Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/3YD_MRnl9Z0M-5gb5pCh5nc9hwk.roa
File: 3YD_MRnl9Z0M-5gb5pCh5nc9hwk.roa (raw, json)
Hash identifier: evl0gnXGBj3jpscK/Lmbf+kXEngR8HlbQU4a4Qn4JRY=
Subject key identifier: DD:80:FF:31:19:E5:F5:9D:0C:FB:98:1B:E6:90:A1:E6:77:3D:87:09
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 0194CB9153A7C34DA60F3F1F55F901556E37
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/3YD_MRnl9Z0M-5gb5pCh5nc9hwk.roa
Signing time: Mon 03 Feb 2025 11:28:06 +0000
ROA not before: Mon 03 Feb 2025 11:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39679
IP address blocks: 77.221.49.0/24 maxlen: 24
77.221.54.0/23 maxlen: 23
77.221.56.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:91:53:a7:c3:4d:a6:0f:3f:1f:55:f9:01:55:6e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Feb 3 11:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd80ff3119e5f59d0cfb981be690a1e6773d8709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1f:bc:43:d8:14:c4:cd:88:e8:65:3c:60:1d:
ec:1a:89:81:8e:d0:10:93:c4:c9:be:20:2f:71:0a:
9a:53:04:8c:27:7f:fd:0e:6d:b3:5f:f8:39:d7:f9:
76:99:d1:82:79:52:02:42:25:8b:48:b2:c9:b9:4c:
6e:a6:55:cd:f1:ae:2a:aa:fc:1c:d0:70:38:d2:17:
59:99:60:6e:1f:28:b0:23:e6:90:92:8d:62:b1:5f:
1c:0c:45:c0:a1:9a:6d:eb:9a:4a:5a:8a:df:a0:1d:
6e:84:95:66:25:e2:b2:af:e1:d6:fe:d9:ad:75:c1:
14:37:c7:1a:b2:cd:2b:57:29:4a:ae:6b:2b:50:4c:
e3:5f:c7:de:be:48:6f:65:08:c9:d0:2a:05:f5:6a:
d4:15:41:f3:e3:2b:22:9c:49:de:36:ed:78:01:7b:
34:46:2a:7c:e1:59:58:e9:50:d8:9c:84:f0:5f:c1:
64:88:5d:4d:fc:f7:f5:e0:b9:5c:b1:ff:64:ba:b8:
4f:f0:02:b6:8a:f2:8c:b2:7a:db:f2:f7:bc:49:4f:
4b:62:df:8b:04:36:78:8f:3f:28:70:f6:42:dd:7a:
87:b5:1e:6b:48:e1:d5:2b:7d:2f:53:bd:ac:75:c9:
2a:31:13:f5:05:86:9f:04:4d:06:56:7c:a5:2e:2f:
c4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:80:FF:31:19:E5:F5:9D:0C:FB:98:1B:E6:90:A1:E6:77:3D:87:09
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/3YD_MRnl9Z0M-5gb5pCh5nc9hwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.49.0/24
77.221.54.0-77.221.57.255
Signature Algorithm: sha256WithRSAEncryption
17:e0:cc:1b:57:33:37:2d:36:a4:86:06:8d:ba:52:96:70:1d:
4c:3c:86:45:38:e9:e2:8c:f8:d3:16:53:ae:f8:56:20:48:43:
87:c8:5b:94:d5:06:9e:af:69:06:2c:00:92:9a:54:6d:64:d6:
24:c9:b1:0e:cb:bb:87:d9:96:e2:04:79:f5:8f:35:95:de:36:
f5:16:aa:c3:29:f1:50:c7:15:ab:d3:5c:96:71:d5:32:74:e6:
d3:ec:2a:58:89:ba:94:82:19:9f:2f:9c:a3:17:cc:4e:7b:5d:
00:74:25:86:b0:fe:a7:00:dc:9d:43:bb:3d:e1:44:80:57:dc:
c0:33:70:a9:c4:19:cd:22:ce:a9:16:b9:89:af:2b:86:20:72:
a7:89:80:da:1b:35:53:05:35:c5:fb:ee:83:2d:d7:3d:81:70:
25:32:dc:a3:7b:3d:ed:7d:55:80:70:36:27:f3:b9:e0:80:29:
16:73:51:a1:2b:76:99:bb:f4:32:18:76:df:ce:59:ae:5f:47:
32:ca:32:26:13:d3:31:71:67:c1:54:ec:06:c3:1b:e1:66:d6:
22:88:da:14:d0:71:12:aa:bd:42:cf:cf:b6:68:14:08:96:3e:
24:21:18:27:cf:3c:b9:92:89:4d:9f:ca:f6:f7:5c:3d:79:21:
0e:ab:5c:5b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTLkVOnw02mDz8fVfkBVW43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjUwMjAzMTEyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgwZmYzMTE5ZTVmNTlkMGNmYjk4MWJlNjkwYTFlNjc3M2Q4NzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0x+8Q9gUxM2I6GU8YB3sGomBjtAQ
k8TJviAvcQqaUwSMJ3/9Dm2zX/g51/l2mdGCeVICQiWLSLLJuUxuplXN8a4qqvwc
0HA40hdZmWBuHyiwI+aQko1isV8cDEXAoZpt65pKWorfoB1uhJVmJeKyr+HW/tmt
dcEUN8cass0rVylKrmsrUEzjX8fevkhvZQjJ0CoF9WrUFUHz4ysinEneNu14AXs0
Rip84VlY6VDYnITwX8FkiF1N/Pf14Llcsf9kurhP8AK2ivKMsnrb8ve8SU9LYt+L
BDZ4jz8ocPZC3XqHtR5rSOHVK30vU72sdckqMRP1BYafBE0GVnylLi/EwQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFN2A/zEZ5fWdDPuYG+aQoeZ3PYcJMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvM1lEX01Sbmw5WjBNLTVnYjVwQ2g1bmM5aHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQATd0xMAwD
BAFN3TYDBAFN3TgwDQYJKoZIhvcNAQELBQADggEBABfgzBtXMzctNqSGBo26UpZw
HUw8hkU46eKM+NMWU674ViBIQ4fIW5TVBp6vaQYsAJKaVG1k1iTJsQ7Lu4fZluIE
efWPNZXeNvUWqsMp8VDHFavTXJZx1TJ05tPsKliJupSCGZ8vnKMXzE57XQB0JYaw
/qcA3J1Duz3hRIBX3MAzcKnEGc0izqkWuYmvK4YgcqeJgNobNVMFNcX77oMt1z2B
cCUy3KN7Pe19VYBwNifzueCAKRZzUaErdpm79DIYdt/OWa5fRzLKMiYT0zFxZ8FU
7AbDG+Fm1iKI2hTQcRKqvULPz7ZoFAiWPiQhGCfPPLmSiU2fyvb3XD15IQ6rXFs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:07 2025 by rpki-client