Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/bAf4pYlPQH01VJAbtj0tnC5SXTs.roa
File: bAf4pYlPQH01VJAbtj0tnC5SXTs.roa (raw, json)
Hash identifier: Is6byuQI/ji+q5pWZ94ZQraf9joydkFIunAau5zwEaA=
Subject key identifier: 6C:07:F8:A5:89:4F:40:7D:35:54:90:1B:B6:3D:2D:9C:2E:52:5D:3B
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 01942143F78D374519674BC7C42C5FDACF1B
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/bAf4pYlPQH01VJAbtj0tnC5SXTs.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210133
IP address blocks: 37.77.173.0/24 maxlen: 24
37.77.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f7:8d:37:45:19:67:4b:c7:c4:2c:5f:da:cf:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c07f8a5894f407d3554901bb63d2d9c2e525d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:d7:75:88:8a:0c:bd:1c:53:65:fb:db:25:
15:2e:b5:33:73:53:a6:ae:6f:00:8b:39:f0:33:9f:
41:92:35:62:a6:e9:22:b3:f1:4b:08:68:da:fd:4c:
13:0b:98:ab:65:5a:a3:41:79:e6:50:37:cd:7c:0a:
f3:02:39:ca:2a:68:80:a5:16:7a:ed:62:0f:90:e9:
b9:5e:1d:c3:90:ba:e2:24:99:0d:47:3c:71:73:83:
63:a1:5a:ee:ab:13:f1:d5:d7:15:06:dc:d6:13:80:
0f:71:b5:ac:94:6b:f3:2b:3c:a4:dd:4c:6e:c6:39:
b3:5c:2c:99:9f:96:fd:3f:9d:a5:40:bb:82:52:ca:
b4:af:3f:56:51:ea:80:92:49:1f:4f:c7:ca:4b:2d:
70:bb:5a:8e:68:bb:4a:ad:33:eb:53:c0:1a:ff:3f:
d6:c4:d8:9e:e3:65:f0:ec:69:12:ea:2b:e0:85:df:
d4:b6:2e:40:d6:85:07:4f:86:b5:0e:fd:0b:a8:88:
59:0c:3a:44:9d:dd:89:8a:d4:85:29:f7:63:9a:00:
87:78:2d:b9:bf:cd:40:26:c4:e6:87:f3:21:d1:77:
a4:38:dc:3d:b1:65:9c:e9:dd:0a:13:ad:00:de:88:
71:a2:94:3b:9b:95:11:62:63:4f:20:ed:5e:2d:f3:
8b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:07:F8:A5:89:4F:40:7D:35:54:90:1B:B6:3D:2D:9C:2E:52:5D:3B
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/bAf4pYlPQH01VJAbtj0tnC5SXTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.173.0-37.77.174.255
Signature Algorithm: sha256WithRSAEncryption
c3:60:ee:53:ed:44:08:50:f4:01:c3:29:ae:2c:7e:db:38:18:
f0:a8:8f:26:46:02:11:f6:11:0c:2a:6d:e6:af:7c:57:77:97:
6e:e6:ef:76:d3:5d:eb:a5:5c:1a:ac:ad:ce:ca:bc:d2:e6:cc:
5d:93:81:f5:33:56:e1:96:01:3c:35:f9:1d:2c:96:39:eb:a6:
d2:38:15:f9:76:d2:5c:88:a5:3d:b0:2c:c0:b6:7e:57:7f:ff:
97:65:0b:8c:cb:34:1f:7f:4e:6b:68:f2:e7:1f:9e:b2:f2:93:
5a:ad:73:2d:b8:a8:5b:4c:34:8f:ca:7c:94:e2:18:cb:da:51:
89:11:ed:08:49:83:ee:27:1a:3d:52:b9:55:bd:24:95:1c:04:
8f:c1:d7:73:21:ad:de:d6:fc:35:08:b0:54:3c:74:e6:5b:16:
15:74:47:86:57:39:ed:ef:ea:a3:fa:5d:b6:d9:23:41:91:06:
1a:94:ef:ec:7d:d8:47:39:8c:3d:f0:de:2f:61:9d:04:37:0c:
55:0d:85:2f:6a:d2:e4:46:3e:41:aa:ce:98:3d:6d:7e:b9:6a:
be:4a:e8:c4:01:78:99:39:bb:c3:f1:75:16:db:85:d9:41:34:
05:74:9d:da:ea:35:85:76:95:e9:92:a1:8f:59:d3:69:93:f8:
3a:a3:c1:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhQ/eNN0UZZ0vHxCxf2s8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm
YzdjMTkwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA3ZjhhNTg5NGY0MDdkMzU1NDkwMWJiNjNkMmQ5YzJlNTI1ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriLXdYiKDL0cU2X72yUVLrUzc1Om
rm8AiznwM59BkjVipukis/FLCGja/UwTC5irZVqjQXnmUDfNfArzAjnKKmiApRZ6
7WIPkOm5Xh3DkLriJJkNRzxxc4NjoVruqxPx1dcVBtzWE4APcbWslGvzKzyk3Uxu
xjmzXCyZn5b9P52lQLuCUsq0rz9WUeqAkkkfT8fKSy1wu1qOaLtKrTPrU8Aa/z/W
xNie42Xw7GkS6ivghd/Uti5A1oUHT4a1Dv0LqIhZDDpEnd2JitSFKfdjmgCHeC25
v81AJsTmh/Mh0XekONw9sWWc6d0KE60A3ohxopQ7m5URYmNPIO1eLfOLvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGwH+KWJT0B9NVSQG7Y9LZwuUl07MB8GA1UdIwQY
MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt
ODM2YWM5N2MwMWJiLzEvYkFmNHBZbFBRSDAxVkpBYnRqMHRuQzVTWFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi
LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlTa0D
BAAlTa4wDQYJKoZIhvcNAQELBQADggEBAMNg7lPtRAhQ9AHDKa4sfts4GPCojyZG
AhH2EQwqbeavfFd3l27m73bTXeulXBqsrc7KvNLmzF2TgfUzVuGWATw1+R0sljnr
ptI4Ffl20lyIpT2wLMC2fld//5dlC4zLNB9/Tmto8ucfnrLyk1qtcy24qFtMNI/K
fJTiGMvaUYkR7QhJg+4nGj1SuVW9JJUcBI/B13Mhrd7W/DUIsFQ8dOZbFhV0R4ZX
Oe3v6qP6XbbZI0GRBhqU7+x92Ec5jD3w3i9hnQQ3DFUNhS9q0uRGPkGqzpg9bX65
ar5K6MQBeJk5u8PxdRbbhdlBNAV0ndrqNYV2lemSoY9Z02mT+DqjwQY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:12 2025 by rpki-client