Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3lZya65suNjTCHFw3w-FFAKeG_o.roa
File: 3lZya65suNjTCHFw3w-FFAKeG_o.roa (raw, json)
Hash identifier: CfCDcVjrMc7xYDPy+m/Tghf7N+2w7HYYBaXcBMgiWVk=
Subject key identifier: DE:56:72:6B:AE:6C:B8:D8:D3:08:71:70:DF:0F:85:14:02:9E:1B:FA
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0195295F8DD8970FAE1D2086A928E730B338
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3lZya65suNjTCHFw3w-FFAKeG_o.roa
Signing time: Fri 21 Feb 2025 16:38:02 +0000
ROA not before: Fri 21 Feb 2025 16:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 77.83.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:5f:8d:d8:97:0f:ae:1d:20:86:a9:28:e7:30:b3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 21 16:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de56726bae6cb8d8d3087170df0f8514029e1bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:a6:f3:4a:24:0a:4e:17:d0:fa:e3:4d:ff:
7b:c5:3b:79:3c:85:21:ac:d3:00:0b:59:45:ca:ce:
a9:12:6b:e2:f8:00:e2:d9:de:fd:7c:a1:cb:d1:5b:
4a:82:40:e3:3e:b3:6d:1e:fc:05:05:0b:59:ef:a7:
36:9d:e9:dc:86:a8:84:78:6a:b6:67:22:66:fa:ab:
b6:9e:dd:d9:ed:0b:58:6b:01:80:32:95:af:12:04:
77:ab:ed:db:2f:a6:d1:d1:91:0a:05:2c:30:17:e0:
e8:56:9f:eb:7c:9b:78:cf:41:d8:d5:c4:51:d7:e7:
54:0e:66:1c:30:12:6b:1b:ca:81:57:b7:95:5b:8d:
39:03:15:a9:c3:b1:7a:21:65:cc:60:0e:cf:a2:89:
76:96:03:f4:37:58:97:62:5d:cc:fa:6b:45:7a:17:
c2:ca:c8:b6:0e:1c:7b:a1:45:6e:6d:aa:da:04:fd:
70:a7:9e:3f:10:81:84:06:89:42:4c:43:7b:c4:74:
bd:d5:6b:56:4a:c7:61:02:28:ea:e4:95:e0:73:15:
da:5e:1e:31:c6:d2:f9:3f:21:3d:37:f8:ff:09:73:
7e:02:f1:79:76:b6:b8:ba:ec:15:9d:f7:90:c1:f4:
2d:a2:0d:d8:ca:50:b9:ba:fd:b0:1f:fc:4f:22:20:
49:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:56:72:6B:AE:6C:B8:D8:D3:08:71:70:DF:0F:85:14:02:9E:1B:FA
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3lZya65suNjTCHFw3w-FFAKeG_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.205.0/24
Signature Algorithm: sha256WithRSAEncryption
58:e7:94:87:7c:8e:0c:81:42:76:3d:d5:55:61:35:40:17:fb:
e7:24:ea:4f:2c:83:2e:d3:6f:e8:a7:ff:d9:99:16:f5:09:80:
f4:50:0a:11:7b:25:87:e8:93:72:db:10:b2:00:a5:bc:8c:4a:
ab:a6:99:cc:14:ac:35:a2:ae:df:ee:3b:54:0f:07:e3:f5:2e:
81:25:6a:b6:2c:5b:4d:9d:61:46:4d:e7:a9:80:97:81:60:4b:
5d:6f:2e:a7:f1:82:0c:ef:6e:2c:f8:ff:6d:8d:2a:7c:a7:66:
46:61:02:32:51:64:43:21:b3:aa:3c:f3:8f:18:67:b9:bc:d8:
d8:ae:f5:4c:c8:09:ea:4a:7f:9f:cd:64:b0:1c:0b:fe:0c:28:
8e:6f:77:c6:df:0e:5d:2a:0e:72:2e:46:e2:40:f7:d8:e0:2e:
da:90:52:bb:65:9a:a6:e0:80:15:c8:b7:af:23:17:4d:14:90:
e4:4e:ca:d5:49:a2:0b:b4:30:4c:76:e6:a6:af:3c:29:e7:eb:
81:84:9f:78:02:26:1a:35:ef:0a:8a:4d:50:17:00:0f:6e:87:
74:a8:05:89:d4:b7:59:61:4d:d8:bc:fe:09:4a:32:cd:22:dd:
17:e0:75:93:a0:5e:eb:6c:d1:fb:d8:37:9e:b7:2e:fe:b7:4e:
e3:e7:4f:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUpX43Ylw+uHSCGqSjnMLM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMjIxMTYzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU2NzI2YmFlNmNiOGQ4ZDMwODcxNzBkZjBmODUxNDAyOWUxYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBCm80okCk4X0PrjTf97xTt5PIUh
rNMAC1lFys6pEmvi+ADi2d79fKHL0VtKgkDjPrNtHvwFBQtZ76c2nenchqiEeGq2
ZyJm+qu2nt3Z7QtYawGAMpWvEgR3q+3bL6bR0ZEKBSwwF+DoVp/rfJt4z0HY1cRR
1+dUDmYcMBJrG8qBV7eVW405AxWpw7F6IWXMYA7Pool2lgP0N1iXYl3M+mtFehfC
ysi2Dhx7oUVubaraBP1wp54/EIGEBolCTEN7xHS91WtWSsdhAijq5JXgcxXaXh4x
xtL5PyE9N/j/CXN+AvF5dra4uuwVnfeQwfQtog3YylC5uv2wH/xPIiBJJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5WcmuubLjY0whxcN8PhRQCnhv6MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvM2xaeWE2NXN1TmpUQ0hGdzN3LUZGQUtlR19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVPNMA0G
CSqGSIb3DQEBCwUAA4IBAQBY55SHfI4MgUJ2PdVVYTVAF/vnJOpPLIMu02/op//Z
mRb1CYD0UAoReyWH6JNy2xCyAKW8jEqrppnMFKw1oq7f7jtUDwfj9S6BJWq2LFtN
nWFGTeepgJeBYEtdby6n8YIM724s+P9tjSp8p2ZGYQIyUWRDIbOqPPOPGGe5vNjY
rvVMyAnqSn+fzWSwHAv+DCiOb3fG3w5dKg5yLkbiQPfY4C7akFK7ZZqm4IAVyLev
IxdNFJDkTsrVSaILtDBMduamrzwp5+uBhJ94AiYaNe8Kik1QFwAPbod0qAWJ1LdZ
YU3YvP4JSjLNIt0X4HWToF7rbNH72Deety7+t07j508Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:51 2025 by rpki-client