Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/3pvk7xDb4NV_nejPMsBPFHGXH-w.roa
File: 3pvk7xDb4NV_nejPMsBPFHGXH-w.roa (raw, json)
Hash identifier: F1kItjl6urBp8elqxTTpkZJm2H5EiLSG+zhBNJ6u3Cs=
Subject key identifier: DE:9B:E4:EF:10:DB:E0:D5:7F:9D:E8:CF:32:C0:4F:14:71:97:1F:EC
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0195BEFB87C377C46A1F3A6C7EDD58E248C1
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/3pvk7xDb4NV_nejPMsBPFHGXH-w.roa
Signing time: Sat 22 Mar 2025 17:51:50 +0000
ROA not before: Sat 22 Mar 2025 17:51:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 77.47.143.0/24 maxlen: 24
77.47.156.0/22 maxlen: 24
77.47.212.0/24 maxlen: 24
77.47.240.0/23 maxlen: 24
77.47.243.0/24 maxlen: 24
77.47.244.0/22 maxlen: 24
195.178.140.0/23 maxlen: 24
195.178.146.0/24 maxlen: 24
212.111.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:be:fb:87:c3:77:c4:6a:1f:3a:6c:7e:dd:58:e2:48:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Mar 22 17:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de9be4ef10dbe0d57f9de8cf32c04f1471971fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:da:cc:8a:23:63:54:ed:2f:85:82:f8:39:
14:79:5a:de:89:08:7f:05:f4:72:e7:4e:e0:ea:a8:
ef:df:88:cd:86:85:b1:42:40:55:24:e9:62:6e:10:
18:51:71:8e:55:c2:32:26:af:b8:d7:da:7e:96:b4:
ed:2d:ce:12:9d:11:d3:6e:05:eb:33:59:96:ca:fa:
89:a2:a4:ba:b3:0d:84:84:0a:ca:29:80:73:c6:ae:
6b:cf:c9:f0:6e:5e:f2:97:d7:c1:13:1c:0c:5d:70:
28:0a:6e:b2:d0:cb:87:e4:0f:ca:c7:df:91:94:ed:
95:09:9e:0b:bd:ec:88:45:56:ba:80:f0:17:3e:f1:
b1:a5:cf:2d:62:5d:5a:d6:c3:4d:fb:bb:92:b7:8a:
75:6c:d1:77:34:09:24:6b:08:ff:c8:56:39:77:4d:
73:71:ab:c9:16:5b:c1:51:89:f2:eb:c8:3e:80:72:
e1:26:b1:ed:80:58:6e:d7:c7:b7:85:d2:c4:16:54:
ba:71:a7:6b:e3:1a:41:07:9f:c0:91:34:6c:32:1e:
0d:b7:51:76:2f:62:23:d2:62:53:6a:dc:1c:6c:0f:
83:0f:5f:b7:ca:37:a3:c9:02:9e:0a:1e:ef:2c:7e:
4b:89:20:d1:a4:9c:73:0f:a8:5f:ac:9f:38:a4:58:
0a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9B:E4:EF:10:DB:E0:D5:7F:9D:E8:CF:32:C0:4F:14:71:97:1F:EC
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/3pvk7xDb4NV_nejPMsBPFHGXH-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.156.0/22
77.47.212.0/24
77.47.240.0/23
77.47.243.0-77.47.247.255
195.178.140.0/23
195.178.146.0/24
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:71:0f:d4:c5:57:72:79:75:51:93:3c:31:85:4b:52:39:5d:
0a:fc:5d:9d:1b:6f:f4:ba:4b:a5:46:44:fb:26:ac:a2:01:f4:
ec:f6:6e:8a:00:47:8e:47:73:52:fb:cf:11:ec:65:c9:a7:9b:
69:1b:f2:32:75:bc:36:4c:7d:cd:e8:1a:50:d4:ea:c3:a0:f5:
e2:fa:1d:dc:97:a8:90:67:27:7e:5d:c5:ba:4d:88:e0:96:bb:
84:99:1a:d0:0e:cb:6d:8a:84:ef:4b:db:5f:c2:d4:8e:66:ff:
2a:a4:de:5f:7f:89:4e:ad:a7:41:5e:93:49:82:18:52:9a:2a:
d6:81:ae:92:10:a0:25:b7:15:19:ca:f9:40:37:a8:22:f4:c4:
9f:fd:70:bb:80:aa:c6:58:f8:fa:70:75:29:d1:ca:4d:c7:e5:
22:a6:25:ef:bc:e6:cf:75:67:da:fa:d5:9a:b4:01:6f:64:fc:
93:b8:96:7d:24:a5:9a:ab:30:8e:66:be:8e:c9:aa:5e:6f:a5:
fc:54:81:67:4b:68:d6:b1:5d:f8:7b:f9:36:9f:6f:65:f9:be:
46:f3:e3:98:78:0f:ec:f1:08:0a:71:18:06:e0:2d:58:ac:78:
41:e7:8a:8b:d5:3d:b3:f5:92:39:c4:1c:28:8e:70:a2:9c:d9:
d8:f1:bb:a8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZW++4fDd8RqHzpsft1Y4kjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMzIyMTc1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTliZTRlZjEwZGJlMGQ1N2Y5ZGU4Y2YzMmMwNGYxNDcxOTcxZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArADazIojY1TtL4WC+DkUeVreiQh/
BfRy507g6qjv34jNhoWxQkBVJOlibhAYUXGOVcIyJq+419p+lrTtLc4SnRHTbgXr
M1mWyvqJoqS6sw2EhArKKYBzxq5rz8nwbl7yl9fBExwMXXAoCm6y0MuH5A/Kx9+R
lO2VCZ4LveyIRVa6gPAXPvGxpc8tYl1a1sNN+7uSt4p1bNF3NAkkawj/yFY5d01z
cavJFlvBUYny68g+gHLhJrHtgFhu18e3hdLEFlS6cadr4xpBB5/AkTRsMh4Nt1F2
L2Ij0mJTatwcbA+DD1+3yjejyQKeCh7vLH5LiSDRpJxzD6hfrJ84pFgKjQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFN6b5O8Q2+DVf53ozzLATxRxlx/sMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvM3B2azd4RGI0TlZfbmVqUE1zQlBGSEdYSC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATS+PAwQC
TS+cAwQATS/UAwQBTS/wMAwDBABNL/MDBANNL/ADBAHDsowDBADDspIDBALUb9ww
DQYJKoZIhvcNAQELBQADggEBAKhxD9TFV3J5dVGTPDGFS1I5XQr8XZ0bb/S6S6VG
RPsmrKIB9Oz2booAR45Hc1L7zxHsZcmnm2kb8jJ1vDZMfc3oGlDU6sOg9eL6HdyX
qJBnJ35dxbpNiOCWu4SZGtAOy22KhO9L21/C1I5m/yqk3l9/iU6tp0Fek0mCGFKa
KtaBrpIQoCW3FRnK+UA3qCL0xJ/9cLuAqsZY+PpwdSnRyk3H5SKmJe+85s91Z9r6
1Zq0AW9k/JO4ln0kpZqrMI5mvo7Jql5vpfxUgWdLaNaxXfh7+Tafb2X5vkbz45h4
D+zxCApxGAbgLViseEHniovVPbP1kjnEHCiOcKKc2djxu6g=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:29 2025 by rpki-client