Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/lndKtS13lyiGoY9uQGmtVSm8RtQ.roa
File: lndKtS13lyiGoY9uQGmtVSm8RtQ.roa (raw, json)
Hash identifier: 5YudgcE520mUaSdK2Ny+WqGQURRXePAAds7R/treF8Q=
Subject key identifier: 96:77:4A:B5:2D:77:97:28:86:A1:8F:6E:40:69:AD:55:29:BC:46:D4
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0195390C502FAA75F6BE49CC680C3EBBA474
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/lndKtS13lyiGoY9uQGmtVSm8RtQ.roa
Signing time: Mon 24 Feb 2025 17:41:02 +0000
ROA not before: Mon 24 Feb 2025 17:41:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 77.47.143.0/24 maxlen: 24
77.47.212.0/23 maxlen: 24
77.47.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:39:0c:50:2f:aa:75:f6:be:49:cc:68:0c:3e:bb:a4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 24 17:41:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96774ab52d77972886a18f6e4069ad5529bc46d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:57:f6:61:cd:a0:d9:a6:b7:6c:5c:b8:e0:91:
fc:09:69:16:2f:01:95:93:cc:5b:fd:c3:a9:28:70:
78:47:29:7d:ed:82:cd:a5:83:86:cb:a4:81:48:af:
c6:90:76:e8:79:32:c3:76:8b:11:51:db:a9:fe:74:
89:fa:41:67:58:19:1e:13:71:3e:74:e1:1f:0d:14:
a3:e9:77:e2:a4:2c:32:30:16:db:05:5f:c9:7f:db:
56:e4:66:98:c6:13:44:81:01:ed:0f:72:7a:e2:b9:
bd:22:dd:1f:66:7d:fd:da:b1:36:1e:47:a7:5e:f0:
ee:df:c9:7f:af:31:ca:13:c3:27:c1:36:37:99:6c:
2e:4c:66:c5:9c:e8:b1:1a:fd:2e:f5:2c:36:45:e3:
7b:d8:42:dd:a5:1d:1d:35:d5:e5:59:18:8c:cf:22:
66:3f:61:d2:c4:3a:8d:44:1b:48:97:ad:78:bd:1e:
ef:e6:86:9f:25:00:36:eb:82:fc:4c:82:9d:36:43:
b7:dc:7c:af:47:f8:03:6b:07:ca:d7:36:1b:c8:7b:
b4:b9:9b:11:b0:6c:16:7f:48:7e:2d:b4:d1:f6:29:
b3:57:b2:02:41:1a:ad:09:c7:f0:f1:a7:53:24:43:
84:7d:b1:eb:2c:5f:52:5b:ae:e9:1e:db:24:80:0c:
45:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:77:4A:B5:2D:77:97:28:86:A1:8F:6E:40:69:AD:55:29:BC:46:D4
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/lndKtS13lyiGoY9uQGmtVSm8RtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.143.0/24
77.47.212.0/23
77.47.240.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:e8:94:d8:b0:cc:6c:33:a0:37:11:01:0d:eb:be:5d:0d:1f:
b9:b9:fd:d2:3d:55:ba:63:87:e2:c8:fd:c5:7d:70:34:74:b5:
10:f5:cf:2f:fd:d6:4e:07:a6:41:33:da:a5:95:d6:f5:6a:46:
7f:4a:da:f8:78:09:79:65:1e:33:6d:9c:4b:a5:d2:60:68:a0:
5b:34:6f:05:5d:14:d2:5b:4c:85:db:5f:18:ae:0f:e8:89:41:
0b:8d:3d:5f:52:d8:31:f1:d7:d8:d7:88:a6:40:21:53:5e:f8:
b9:3f:7a:f4:5e:8d:c9:4f:d4:25:11:84:43:ec:65:09:ea:13:
10:d8:66:64:d7:92:60:ca:b3:af:9a:21:47:e0:1e:52:b0:85:
2b:cb:ac:72:18:4d:98:ee:bf:db:92:51:ad:0e:a6:47:99:c1:
25:19:b4:16:c5:7f:d9:8f:b9:88:5e:da:e5:fa:c4:14:72:ef:
28:0b:d6:16:d5:b5:0f:64:47:6a:98:ce:12:2c:14:70:49:c5:
29:f4:9e:7a:74:7e:55:0e:25:09:03:db:f8:81:5e:24:61:d4:
df:97:4f:9c:a9:16:c1:f0:59:b7:4e:55:16:61:39:9a:56:ef:
e5:68:0e:ce:3c:49:5a:93:4a:c5:88:89:55:65:2c:09:a8:7c:
86:8d:4b:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU5DFAvqnX2vknMaAw+u6R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMjI0MTc0MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njc3NGFiNTJkNzc5NzI4ODZhMThmNmU0MDY5YWQ1NTI5YmM0NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVf2Yc2g2aa3bFy44JH8CWkWLwGV
k8xb/cOpKHB4Ryl97YLNpYOGy6SBSK/GkHboeTLDdosRUdup/nSJ+kFnWBkeE3E+
dOEfDRSj6XfipCwyMBbbBV/Jf9tW5GaYxhNEgQHtD3J64rm9It0fZn392rE2Hken
XvDu38l/rzHKE8MnwTY3mWwuTGbFnOixGv0u9Sw2ReN72ELdpR0dNdXlWRiMzyJm
P2HSxDqNRBtIl614vR7v5oafJQA264L8TIKdNkO33HyvR/gDawfK1zYbyHu0uZsR
sGwWf0h+LbTR9imzV7ICQRqtCcfw8adTJEOEfbHrLF9SW67pHtskgAxF9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJZ3SrUtd5cohqGPbkBprVUpvEbUMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvbG5kS3RTMTNseWlHb1k5dVFHbXRWU204UnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATS+PAwQB
TS/UAwQBTS/wMA0GCSqGSIb3DQEBCwUAA4IBAQAM6JTYsMxsM6A3EQEN675dDR+5
uf3SPVW6Y4fiyP3FfXA0dLUQ9c8v/dZOB6ZBM9qlldb1akZ/Str4eAl5ZR4zbZxL
pdJgaKBbNG8FXRTSW0yF218Yrg/oiUELjT1fUtgx8dfY14imQCFTXvi5P3r0Xo3J
T9QlEYRD7GUJ6hMQ2GZk15JgyrOvmiFH4B5SsIUry6xyGE2Y7r/bklGtDqZHmcEl
GbQWxX/Zj7mIXtrl+sQUcu8oC9YW1bUPZEdqmM4SLBRwScUp9J56dH5VDiUJA9v4
gV4kYdTfl0+cqRbB8Fm3TlUWYTmaVu/laA7OPElak0rFiIlVZSwJqHyGjUv5
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:18:12 2025 by rpki-client