Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/049Ezw3bbxyAcFdFjmuYEFwXBsU.roa
File: 049Ezw3bbxyAcFdFjmuYEFwXBsU.roa (raw, json)
Hash identifier: WEmFcKUdgxX3uJIjqIrmLcxjRyqE9nhGbay/JhL8Msw=
Subject key identifier: D3:8F:44:CF:0D:DB:6F:1C:80:70:57:45:8E:6B:98:10:5C:17:06:C5
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 0194228D6AD397B74916C9EBDB245877DD43
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/049Ezw3bbxyAcFdFjmuYEFwXBsU.roa
Signing time: Wed 01 Jan 2025 15:48:00 +0000
ROA not before: Wed 01 Jan 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30836
IP address blocks: 77.221.58.0/23 maxlen: 23
77.221.60.0/23 maxlen: 23
77.221.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:6a:d3:97:b7:49:16:c9:eb:db:24:58:77:dd:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d38f44cf0ddb6f1c807057458e6b98105c1706c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cd:98:68:8e:a2:f7:66:8e:65:ef:0a:d9:df:
78:2a:a7:71:dd:b8:cf:62:4e:7e:03:07:4e:aa:67:
ea:9a:21:66:e9:85:5b:83:2f:64:ae:b0:7f:bc:39:
63:b1:07:0a:a0:46:a7:c5:21:3c:11:8a:a5:a8:46:
b8:71:6a:ad:b6:7b:7e:b4:4b:32:31:c6:92:3f:a8:
53:3c:0c:38:24:73:90:17:35:b8:b1:08:30:0a:ed:
85:08:2a:a9:b1:34:3e:cf:a1:5c:31:70:20:d0:23:
66:35:e8:d3:5a:b1:6a:04:18:09:68:b9:0d:8e:f1:
2b:59:ba:0f:a8:57:27:50:c9:c7:62:6f:bf:24:16:
23:1c:98:04:d3:d9:24:df:cd:7f:ec:be:65:55:93:
0f:fb:7b:f3:00:fa:68:53:c9:f7:52:6f:dd:e0:67:
16:a5:d8:20:26:0b:93:28:5a:8a:e9:34:64:2c:6c:
64:4b:57:43:e3:6c:3b:58:f9:cd:4a:16:9d:e5:2b:
98:c8:49:43:37:df:9f:8e:fa:2a:33:70:e3:a8:12:
aa:d4:20:44:96:db:76:f7:2e:7d:80:de:2a:88:ce:
7b:5b:81:36:a8:62:ae:62:cd:b2:17:21:83:f9:1b:
ce:59:d5:15:e6:a6:8e:45:9f:fa:47:4e:78:fb:66:
1e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8F:44:CF:0D:DB:6F:1C:80:70:57:45:8E:6B:98:10:5C:17:06:C5
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/049Ezw3bbxyAcFdFjmuYEFwXBsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.58.0-77.221.61.255
77.221.63.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b3:bb:1b:f7:b2:1d:bc:de:2d:5d:66:78:a2:88:27:6d:aa:
c3:8a:d8:d3:a2:4d:59:b0:eb:e3:ff:18:59:62:86:5a:e8:8f:
35:a1:4f:99:31:07:f0:a2:18:8d:73:15:e5:06:97:b0:f8:45:
80:aa:dc:fd:cd:68:06:54:c1:fb:12:a3:d5:3f:1b:a2:1d:8e:
7e:46:3a:93:f0:4d:43:cc:d7:8f:33:c8:7d:b1:d1:33:e5:16:
bd:b1:fc:f7:06:31:c5:5b:87:c3:a4:21:95:a6:19:ff:a9:f1:
cc:41:da:be:56:42:17:7f:7d:23:97:df:9f:a4:34:13:ef:e0:
e9:b8:b1:b4:8f:fa:5e:ee:98:6b:5b:0c:50:b8:04:b6:98:1d:
19:b3:b1:93:14:fa:ba:8e:d4:c5:47:6d:e0:83:b8:79:89:35:
9b:dc:90:89:d7:08:0b:cd:40:70:32:1c:43:59:24:79:9d:1e:
59:3b:14:d3:77:76:08:7e:f9:eb:66:7c:14:a4:61:3e:7c:19:
ec:bc:45:b9:fa:42:62:49:ef:af:27:82:92:42:27:31:0b:9b:
59:fc:78:35:c9:4e:b5:d3:6d:75:26:8b:62:cd:f1:9f:d8:55:
18:82:88:4e:77:99:cd:57:ac:03:d5:05:e4:48:0d:2d:53:bc:
bd:fb:8a:be
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQijWrTl7dJFsnr2yRYd91DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjUwMTAxMTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhmNDRjZjBkZGI2ZjFjODA3MDU3NDU4ZTZiOTgxMDVjMTcwNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3c2YaI6i92aOZe8K2d94Kqdx3bjP
Yk5+AwdOqmfqmiFm6YVbgy9krrB/vDljsQcKoEanxSE8EYqlqEa4cWqttnt+tEsy
McaSP6hTPAw4JHOQFzW4sQgwCu2FCCqpsTQ+z6FcMXAg0CNmNejTWrFqBBgJaLkN
jvErWboPqFcnUMnHYm+/JBYjHJgE09kk381/7L5lVZMP+3vzAPpoU8n3Um/d4GcW
pdggJguTKFqK6TRkLGxkS1dD42w7WPnNShad5SuYyElDN9+fjvoqM3DjqBKq1CBE
ltt29y59gN4qiM57W4E2qGKuYs2yFyGD+RvOWdUV5qaORZ/6R054+2YeMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNOPRM8N228cgHBXRY5rmBBcFwbFMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvMDQ5RXp3M2JieHlBY0ZkRmptdVlFRndYQnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFN3ToD
BAFN3TwDBABN3T8wDQYJKoZIhvcNAQELBQADggEBABKzuxv3sh283i1dZniiiCdt
qsOK2NOiTVmw6+P/GFlihlrojzWhT5kxB/CiGI1zFeUGl7D4RYCq3P3NaAZUwfsS
o9U/G6Idjn5GOpPwTUPM148zyH2x0TPlFr2x/PcGMcVbh8OkIZWmGf+p8cxB2r5W
Qhd/fSOX35+kNBPv4Om4sbSP+l7umGtbDFC4BLaYHRmzsZMU+rqO1MVHbeCDuHmJ
NZvckInXCAvNQHAyHENZJHmdHlk7FNN3dgh++etmfBSkYT58Gey8Rbn6QmJJ768n
gpJCJzELm1n8eDXJTrXTbXUmi2LN8Z/YVRiCiE53mc1XrAPVBeRIDS1TvL37ir4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:56 2025 by rpki-client