Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/Oe2ZInEj059O0GiOPtXNU0_R6MI.roa
File: Oe2ZInEj059O0GiOPtXNU0_R6MI.roa (raw, json)
Hash identifier: t8ba+S8fY0Jk7zkL111LjDk68FhBP0J/JQnAfb8aRYU=
Subject key identifier: 39:ED:99:22:71:23:D3:9F:4E:D0:68:8E:3E:D5:CD:53:4F:D1:E8:C2
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 0194228D6E4A158E1D0B810694BD3FB2F4B8
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/Oe2ZInEj059O0GiOPtXNU0_R6MI.roa
Signing time: Wed 01 Jan 2025 15:48:01 +0000
ROA not before: Wed 01 Jan 2025 15:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212910
IP address blocks: 77.221.58.0/23 maxlen: 23
77.221.60.0/23 maxlen: 23
77.221.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:6e:4a:15:8e:1d:0b:81:06:94:bd:3f:b2:f4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 15:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39ed99227123d39f4ed0688e3ed5cd534fd1e8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8a:fd:fe:d4:b9:f2:38:6e:8c:d4:81:ff:79:
7b:c9:92:f9:f2:7b:2d:5c:d2:ee:bb:9f:34:6f:e6:
5b:25:5b:fe:d5:e8:96:b5:6d:33:06:00:02:d5:9c:
aa:28:d9:87:93:e2:7b:c3:29:e6:89:41:a1:1a:b0:
a1:6f:76:61:3a:09:17:7d:5b:06:2f:5b:25:25:f0:
9f:b7:f2:82:0c:80:24:ae:4d:37:36:96:45:d3:15:
47:82:d8:5c:2c:7b:07:0e:5c:fb:ae:c2:a8:ca:ba:
73:ba:79:f7:3b:78:e0:b2:bb:90:9d:f5:8b:af:0c:
84:8b:b7:7c:2a:9c:69:f5:d3:5c:22:a7:ac:8a:fb:
86:6f:a9:61:9d:80:ed:c0:36:f1:bf:a4:2f:39:9c:
0e:91:c2:d4:14:d1:37:c2:6c:93:e5:1e:83:ea:9b:
11:a7:83:99:0c:70:05:50:c0:e2:b1:44:e2:e2:a9:
55:0f:a4:09:d6:74:6b:a8:eb:5c:8c:17:4c:23:62:
a6:23:8b:e2:4b:1e:c8:6f:43:8d:6e:4f:17:32:e9:
b5:b6:e1:ed:78:ef:21:68:8e:f8:da:d8:be:8a:d7:
2a:67:d3:1b:24:11:af:16:57:49:03:8d:2e:99:2d:
9d:c0:d4:17:ec:09:78:75:36:b1:ea:1c:4c:05:ea:
32:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:ED:99:22:71:23:D3:9F:4E:D0:68:8E:3E:D5:CD:53:4F:D1:E8:C2
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/Oe2ZInEj059O0GiOPtXNU0_R6MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.58.0-77.221.61.255
77.221.63.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:e3:bc:59:e5:29:9a:62:50:a8:16:bc:73:c1:96:fe:4a:2c:
11:b9:fa:21:93:d1:f4:1b:25:fe:ee:30:ec:76:2e:b2:d7:b7:
2c:93:28:e2:8c:b1:81:87:dc:20:d3:3b:2b:27:a0:9b:92:36:
f0:0b:36:5d:8d:b6:36:5c:f9:ec:8b:2b:3c:8c:38:64:a7:7b:
c4:59:df:62:40:bc:a8:fc:e0:72:62:49:d3:27:f8:23:46:64:
75:b0:da:19:c9:d5:5a:1e:d0:52:54:32:37:4f:46:b4:1a:52:
32:c2:06:71:b3:92:ff:aa:38:fc:61:2f:97:b8:c5:a3:04:11:
e3:86:21:e2:b0:fa:92:57:1a:14:ce:84:12:6a:95:73:1a:d4:
cb:7a:0d:2f:21:01:e1:68:76:02:29:54:c1:67:a8:bd:fe:68:
44:38:b7:5d:e3:20:37:1d:ca:91:cc:dd:7f:0a:10:b8:8a:c4:
5d:17:88:20:51:e2:0e:7e:bc:5d:72:d5:97:98:26:9b:50:0a:
b7:be:eb:1a:e9:2f:52:db:73:c8:61:16:a4:f7:ba:46:ca:10:
37:9d:a3:72:73:2e:ca:0d:9f:71:bd:f4:9c:90:72:11:18:38:
95:ce:6a:8a:67:b6:cc:ee:2d:a8:83:29:5d:59:bc:cc:75:98:
08:95:3e:b0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQijW5KFY4dC4EGlL0/svS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjUwMTAxMTU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWVkOTkyMjcxMjNkMzlmNGVkMDY4OGUzZWQ1Y2Q1MzRmZDFlOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIr9/tS58jhujNSB/3l7yZL58nst
XNLuu580b+ZbJVv+1eiWtW0zBgAC1ZyqKNmHk+J7wynmiUGhGrChb3ZhOgkXfVsG
L1slJfCft/KCDIAkrk03NpZF0xVHgthcLHsHDlz7rsKoyrpzunn3O3jgsruQnfWL
rwyEi7d8Kpxp9dNcIqesivuGb6lhnYDtwDbxv6QvOZwOkcLUFNE3wmyT5R6D6psR
p4OZDHAFUMDisUTi4qlVD6QJ1nRrqOtcjBdMI2KmI4viSx7Ib0ONbk8XMum1tuHt
eO8haI742ti+itcqZ9MbJBGvFldJA40umS2dwNQX7Al4dTax6hxMBeoyGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDntmSJxI9OfTtBojj7VzVNP0ejCMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvT2UyWkluRWowNTlPMEdpT1B0WE5VMF9SNk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFN3ToD
BAFN3TwDBABN3T8wDQYJKoZIhvcNAQELBQADggEBAB/jvFnlKZpiUKgWvHPBlv5K
LBG5+iGT0fQbJf7uMOx2LrLXtyyTKOKMsYGH3CDTOysnoJuSNvALNl2NtjZc+eyL
KzyMOGSne8RZ32JAvKj84HJiSdMn+CNGZHWw2hnJ1Voe0FJUMjdPRrQaUjLCBnGz
kv+qOPxhL5e4xaMEEeOGIeKw+pJXGhTOhBJqlXMa1Mt6DS8hAeFodgIpVMFnqL3+
aEQ4t13jIDcdypHM3X8KELiKxF0XiCBR4g5+vF1y1ZeYJptQCre+6xrpL1Lbc8hh
FqT3ukbKEDedo3JzLsoNn3G99JyQchEYOJXOaopntszuLaiDKV1ZvMx1mAiVPrA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:31 2025 by rpki-client