Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PfTzfnapdjd3Xxz4QD7HM_mDGLc.roa
File: PfTzfnapdjd3Xxz4QD7HM_mDGLc.roa (raw, json)
Hash identifier: /PYBIbXsL1GlVDa1a2aXDVErLHS4Znk2lcgIGY4O9M4=
Subject key identifier: 3D:F4:F3:7E:76:A9:76:37:77:5F:1C:F8:40:3E:C7:33:F9:83:18:B7
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0185E89195D35DEFFC7230F889F75AB4A30F
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PfTzfnapdjd3Xxz4QD7HM_mDGLc.roa
Signing time: Wed 25 Jan 2023 10:55:33 +0000
ROA not before: Wed 25 Jan 2023 10:55:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20940
IP address blocks: 77.67.85.0/24 maxlen: 24
77.67.126.0/24 maxlen: 24
2001:668:108::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:91:95:d3:5d:ef:fc:72:30:f8:89:f7:5a:b4:a3:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 25 10:55:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3df4f37e76a97637775f1cf8403ec733f98318b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:59:4a:b0:50:13:69:62:59:b1:ea:1a:d5:a9:
eb:c8:fa:69:cb:7f:06:a2:27:e5:84:0a:75:7c:52:
49:de:60:64:40:46:58:7a:b6:5a:4c:c9:49:59:57:
0b:37:15:7b:0c:49:57:98:bf:a2:d1:c7:22:22:39:
b8:83:d8:08:7a:56:53:12:67:d8:c9:d6:9e:11:0d:
1b:8e:b6:1d:c0:01:4d:fd:4a:02:73:6a:11:1b:d4:
13:71:17:a8:2a:53:12:7a:a3:60:58:ad:a6:33:da:
a8:52:dd:19:59:57:99:af:4c:f9:15:ea:e4:aa:3f:
d3:bc:0a:f3:ed:1e:1e:65:d8:5f:ad:d7:f6:6a:e2:
b4:4b:4c:fe:f1:56:b5:62:f9:34:53:0a:be:43:e2:
8e:64:c9:82:55:70:70:b3:24:69:1c:fd:ba:54:96:
d4:d0:72:1f:ab:63:45:b6:24:07:aa:6b:77:d0:fc:
13:7a:8d:f6:d1:16:15:75:86:43:b3:ff:33:5b:56:
c5:82:7e:65:f1:3b:d3:2d:bd:c4:1a:b5:63:be:a2:
9c:3c:ce:23:ac:50:98:1b:0e:af:67:df:39:82:fd:
c2:73:c2:09:76:bd:3b:cb:17:17:39:50:4d:63:1e:
c9:cf:46:52:1e:cd:b2:51:02:a6:c7:83:d8:0c:64:
59:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F4:F3:7E:76:A9:76:37:77:5F:1C:F8:40:3E:C7:33:F9:83:18:B7
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PfTzfnapdjd3Xxz4QD7HM_mDGLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.67.85.0/24
77.67.126.0/24
IPv6:
2001:668:108::/48
Signature Algorithm: sha256WithRSAEncryption
d2:f3:18:e3:46:46:dd:4a:2a:ef:92:5a:45:3e:51:f3:c8:57:
c7:a6:cc:1c:35:cd:d4:d1:29:55:07:43:c7:53:8f:50:dc:be:
85:bc:86:ec:3e:50:98:39:85:7d:76:40:4f:83:f3:bc:36:d5:
e8:82:54:54:19:70:78:38:39:f2:09:96:4c:dd:62:71:ce:1a:
e4:62:47:14:d7:a9:57:d2:87:e6:88:18:4d:4e:16:90:65:ed:
32:58:97:86:20:ba:45:52:11:87:a2:33:79:59:34:6a:0a:11:
88:7f:30:f8:33:11:76:49:70:d2:af:9c:90:14:16:57:89:cf:
ae:c6:56:67:43:66:59:33:a3:fa:44:20:8e:c9:03:a9:93:c8:
ca:84:fb:1d:d5:ce:88:19:35:8a:a8:c5:6f:4c:f7:6b:75:1a:
a2:f7:24:5e:c7:58:51:be:7b:ef:af:17:55:09:2b:80:9b:a6:
c6:ee:2f:73:aa:3e:d7:5c:ca:a9:0e:51:0f:f2:98:6a:30:f3:
18:3e:b9:61:49:72:d0:22:89:72:71:20:ef:5b:db:58:65:df:
4c:66:e7:2a:27:ee:88:82:6f:a7:01:0c:c7:72:9f:ad:28:a5:
6d:1a:1c:14:2b:8f:37:ed:39:7c:7c:b9:78:3b:2d:eb:9b:d9:
4a:44:bc:d8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYXokZXTXe/8cjD4ifdatKMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTI1MTA1NTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY0ZjM3ZTc2YTk3NjM3Nzc1ZjFjZjg0MDNlYzczM2Y5ODMxOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1lKsFATaWJZseoa1anryPppy38G
oiflhAp1fFJJ3mBkQEZYerZaTMlJWVcLNxV7DElXmL+i0cciIjm4g9gIelZTEmfY
ydaeEQ0bjrYdwAFN/UoCc2oRG9QTcReoKlMSeqNgWK2mM9qoUt0ZWVeZr0z5Ferk
qj/TvArz7R4eZdhfrdf2auK0S0z+8Va1Yvk0Uwq+Q+KOZMmCVXBwsyRpHP26VJbU
0HIfq2NFtiQHqmt30PwTeo320RYVdYZDs/8zW1bFgn5l8TvTLb3EGrVjvqKcPM4j
rFCYGw6vZ985gv3Cc8IJdr07yxcXOVBNYx7Jz0ZSHs2yUQKmx4PYDGRZcQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD308352qXY3d18c+EA+xzP5gxi3MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvUGZUemZuYXBkamQzWHh6NFFEN0hNX21ER0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQATUNVAwQA
TUN+MA8EAgACMAkDBwAgAQZoAQgwDQYJKoZIhvcNAQELBQADggEBANLzGONGRt1K
Ku+SWkU+UfPIV8emzBw1zdTRKVUHQ8dTj1DcvoW8huw+UJg5hX12QE+D87w21eiC
VFQZcHg4OfIJlkzdYnHOGuRiRxTXqVfSh+aIGE1OFpBl7TJYl4YgukVSEYeiM3lZ
NGoKEYh/MPgzEXZJcNKvnJAUFleJz67GVmdDZlkzo/pEII7JA6mTyMqE+x3VzogZ
NYqoxW9M92t1GqL3JF7HWFG+e++vF1UJK4CbpsbuL3OqPtdcyqkOUQ/ymGow8xg+
uWFJctAiiXJxIO9b21hl30xm5yon7oiCb6cBDMdyn60opW0aHBQrjzftOXx8uXg7
Leub2UpEvNg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:36 2025 by rpki-client