Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/URtx2Qs2hmoNbexNjDCH87s_d7U.roa
File: URtx2Qs2hmoNbexNjDCH87s_d7U.roa (raw, json)
Hash identifier: aGVY4s+OAba7NfmkmxPvmFp/W9HemkPnjycLftzsaqw=
Subject key identifier: 51:1B:71:D9:0B:36:86:6A:0D:6D:EC:4D:8C:30:87:F3:BB:3F:77:B5
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 019428270961DB1B5F1333D8A05AE50C937A
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/URtx2Qs2hmoNbexNjDCH87s_d7U.roa
Signing time: Thu 02 Jan 2025 17:53:54 +0000
ROA not before: Thu 02 Jan 2025 17:53:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214891
IP address blocks: 77.91.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:09:61:db:1b:5f:13:33:d8:a0:5a:e5:0c:93:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Jan 2 17:53:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=511b71d90b36866a0d6dec4d8c3087f3bb3f77b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:df:39:c6:4d:10:8f:08:46:54:aa:51:bc:48:
bd:b0:b0:dc:ab:1b:1e:db:6a:db:a5:2d:b4:b7:63:
a3:be:31:77:12:fd:c5:dd:68:b9:19:34:f7:2b:90:
7d:d3:c7:40:7d:cb:b6:fd:6c:d4:73:88:82:4f:a6:
ff:bc:77:60:61:df:4b:62:13:e5:ed:2f:4e:24:e0:
87:ed:ed:37:9e:d9:68:04:4d:67:69:82:48:bd:88:
c7:1d:2a:86:ef:f7:79:1a:0f:b8:08:96:23:d7:cb:
ad:f8:e4:aa:5e:48:b1:27:1d:7e:a7:45:ca:7c:ce:
e8:6c:27:32:77:e9:8e:a2:58:b1:dd:3d:7c:8c:63:
ce:0a:12:c6:9f:74:f9:b5:56:30:db:30:8d:a3:97:
85:bf:f9:f3:37:97:73:47:d8:77:e4:50:bc:e0:01:
f7:30:30:b4:9f:59:98:a2:30:93:4e:1f:16:94:f4:
c0:0e:f6:a1:3d:5e:1b:c1:84:db:59:b8:c0:ad:ca:
ed:c6:0d:9f:ae:98:db:dc:7a:7a:ae:56:a6:4e:d0:
a6:d2:b3:a5:87:d1:24:c2:60:a2:66:79:c2:61:43:
78:42:23:eb:58:5f:9e:05:29:bd:11:dd:82:b3:77:
32:09:bc:bd:d4:58:d0:87:99:11:d3:84:ee:ea:7f:
d3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1B:71:D9:0B:36:86:6A:0D:6D:EC:4D:8C:30:87:F3:BB:3F:77:B5
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/URtx2Qs2hmoNbexNjDCH87s_d7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.66.0/24
Signature Algorithm: sha256WithRSAEncryption
14:33:ad:5d:96:e4:e4:c9:da:2b:e6:da:62:20:9b:cd:dc:22:
88:5a:9f:e7:0f:10:ba:95:f0:ec:82:31:c3:17:06:2f:34:3e:
48:62:71:4f:66:ad:78:cc:d1:bd:95:64:38:0b:03:79:97:d1:
9c:8b:d0:b6:f9:54:da:29:ff:7f:e2:45:ee:33:bd:11:d0:df:
5a:39:4e:cf:98:b5:15:3f:ed:75:7a:1f:a3:0f:51:7a:3e:af:
96:8e:94:e7:32:7c:c5:fa:31:ec:af:01:cc:a3:f6:97:35:5f:
a8:9b:1d:7f:6f:75:16:82:f7:c1:88:82:4f:26:54:ce:7a:15:
47:16:f3:b8:cb:54:c3:29:80:2f:d7:cf:d7:70:e3:8d:a0:87:
66:e7:ba:09:f4:ab:df:49:ea:96:f6:e8:47:66:a6:45:f5:8f:
89:fb:aa:3a:e9:ff:b9:fd:03:57:76:00:d4:87:03:8c:3d:8e:
1c:7d:d9:5c:a4:d7:fa:a9:14:ff:ee:ba:62:0c:50:6d:37:22:
8c:7d:89:2a:c9:9b:de:89:4f:15:47:8e:10:b1:c4:6f:3a:6e:
b6:e6:63:67:df:a0:c7:0a:f5:b6:93:87:c2:f4:b9:71:4b:18:
b2:86:3c:fa:a1:c3:b9:35:85:4f:1a:83:46:40:fb:ef:d7:cf:
92:35:d1:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJwlh2xtfEzPYoFrlDJN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjUwMTAyMTc1MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFiNzFkOTBiMzY4NjZhMGQ2ZGVjNGQ4YzMwODdmM2JiM2Y3N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw985xk0QjwhGVKpRvEi9sLDcqxse
22rbpS20t2OjvjF3Ev3F3Wi5GTT3K5B908dAfcu2/WzUc4iCT6b/vHdgYd9LYhPl
7S9OJOCH7e03ntloBE1naYJIvYjHHSqG7/d5Gg+4CJYj18ut+OSqXkixJx1+p0XK
fM7obCcyd+mOolix3T18jGPOChLGn3T5tVYw2zCNo5eFv/nzN5dzR9h35FC84AH3
MDC0n1mYojCTTh8WlPTADvahPV4bwYTbWbjArcrtxg2frpjb3Hp6rlamTtCm0rOl
h9EkwmCiZnnCYUN4QiPrWF+eBSm9Ed2Cs3cyCby91FjQh5kR04Tu6n/T9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEbcdkLNoZqDW3sTYwwh/O7P3e1MB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvVVJ0eDJRczJobW9OYmV4TmpEQ0g4N3NfZDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtCMA0G
CSqGSIb3DQEBCwUAA4IBAQAUM61dluTkydor5tpiIJvN3CKIWp/nDxC6lfDsgjHD
FwYvND5IYnFPZq14zNG9lWQ4CwN5l9Gci9C2+VTaKf9/4kXuM70R0N9aOU7PmLUV
P+11eh+jD1F6Pq+WjpTnMnzF+jHsrwHMo/aXNV+omx1/b3UWgvfBiIJPJlTOehVH
FvO4y1TDKYAv18/XcOONoIdm57oJ9KvfSeqW9uhHZqZF9Y+J+6o66f+5/QNXdgDU
hwOMPY4cfdlcpNf6qRT/7rpiDFBtNyKMfYkqyZveiU8VR44QscRvOm625mNn36DH
CvW2k4fC9LlxSxiyhjz6ocO5NYVPGoNGQPvv18+SNdFl
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:26:48 2025 by rpki-client