Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/ktYyB7Lo8mei1Js5I-I0yf-MCXU.roa
File: ktYyB7Lo8mei1Js5I-I0yf-MCXU.roa (raw, json)
Hash identifier: Wuqa50eBmMkD+O8hs0aB4Jfbv6/LdAF4VRAO0szb7/E=
Subject key identifier: 92:D6:32:07:B2:E8:F2:67:A2:D4:9B:39:23:E2:34:C9:FF:8C:09:75
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 019428239A3D5B8A871140EB67D78BEEE2BA
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/ktYyB7Lo8mei1Js5I-I0yf-MCXU.roa
Signing time: Thu 02 Jan 2025 17:50:09 +0000
ROA not before: Thu 02 Jan 2025 17:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47843
IP address blocks: 87.248.128.0/24 maxlen: 24
194.60.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:9a:3d:5b:8a:87:11:40:eb:67:d7:8b:ee:e2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 2 17:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92d63207b2e8f267a2d49b3923e234c9ff8c0975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2c:08:e1:87:dc:dd:4e:4d:9b:6e:ec:d6:c3:
df:f4:61:4a:b2:f5:1c:1c:e9:86:c9:cd:16:6e:ed:
fb:c9:88:7a:c9:fc:e5:bf:8f:36:9a:10:9e:36:b7:
34:8f:2a:d7:60:63:f5:b9:2f:af:5a:e2:13:4a:ae:
dc:c8:6c:67:53:e7:56:73:a0:81:ed:35:66:c5:6c:
37:1a:10:2e:9b:1f:c6:c2:3a:d5:4a:9d:68:28:b1:
91:59:27:63:0f:54:46:27:41:b8:0b:a0:15:33:b9:
1f:54:a5:f6:21:5d:4a:39:13:18:2b:d3:75:39:6c:
86:15:47:ac:79:2f:52:b4:2d:9d:c0:73:2d:0e:61:
4f:93:f7:59:d1:70:39:c8:ea:18:24:a9:05:01:27:
c7:56:6e:d3:77:21:c9:45:e0:50:8a:b5:ad:e1:fc:
f5:3b:82:6f:ab:88:f2:f4:d0:3b:a4:4f:9f:aa:14:
6e:45:f8:e4:45:86:54:92:bf:d9:22:14:23:a2:d4:
30:bd:f8:ea:cf:53:41:e4:c8:e8:38:1d:4a:e2:a9:
f3:be:0e:86:60:5b:b9:7a:e0:0c:57:61:6a:f2:17:
c7:f3:3c:6f:73:98:cd:fd:3e:7f:4a:65:84:2a:b9:
ca:a5:6f:bb:5b:d7:62:71:7c:ec:99:fc:39:7a:90:
1f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D6:32:07:B2:E8:F2:67:A2:D4:9B:39:23:E2:34:C9:FF:8C:09:75
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/ktYyB7Lo8mei1Js5I-I0yf-MCXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.128.0/24
194.60.229.0/24
Signature Algorithm: sha256WithRSAEncryption
32:fa:83:b5:a0:39:48:9e:83:d3:11:cc:89:b0:62:f9:f9:c2:
a7:36:1f:57:02:4b:7f:b0:12:bb:4f:58:14:cf:14:0c:57:cd:
4b:5e:1b:a5:cd:e9:57:3c:51:1d:58:c5:bf:76:8c:a3:94:06:
b0:d3:27:ea:86:b0:48:86:b6:1f:fc:7c:f6:14:82:d1:ec:39:
b8:5d:3b:a3:22:27:f1:77:0f:11:14:58:a8:06:12:33:65:20:
d2:f1:27:57:f4:53:0c:48:af:90:a3:37:89:03:db:5e:54:5a:
f8:3e:de:0b:ca:4c:88:8b:01:ea:4a:a7:8d:ca:bb:41:e9:b0:
80:ee:cb:d0:a7:11:50:b7:19:5a:dd:3e:4e:51:0e:af:82:c7:
6b:17:b9:26:e0:da:b5:40:cb:1b:3f:5a:08:cb:e8:db:8f:a6:
85:42:32:e9:0e:5d:e3:8b:2f:71:84:d9:7d:65:44:ea:de:ef:
1e:af:e5:c3:a1:dd:33:3a:a6:dd:3e:74:b6:75:9f:2b:d5:1a:
43:04:0a:72:c9:30:a8:8a:fa:f0:a8:5d:96:47:26:d7:9d:90:
3c:b6:ee:75:16:76:f4:40:7d:17:e5:1c:a6:e1:90:40:47:eb:
eb:c1:26:6a:01:ed:0b:82:e8:b8:23:72:f2:40:81:c3:dd:78:
5e:3d:ae:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoI5o9W4qHEUDrZ9eL7uK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjUwMTAyMTc1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQ2MzIwN2IyZThmMjY3YTJkNDliMzkyM2UyMzRjOWZmOGMwOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuywI4Yfc3U5Nm27s1sPf9GFKsvUc
HOmGyc0Wbu37yYh6yfzlv482mhCeNrc0jyrXYGP1uS+vWuITSq7cyGxnU+dWc6CB
7TVmxWw3GhAumx/GwjrVSp1oKLGRWSdjD1RGJ0G4C6AVM7kfVKX2IV1KORMYK9N1
OWyGFUeseS9StC2dwHMtDmFPk/dZ0XA5yOoYJKkFASfHVm7TdyHJReBQirWt4fz1
O4Jvq4jy9NA7pE+fqhRuRfjkRYZUkr/ZIhQjotQwvfjqz1NB5MjoOB1K4qnzvg6G
YFu5euAMV2Fq8hfH8zxvc5jN/T5/SmWEKrnKpW+7W9dicXzsmfw5epAfTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJLWMgey6PJnotSbOSPiNMn/jAl1MB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEva3RZeUI3TG84bWVpMUpzNUktSTB5Zi1NQ1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/iAAwQA
wjzlMA0GCSqGSIb3DQEBCwUAA4IBAQAy+oO1oDlInoPTEcyJsGL5+cKnNh9XAkt/
sBK7T1gUzxQMV81LXhulzelXPFEdWMW/doyjlAaw0yfqhrBIhrYf/Hz2FILR7Dm4
XTujIifxdw8RFFioBhIzZSDS8SdX9FMMSK+QozeJA9teVFr4Pt4LykyIiwHqSqeN
yrtB6bCA7svQpxFQtxla3T5OUQ6vgsdrF7km4Nq1QMsbP1oIy+jbj6aFQjLpDl3j
iy9xhNl9ZUTq3u8er+XDod0zOqbdPnS2dZ8r1RpDBApyyTCoivrwqF2WRybXnZA8
tu51Fnb0QH0X5Rym4ZBAR+vrwSZqAe0Lgui4I3LyQIHD3XhePa6v
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:26:20 2025 by rpki-client