Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/aEYrq5OTszYCkrQCOg6UNIZ4ixg.roa
File: aEYrq5OTszYCkrQCOg6UNIZ4ixg.roa (raw, json)
Hash identifier: NnX8w21s85sec40Tib0/WU4IMC7GCNy++WkrtuMHZBQ=
Subject key identifier: 68:46:2B:AB:93:93:B3:36:02:92:B4:02:3A:0E:94:34:86:78:8B:18
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 019428270B5FCED7BF9217F200FAF273C709
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/aEYrq5OTszYCkrQCOg6UNIZ4ixg.roa
Signing time: Thu 02 Jan 2025 17:53:54 +0000
ROA not before: Thu 02 Jan 2025 17:53:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216319
IP address blocks: 77.91.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:0b:5f:ce:d7:bf:92:17:f2:00:fa:f2:73:c7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Jan 2 17:53:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68462bab9393b3360292b4023a0e943486788b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:03:ea:d0:45:36:85:af:83:a0:db:97:49:
db:25:ae:3a:21:47:96:39:cf:cc:0d:97:66:d4:d0:
8e:6d:a6:21:6a:2f:36:a7:65:8a:34:fb:c2:6b:d8:
83:e7:41:b1:3f:7b:3c:b0:4a:25:fe:9a:5f:c3:d3:
08:f4:85:02:cf:70:99:7e:35:14:4b:f6:eb:c5:07:
40:69:60:de:f8:a3:64:0c:b6:f5:79:6b:2b:73:a2:
94:ec:98:28:bc:02:21:d6:2b:70:03:ed:3b:16:a1:
08:72:98:45:98:58:c5:a5:33:9b:4d:79:c6:8c:e1:
b2:fd:fc:94:5a:d5:4f:b9:57:60:46:59:3e:f7:f1:
dc:a4:17:81:c2:4b:55:34:9f:23:f5:b1:8b:33:5a:
71:67:7e:c1:cd:0f:8a:8a:ef:c4:da:11:e0:71:93:
ac:8a:ca:16:57:17:fa:5b:cf:5f:6a:98:d7:d8:d6:
8c:98:02:21:0f:97:57:09:ca:b2:38:7e:2d:8e:7b:
6b:88:ed:df:e8:17:21:b8:2e:79:4c:75:c7:48:69:
f5:b6:62:20:68:4c:36:e1:f6:42:16:da:1c:d4:d1:
96:e3:38:51:ae:0c:76:be:74:69:33:33:fb:0a:c9:
c6:64:f2:b7:6c:76:4e:01:ba:d1:ab:a4:93:2b:25:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:46:2B:AB:93:93:B3:36:02:92:B4:02:3A:0E:94:34:86:78:8B:18
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/aEYrq5OTszYCkrQCOg6UNIZ4ixg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.76.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f7:bc:ae:c6:69:7e:6d:26:c2:a4:07:5a:db:c4:1b:b5:2b:
1c:2a:c0:90:ba:a3:95:48:e1:5b:f1:b9:a0:e6:cb:6b:e1:0c:
5d:79:f2:da:cb:c3:17:b4:dd:ec:7e:62:50:ce:34:a7:e1:7e:
09:52:94:1a:a3:1c:30:10:a7:c1:ff:49:45:a2:3a:c6:6a:27:
bd:e9:0e:39:ca:78:d5:02:c1:92:54:2b:1b:e2:17:0c:a3:3e:
14:be:43:c2:89:70:6b:e9:2f:a7:94:ce:c0:dd:1e:63:04:9f:
eb:3b:95:b7:1f:41:21:3c:0c:ed:b2:fb:cc:e5:ba:7f:50:b8:
4e:e2:cb:02:c2:25:a3:4e:69:12:ae:d5:c8:fa:2c:ca:59:13:
17:b9:0e:d9:43:d8:2f:5e:5c:19:58:b0:1c:60:cf:bd:6a:03:
c3:43:eb:14:03:aa:b7:4d:3c:a6:1f:ec:7c:86:91:d9:b5:a1:
b3:d3:35:00:2f:9a:8e:2a:ae:cb:d3:38:8c:2b:25:76:61:05:
dc:39:42:74:60:e0:0e:87:74:9b:42:c0:48:cb:cb:90:92:48:
95:f3:42:fe:c0:e8:f4:3d:dc:e0:2e:65:58:ec:67:14:ed:a8:
ac:a1:b4:c3:62:0c:ec:91:ba:05:f3:ff:27:7c:aa:b7:f4:4b:
49:fd:2d:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJwtfzte/khfyAPryc8cJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjUwMTAyMTc1MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQ2MmJhYjkzOTNiMzM2MDI5MmI0MDIzYTBlOTQzNDg2Nzg4YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSkD6tBFNoWvg6Dbl0nbJa46IUeW
Oc/MDZdm1NCObaYhai82p2WKNPvCa9iD50GxP3s8sEol/ppfw9MI9IUCz3CZfjUU
S/brxQdAaWDe+KNkDLb1eWsrc6KU7JgovAIh1itwA+07FqEIcphFmFjFpTObTXnG
jOGy/fyUWtVPuVdgRlk+9/HcpBeBwktVNJ8j9bGLM1pxZ37BzQ+Kiu/E2hHgcZOs
isoWVxf6W89fapjX2NaMmAIhD5dXCcqyOH4tjntriO3f6BchuC55THXHSGn1tmIg
aEw24fZCFtoc1NGW4zhRrgx2vnRpMzP7CsnGZPK3bHZOAbrRq6STKyUwBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhGK6uTk7M2ApK0AjoOlDSGeIsYMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvYUVZcnE1T1RzellDa3JRQ09nNlVOSVo0aXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtMMA0G
CSqGSIb3DQEBCwUAA4IBAQCt97yuxml+bSbCpAda28QbtSscKsCQuqOVSOFb8bmg
5str4QxdefLay8MXtN3sfmJQzjSn4X4JUpQaoxwwEKfB/0lFojrGaie96Q45ynjV
AsGSVCsb4hcMoz4UvkPCiXBr6S+nlM7A3R5jBJ/rO5W3H0EhPAztsvvM5bp/ULhO
4ssCwiWjTmkSrtXI+izKWRMXuQ7ZQ9gvXlwZWLAcYM+9agPDQ+sUA6q3TTymH+x8
hpHZtaGz0zUAL5qOKq7L0ziMKyV2YQXcOUJ0YOAOh3SbQsBIy8uQkkiV80L+wOj0
PdzgLmVY7GcU7aisobTDYgzskboF8/8nfKq39EtJ/S1G
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:45:55 2025 by rpki-client