Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/t7q0gRp_Rjm1TKofQQJGVXRxiQ4.roa
File: t7q0gRp_Rjm1TKofQQJGVXRxiQ4.roa (raw, json)
Hash identifier: 8i0M18hNbssP3r3dcfAr+F0zW7Rf4keL31Nq8c6T/TQ=
Subject key identifier: B7:BA:B4:81:1A:7F:46:39:B5:4C:AA:1F:41:02:46:55:74:71:89:0E
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 01942143F701C1325A9FCB80C00DBEBBACDD
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/t7q0gRp_Rjm1TKofQQJGVXRxiQ4.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201711
IP address blocks: 37.77.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f7:01:c1:32:5a:9f:cb:80:c0:0d:be:bb:ac:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7bab4811a7f4639b54caa1f410246557471890e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:9e:1d:17:0f:af:cd:b0:17:56:7b:45:29:
de:3f:a8:2f:e9:4d:b9:09:3b:c7:6c:44:b8:2b:3e:
b2:e2:83:93:f7:ad:16:a4:c9:78:0c:b5:8a:cf:02:
a1:63:69:6a:45:97:e6:d0:93:20:fa:23:8f:a4:07:
9a:f6:cb:7c:96:2e:dc:20:86:bb:11:a4:f8:79:de:
34:5e:16:54:6e:b1:3d:40:81:7c:92:7d:f2:4d:42:
c3:c6:78:d5:86:ec:6a:61:aa:17:4a:8e:9e:99:09:
00:cd:b7:8e:5b:90:4f:b0:04:5b:c6:31:0c:7d:9e:
e1:16:ef:af:67:2e:67:a7:36:6c:cd:17:82:c0:29:
7a:46:c4:77:bf:1c:6c:87:3b:0d:9d:c6:89:0e:e1:
94:65:08:cb:c5:a6:6b:b0:9a:de:2a:f9:ff:6e:1c:
77:9b:a2:2a:c8:06:18:2a:c2:b9:e4:f2:13:3a:ae:
13:fa:d4:a4:4f:1b:65:b9:7f:ef:f9:1b:6e:c6:b7:
4b:e3:bc:60:17:b7:29:07:20:69:3f:6a:21:83:4b:
5e:dd:87:c7:d5:a9:f5:fc:03:ba:04:bf:f7:cc:80:
1b:98:f2:4a:1d:cf:b7:4b:85:0a:1e:0b:67:49:3d:
f7:f4:35:f0:2f:66:a2:53:91:6b:ce:73:1b:4f:1b:
37:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BA:B4:81:1A:7F:46:39:B5:4C:AA:1F:41:02:46:55:74:71:89:0E
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/t7q0gRp_Rjm1TKofQQJGVXRxiQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.175.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:df:06:95:70:89:c0:ac:a4:45:13:7b:3e:dd:5d:c1:78:15:
92:8e:08:db:d9:61:8c:d9:9f:9f:45:0f:ba:48:96:c7:db:af:
ab:d2:d5:bf:9f:4d:c3:a0:9a:86:58:4e:8e:df:9e:58:6b:d0:
3b:4e:a1:57:3f:70:f0:b4:ef:44:c7:a4:bb:51:83:de:ec:66:
07:0f:18:c7:11:26:65:ea:c8:52:04:1a:07:ff:cf:a4:bb:b7:
66:2c:b5:21:fd:da:60:cf:6a:f7:36:f3:1d:11:d6:8e:f9:29:
36:77:45:03:7c:9a:88:53:f8:75:99:99:88:4c:fa:71:a4:30:
79:36:17:33:8b:7c:df:fd:8f:5d:10:3b:0f:31:1b:8e:69:73:
ad:9d:99:18:8b:0d:a0:d1:71:1a:eb:c1:38:80:2c:10:33:48:
fd:af:3f:34:29:fa:47:72:ef:83:e2:6b:c6:2e:20:50:02:11:
68:9d:8f:cc:1e:b6:84:dc:44:e5:96:cb:ba:04:b0:c3:f4:6a:
df:06:d4:b8:9d:a6:ac:6e:c2:dc:d8:d4:65:e6:57:29:30:d6:
fa:b8:9f:72:11:f2:0d:4b:95:a4:a2:2d:b5:50:b5:db:3b:b4:
00:6f:f1:1d:29:ca:b3:97:c4:95:a5:44:e8:2d:58:27:84:f4:
cd:1b:cb:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/cBwTJan8uAwA2+u6zdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm
YzdjMTkwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2JhYjQ4MTFhN2Y0NjM5YjU0Y2FhMWY0MTAyNDY1NTc0NzE4OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+meHRcPr82wF1Z7RSneP6gv6U25
CTvHbES4Kz6y4oOT960WpMl4DLWKzwKhY2lqRZfm0JMg+iOPpAea9st8li7cIIa7
EaT4ed40XhZUbrE9QIF8kn3yTULDxnjVhuxqYaoXSo6emQkAzbeOW5BPsARbxjEM
fZ7hFu+vZy5npzZszReCwCl6RsR3vxxshzsNncaJDuGUZQjLxaZrsJreKvn/bhx3
m6IqyAYYKsK55PITOq4T+tSkTxtluX/v+RtuxrdL47xgF7cpByBpP2ohg0te3YfH
1an1/AO6BL/3zIAbmPJKHc+3S4UKHgtnST339DXwL2aiU5FrznMbTxs3IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLe6tIEaf0Y5tUyqH0ECRlV0cYkOMB8GA1UdIwQY
MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt
ODM2YWM5N2MwMWJiLzEvdDdxMGdScF9Sam0xVEtvZlFRSkdWWFJ4aVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi
LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJU2vMA0G
CSqGSIb3DQEBCwUAA4IBAQA93waVcInArKRFE3s+3V3BeBWSjgjb2WGM2Z+fRQ+6
SJbH26+r0tW/n03DoJqGWE6O355Ya9A7TqFXP3DwtO9Ex6S7UYPe7GYHDxjHESZl
6shSBBoH/8+ku7dmLLUh/dpgz2r3NvMdEdaO+Sk2d0UDfJqIU/h1mZmITPpxpDB5
Nhczi3zf/Y9dEDsPMRuOaXOtnZkYiw2g0XEa68E4gCwQM0j9rz80KfpHcu+D4mvG
LiBQAhFonY/MHraE3ETllsu6BLDD9GrfBtS4naasbsLc2NRl5lcpMNb6uJ9yEfIN
S5Wkoi21ULXbO7QAb/EdKcqzl8SVpUToLVgnhPTNG8tT
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:10 2025 by rpki-client