1UdIwQY
MBaAFAUrEOVH6J/2x7ObbKl/sWs/375PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNzUTVVZm9uX2JIczV0c3FYLXhhel9mdms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yYWEyMTgtN2UxZS00OTk0LThjYjAt
MWY3NmU5ZGNmZjkyLzEva1pPU1FtVTZBMmVsRnNxZG0tekZhd3BQMlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yYWEyMTgtN2UxZS00OTk0LThjYjAtMWY3NmU5ZGNmZjky
LzEvQlNzUTVVZm9uX2JIczV0c3FYLXhhel9mdms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTUhAMA0G
CSqGSIb3DQEBCwUAA4IBAQAcD5qMTaoMGZ+GcDdx7zP3odBh2GwHk+lbGsN6Pfzg
foXZNTRY2XvucG8qBqWRroa0NflhTtCLXCQRDYcmh3ROj+kAyyf6sJQ4FXVW3CtC
7y3o4Znx6jISS/vx15wK0nA8iTGP+nl3OSer+999ad4HM9D8DL72TLIbPBCKoBYP
DMo59NYO5p6W5ITOZfdpZr8541kePSU5C2XkgkE7v3/RshaGFbTyygyWbDYzGuX+
mjPQcNQgi6c8vSfAwM0lHj/c7unsDxrDJt7WISDk8h8ZroFPaPMTvEvE8gr/jB4e
KYPX1NIju6NU3hqEBf7XegYdi9KI2AJKhZQHLV0iMOmm
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:53 2025 by rpki-client