Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fzxS2LNVH9HlCsyhr5NDfDsdgD0.roa
File: fzxS2LNVH9HlCsyhr5NDfDsdgD0.roa (raw, json)
Hash identifier: p3WIgyCpnog37QCwjA4qGvKDBM1Ggv9cnBEj2biZvBU=
Subject key identifier: 7F:3C:52:D8:B3:55:1F:D1:E5:0A:CC:A1:AF:93:43:7C:3B:1D:80:3D
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194222000C830EC987A70C2F1FE1CE5E4EE
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fzxS2LNVH9HlCsyhr5NDfDsdgD0.roa
Signing time: Wed 01 Jan 2025 13:48:30 +0000
ROA not before: Wed 01 Jan 2025 13:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 77.83.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:00:c8:30:ec:98:7a:70:c2:f1:fe:1c:e5:e4:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f3c52d8b3551fd1e50acca1af93437c3b1d803d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:0f:17:5e:e4:45:88:a8:94:13:16:81:a4:
00:96:40:5c:eb:b9:29:37:1e:f8:94:a1:a9:50:31:
03:ae:9f:d5:6d:22:97:5c:88:c7:fc:5f:07:a2:c8:
57:77:a5:73:a6:36:28:32:8f:c7:fe:37:3c:54:9b:
40:a7:60:25:e1:5f:a8:e2:49:fb:18:3f:10:c1:87:
d7:ab:bc:7a:1c:4a:e5:fc:c7:29:e4:46:8c:55:2d:
54:f1:a7:3f:3e:1a:d7:7e:30:d7:a8:a7:84:f8:21:
db:39:8c:1a:49:b7:bd:d1:71:df:c7:4f:ac:00:79:
60:c7:fc:4a:3d:ad:59:1e:6c:bf:5a:09:31:32:f5:
dd:fb:49:61:c1:64:7f:e8:ee:b9:48:65:13:39:c2:
a1:f0:35:ea:f8:d8:41:c1:5b:18:89:ac:1a:b3:a1:
ca:d0:56:2c:1f:58:15:51:23:2d:ec:96:52:a7:75:
e4:e8:5a:f0:51:6a:6f:29:42:0b:42:fe:d8:4c:b5:
b8:47:41:8e:15:a0:54:c6:e8:e1:b9:ce:cf:3a:76:
f1:c6:94:e5:b5:ab:42:90:f1:0d:be:51:f4:22:1e:
cf:63:97:43:a1:67:3d:75:f7:36:3f:14:e0:05:34:
24:b0:2a:74:4f:f4:85:7d:7d:14:19:6c:46:d4:2c:
ed:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3C:52:D8:B3:55:1F:D1:E5:0A:CC:A1:AF:93:43:7C:3B:1D:80:3D
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fzxS2LNVH9HlCsyhr5NDfDsdgD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.244.0/24
Signature Algorithm: sha256WithRSAEncryption
41:74:56:da:65:95:9b:98:06:66:91:ff:a8:b3:f9:6a:34:e9:
50:57:28:18:1d:1b:15:0c:89:d4:e1:88:fd:b8:65:4a:22:0f:
bb:89:83:a5:4f:8f:27:1a:eb:88:b6:90:bb:aa:33:06:6e:85:
cb:a9:30:9a:98:04:42:31:8b:8b:ff:d2:52:d4:35:d0:cf:a9:
9f:11:2f:7a:e6:64:4e:47:dd:91:44:4d:04:d9:66:ea:1a:c8:
cb:c2:cc:79:a0:0d:c0:6a:a4:81:58:3d:1f:88:d8:4e:b5:f3:
4d:62:19:44:7a:59:b7:a3:ec:25:e0:71:a6:8b:d6:02:3d:76:
5d:de:6c:02:29:bd:9c:87:b3:d3:8c:e7:8e:58:dc:75:98:74:
60:64:44:9b:f2:fc:f5:d5:9a:d6:85:93:87:42:94:e4:16:19:
4e:fc:d9:5f:f4:56:a3:50:82:c2:68:45:cc:4d:19:e1:d8:1f:
00:fc:02:84:20:4d:c5:f2:92:fa:6f:75:71:d7:02:73:3a:83:
d8:73:d2:13:e2:96:3b:3e:aa:38:b0:1f:54:a3:f6:25:01:74:
69:82:39:5a:de:e1:af:ff:0b:87:74:8b:1d:42:35:5a:c7:c6:
e0:85:38:c5:bc:42:a8:d2:7d:15:0b:9a:6f:fd:3d:5b:97:8d:
2e:9c:9a:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIADIMOyYenDC8f4c5eTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjNjNTJkOGIzNTUxZmQxZTUwYWNjYTFhZjkzNDM3YzNiMWQ4MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEgPF17kRYiolBMWgaQAlkBc67kp
Nx74lKGpUDEDrp/VbSKXXIjH/F8HoshXd6VzpjYoMo/H/jc8VJtAp2Al4V+o4kn7
GD8QwYfXq7x6HErl/Mcp5EaMVS1U8ac/PhrXfjDXqKeE+CHbOYwaSbe90XHfx0+s
AHlgx/xKPa1ZHmy/WgkxMvXd+0lhwWR/6O65SGUTOcKh8DXq+NhBwVsYiawas6HK
0FYsH1gVUSMt7JZSp3Xk6FrwUWpvKUILQv7YTLW4R0GOFaBUxujhuc7POnbxxpTl
tatCkPENvlH0Ih7PY5dDoWc9dfc2PxTgBTQksCp0T/SFfX0UGWxG1CztMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH88UtizVR/R5QrMoa+TQ3w7HYA9MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZnp4UzJMTlZIOUhsQ3N5aHI1TkRmRHNkZ0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVP0MA0G
CSqGSIb3DQEBCwUAA4IBAQBBdFbaZZWbmAZmkf+os/lqNOlQVygYHRsVDInU4Yj9
uGVKIg+7iYOlT48nGuuItpC7qjMGboXLqTCamARCMYuL/9JS1DXQz6mfES965mRO
R92RRE0E2WbqGsjLwsx5oA3AaqSBWD0fiNhOtfNNYhlEelm3o+wl4HGmi9YCPXZd
3mwCKb2ch7PTjOeOWNx1mHRgZESb8vz11ZrWhZOHQpTkFhlO/Nlf9FajUILCaEXM
TRnh2B8A/AKEIE3F8pL6b3Vx1wJzOoPYc9IT4pY7Pqo4sB9Uo/YlAXRpgjla3uGv
/wuHdIsdQjVax8bghTjFvEKo0n0VC5pv/T1bl40unJpa
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:55:18 2025 by rpki-client