Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/qrZ7YpgHDuLLm4b9RsL4T79pBbM.roa
File: qrZ7YpgHDuLLm4b9RsL4T79pBbM.roa (raw, json)
Hash identifier: 27dVk/G2GN6jPTI4p4HZZORWKAYheQ3NGJC7yCUuC+U=
Subject key identifier: AA:B6:7B:62:98:07:0E:E2:CB:9B:86:FD:46:C2:F8:4F:BF:69:05:B3
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 0194266C0277CB6E591CFB969D0C78645DAE
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/qrZ7YpgHDuLLm4b9RsL4T79pBbM.roa
Signing time: Thu 02 Jan 2025 09:50:00 +0000
ROA not before: Thu 02 Jan 2025 09:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213144
IP address blocks: 77.65.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:02:77:cb:6e:59:1c:fb:96:9d:0c:78:64:5d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 2 09:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aab67b6298070ee2cb9b86fd46c2f84fbf6905b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:47:5c:64:76:fe:8a:57:ee:9b:c0:e3:a2:
19:b1:97:76:de:a2:3d:b3:f3:62:b8:7f:1a:b6:f2:
89:a5:68:84:6d:0e:fd:bc:36:19:ad:5c:65:eb:8d:
fc:86:4d:8c:21:9b:04:48:82:d3:91:42:5f:d2:66:
6c:cf:5f:df:b3:14:13:69:89:0a:94:9f:44:53:55:
8b:49:2f:56:39:4c:7f:bb:b0:22:26:74:29:fe:4b:
9f:4b:13:bc:b6:4a:4a:82:ca:b6:2c:20:9b:6b:70:
39:cc:f9:77:6a:86:3f:f6:c1:49:3d:32:f9:53:2e:
21:2f:a0:25:fe:d7:eb:df:ff:13:06:08:f2:6f:b2:
08:58:61:64:ac:5b:9e:f0:55:41:c1:ab:2b:37:29:
c1:9c:34:e6:1e:6b:33:cf:31:0d:3d:aa:4e:34:0f:
a8:b0:6b:d3:ea:41:06:e5:b1:5b:7a:d5:dd:ef:47:
a0:01:e5:7b:a2:b3:e2:a2:e1:58:2a:68:e2:88:3a:
f6:4c:c7:f7:32:f0:ae:0f:71:02:4e:04:60:84:13:
2c:91:e0:01:2c:1f:c9:2a:49:da:97:a8:3b:a5:32:
11:72:e8:bc:ef:c9:c3:a2:fd:b5:8e:40:5e:f5:a2:
20:e5:7c:58:8a:71:35:79:c1:99:21:9f:09:74:1a:
b9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B6:7B:62:98:07:0E:E2:CB:9B:86:FD:46:C2:F8:4F:BF:69:05:B3
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/qrZ7YpgHDuLLm4b9RsL4T79pBbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.154.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:19:04:5b:83:d3:69:1b:57:3f:01:b6:13:7a:96:82:5c:72:
b5:4b:ce:bc:62:a5:f0:8e:6c:91:a2:0b:f6:8a:f0:4b:28:1f:
33:d4:e5:7e:a2:be:36:b0:ce:5e:cf:8c:72:63:f3:08:ab:d1:
b3:e9:1f:eb:3d:32:cd:95:8b:46:ff:48:e4:86:18:8d:51:e8:
54:bb:e4:2c:b4:bd:c1:4b:57:10:fe:b7:23:5b:d8:87:e5:40:
5c:3c:84:de:1d:c4:66:2a:64:fd:d8:21:f9:9e:31:9b:04:be:
af:d6:86:0e:c0:05:ea:57:e3:0b:49:23:8a:7e:4b:93:4b:04:
78:b6:b8:0f:f9:f7:b5:1f:95:d6:5d:b4:a2:78:fb:cf:bf:eb:
a3:7c:92:40:71:6c:40:ef:51:75:43:43:d5:83:73:ef:81:4c:
cb:89:e1:cf:d5:b2:94:45:07:a4:d1:74:c8:f2:86:16:0d:c7:
ee:34:3d:94:00:7b:8e:9e:ad:a4:d3:22:5c:59:af:e6:9f:2d:
5a:5a:fa:ce:09:1f:48:a0:15:d3:02:4e:22:c4:97:15:c9:ad:
a0:83:c7:bf:f3:41:75:2b:3b:c7:97:f8:f6:15:79:e6:99:b8:
9d:b8:cb:2f:e7:44:61:f8:44:95:61:c5:14:28:5c:2e:c9:b7:
8c:46:fa:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbAJ3y25ZHPuWnQx4ZF2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjUwMTAyMDk1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI2N2I2Mjk4MDcwZWUyY2I5Yjg2ZmQ0NmMyZjg0ZmJmNjkwNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyhHXGR2/opX7pvA46IZsZd23qI9
s/NiuH8atvKJpWiEbQ79vDYZrVxl6438hk2MIZsESILTkUJf0mZsz1/fsxQTaYkK
lJ9EU1WLSS9WOUx/u7AiJnQp/kufSxO8tkpKgsq2LCCba3A5zPl3aoY/9sFJPTL5
Uy4hL6Al/tfr3/8TBgjyb7IIWGFkrFue8FVBwasrNynBnDTmHmszzzENPapONA+o
sGvT6kEG5bFbetXd70egAeV7orPiouFYKmjiiDr2TMf3MvCuD3ECTgRghBMskeAB
LB/JKknal6g7pTIRcui878nDov21jkBe9aIg5XxYinE1ecGZIZ8JdBq5FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKq2e2KYBw7iy5uG/UbC+E+/aQWzMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvcXJaN1lwZ0hEdUxMbTRiOVJzTDRUNzlwQmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUGaMA0G
CSqGSIb3DQEBCwUAA4IBAQBrGQRbg9NpG1c/AbYTepaCXHK1S868YqXwjmyRogv2
ivBLKB8z1OV+or42sM5ez4xyY/MIq9Gz6R/rPTLNlYtG/0jkhhiNUehUu+QstL3B
S1cQ/rcjW9iH5UBcPITeHcRmKmT92CH5njGbBL6v1oYOwAXqV+MLSSOKfkuTSwR4
trgP+fe1H5XWXbSiePvPv+ujfJJAcWxA71F1Q0PVg3PvgUzLieHP1bKURQek0XTI
8oYWDcfuND2UAHuOnq2k0yJcWa/mny1aWvrOCR9IoBXTAk4ixJcVya2gg8e/80F1
KzvHl/j2FXnmmbiduMsv50Rh+ESVYcUUKFwuybeMRvpp
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:04:48 2025 by rpki-client