Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/G3n1fmpvxWOzjbB1db8Vj90w1z0.roa
File: G3n1fmpvxWOzjbB1db8Vj90w1z0.roa (raw, json)
Hash identifier: V2uHJgqy+vP8ErQ/TWqwyd3ruJ62gj12CXBlt1NsI04=
Subject key identifier: 1B:79:F5:7E:6A:6F:C5:63:B3:8D:B0:75:75:BF:15:8F:DD:30:D7:3D
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 0194282397F912B6F0918728C8A171AE6F4C
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/G3n1fmpvxWOzjbB1db8Vj90w1z0.roa
Signing time: Thu 02 Jan 2025 17:50:08 +0000
ROA not before: Thu 02 Jan 2025 17:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 87.248.134.0/24 maxlen: 24
87.248.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:97:f9:12:b6:f0:91:87:28:c8:a1:71:ae:6f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 2 17:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b79f57e6a6fc563b38db07575bf158fdd30d73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1a:62:a7:ef:be:8a:64:fb:e9:19:f7:d7:da:
73:01:85:ef:16:d0:b8:00:1c:ed:38:83:43:e7:ba:
da:9f:8b:a3:8f:36:0f:db:b6:dc:b5:8a:7f:c4:e5:
f6:8e:a3:1f:7e:9e:ce:e5:31:23:cf:29:4a:c5:91:
00:77:13:fe:e0:ed:e9:bb:68:6d:b5:b8:8c:d3:63:
ef:0c:b7:65:61:e9:0d:4b:37:3e:62:a0:dd:d3:51:
e5:74:c8:38:73:cf:d4:19:68:5b:09:10:b1:a0:f4:
db:c6:3a:70:df:70:a0:7a:c5:fb:ae:c0:f8:6e:79:
ba:2a:9b:d5:72:a8:4c:b6:32:a1:c0:67:4c:35:e1:
cd:03:9a:f9:35:1c:5c:66:d1:29:ae:74:21:e6:dc:
a2:e0:b7:45:d4:65:db:fe:c9:1c:6d:a2:c8:39:5b:
0b:2e:34:e5:96:83:23:03:27:7a:e5:b4:4f:d7:23:
90:63:38:82:14:24:1e:52:e2:9b:67:88:3f:44:b6:
b6:5d:eb:1f:15:82:c7:c2:eb:f5:cd:bd:a9:28:b3:
77:6f:f4:f2:59:36:0a:88:9f:ee:3b:75:40:d8:73:
d0:39:49:75:64:94:f6:da:b2:60:07:10:d7:3d:57:
92:94:be:f0:22:11:d7:49:b3:09:63:39:19:d3:f7:
c6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:79:F5:7E:6A:6F:C5:63:B3:8D:B0:75:75:BF:15:8F:DD:30:D7:3D
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/G3n1fmpvxWOzjbB1db8Vj90w1z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.134.0/24
87.248.143.0/24
Signature Algorithm: sha256WithRSAEncryption
06:43:8a:70:28:11:c7:ea:8b:b4:a9:53:42:05:07:4f:ec:bc:
4e:a7:4a:f5:13:23:8d:11:03:0d:bd:78:e4:a6:05:e9:a1:91:
eb:7c:8d:dd:1b:41:52:35:bb:26:f1:df:68:7f:fc:57:77:93:
ed:45:51:d3:da:a4:d5:86:c6:9e:73:b0:64:d0:32:ba:31:43:
e8:a2:64:e3:09:62:a9:fe:a6:a6:0a:f1:83:df:1a:8b:46:e4:
52:e4:53:8f:55:c1:88:c6:c8:7c:58:82:5f:0c:e3:82:8f:3c:
91:89:76:c0:bc:4a:55:0e:ef:bb:2e:ca:68:2b:6c:21:86:00:
69:f5:63:40:aa:dd:22:2f:e3:e4:2c:33:ef:5f:25:83:4a:15:
04:f3:e3:6d:47:ea:a7:52:68:a5:b2:ea:50:48:73:c9:69:f2:
22:4e:a7:93:58:50:21:f6:61:05:95:b7:6d:70:b8:53:30:aa:
e1:4c:91:63:cf:27:8a:1b:73:2c:49:9e:fc:66:6d:86:5d:02:
bf:c7:78:ac:85:29:a1:b5:68:37:cf:66:45:0b:c5:32:27:fc:
25:71:7b:a1:34:d3:77:9b:9b:77:f7:1e:66:8a:79:c8:8d:c3:
c5:48:02:fa:ed:c3:82:02:fc:54:32:e1:34:07:ec:40:89:8e:
3a:99:cb:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoI5f5ErbwkYcoyKFxrm9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjUwMTAyMTc1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc5ZjU3ZTZhNmZjNTYzYjM4ZGIwNzU3NWJmMTU4ZmRkMzBkNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBpip+++imT76Rn319pzAYXvFtC4
ABztOIND57ran4ujjzYP27bctYp/xOX2jqMffp7O5TEjzylKxZEAdxP+4O3pu2ht
tbiM02PvDLdlYekNSzc+YqDd01HldMg4c8/UGWhbCRCxoPTbxjpw33CgesX7rsD4
bnm6KpvVcqhMtjKhwGdMNeHNA5r5NRxcZtEprnQh5tyi4LdF1GXb/skcbaLIOVsL
LjTlloMjAyd65bRP1yOQYziCFCQeUuKbZ4g/RLa2XesfFYLHwuv1zb2pKLN3b/Ty
WTYKiJ/uO3VA2HPQOUl1ZJT22rJgBxDXPVeSlL7wIhHXSbMJYzkZ0/fG6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBt59X5qb8Vjs42wdXW/FY/dMNc9MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvRzNuMWZtcHZ4V096amJCMWRiOFZqOTB3MXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/iGAwQA
V/iPMA0GCSqGSIb3DQEBCwUAA4IBAQAGQ4pwKBHH6ou0qVNCBQdP7LxOp0r1EyON
EQMNvXjkpgXpoZHrfI3dG0FSNbsm8d9of/xXd5PtRVHT2qTVhsaec7Bk0DK6MUPo
omTjCWKp/qamCvGD3xqLRuRS5FOPVcGIxsh8WIJfDOOCjzyRiXbAvEpVDu+7Lspo
K2whhgBp9WNAqt0iL+PkLDPvXyWDShUE8+NtR+qnUmilsupQSHPJafIiTqeTWFAh
9mEFlbdtcLhTMKrhTJFjzyeKG3MsSZ78Zm2GXQK/x3ishSmhtWg3z2ZFC8UyJ/wl
cXuhNNN3m5t39x5minnIjcPFSAL67cOCAvxUMuE0B+xAiY46mcsO
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:35:59 2025 by rpki-client