Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/94a1e0-c180-4baf-9ea0-f67e7078878e/1/xkD-bMrKpX5bvRCXR7n2flyNmqg.roa
File: xkD-bMrKpX5bvRCXR7n2flyNmqg.roa (raw, json)
Hash identifier: ANcTIXHVR2iM56VPGUlESg9hA4bfaEVpnPYR7NoEoeQ=
Subject key identifier: C6:40:FE:6C:CA:CA:A5:7E:5B:BD:10:97:47:B9:F6:7E:5C:8D:9A:A8
Certificate issuer: /CN=f83272c0c32db004f078f874b99da9a0b7e63afd
Certificate serial: 019427B51AFD6136CDFAB59F3BE28EDFFAFE
Authority key identifier: F8:32:72:C0:C3:2D:B0:04:F0:78:F8:74:B9:9D:A9:A0:B7:E6:3A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-DJywMMtsATwePh0uZ2poLfmOv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/94a1e0-c180-4baf-9ea0-f67e7078878e/1/xkD-bMrKpX5bvRCXR7n2flyNmqg.roa
Signing time: Thu 02 Jan 2025 15:49:27 +0000
ROA not before: Thu 02 Jan 2025 15:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60501
IP address blocks: 77.72.87.0/24 maxlen: 24
2a11:dd00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:1a:fd:61:36:cd:fa:b5:9f:3b:e2:8e:df:fa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83272c0c32db004f078f874b99da9a0b7e63afd
Validity
Not Before: Jan 2 15:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c640fe6ccacaa57e5bbd109747b9f67e5c8d9aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d2:b4:7e:83:1e:6c:ba:49:04:73:61:1f:a1:
84:f5:c6:7a:aa:fa:64:89:35:df:b2:83:98:d5:ed:
47:5e:1c:2b:5f:c6:ef:1c:54:a6:2e:69:e5:3f:8d:
f3:92:7b:90:8d:94:77:d9:12:f2:1b:71:b2:bf:10:
d2:dd:e2:34:bd:78:cb:3b:0f:fb:8d:16:53:7b:60:
07:0c:dd:58:a3:b7:63:40:69:72:a0:dc:1f:36:fb:
70:68:55:ea:63:2e:54:f4:c1:c3:86:83:75:05:c5:
c3:08:b1:f1:0f:b8:be:1d:e3:e6:47:8b:2c:6f:7b:
4d:10:6c:53:44:ad:a1:16:99:9b:d1:1c:40:87:31:
39:6d:c5:e1:31:97:ac:82:bb:6a:75:00:a3:a9:1b:
30:05:ac:ed:33:68:a6:8f:c8:53:43:cd:eb:d0:9f:
8b:49:6e:44:4b:d1:9b:2a:60:35:4c:2e:34:ab:45:
db:71:64:2f:55:8a:68:03:64:04:95:46:c6:68:a4:
93:3e:a9:8c:78:77:6b:18:a7:25:e2:c6:b0:d9:68:
6d:a7:d1:cc:5e:9d:99:35:36:32:a0:9e:11:4e:bd:
5b:76:b2:39:1e:26:29:89:6f:8e:c8:70:0a:fd:46:
8d:28:ca:c7:02:b8:e1:1e:0c:d8:25:83:2d:18:34:
64:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:40:FE:6C:CA:CA:A5:7E:5B:BD:10:97:47:B9:F6:7E:5C:8D:9A:A8
X509v3 Authority Key Identifier:
keyid:F8:32:72:C0:C3:2D:B0:04:F0:78:F8:74:B9:9D:A9:A0:B7:E6:3A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-DJywMMtsATwePh0uZ2poLfmOv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/94a1e0-c180-4baf-9ea0-f67e7078878e/1/xkD-bMrKpX5bvRCXR7n2flyNmqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/94a1e0-c180-4baf-9ea0-f67e7078878e/1/1-DJywMMtsATwePh0uZ2poLfmOv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.87.0/24
IPv6:
2a11:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
8c:c3:f7:92:fd:48:07:45:58:d8:df:90:5a:7e:78:b0:0a:37:
a7:2b:39:c5:b5:13:97:50:0c:00:7b:c4:a6:29:eb:0e:d9:6c:
86:b8:fb:2f:ea:77:b6:6d:16:4e:bd:20:b8:99:0b:79:07:5b:
e5:e0:10:6e:df:91:ab:11:8d:23:04:23:8f:a5:a2:9b:00:62:
82:93:3a:4a:d1:cf:9f:ec:a3:04:1a:b2:a1:c6:41:ec:c4:67:
23:b5:31:1c:1d:42:17:41:77:f8:c7:51:0e:ec:66:8d:a8:90:
5c:19:f9:a1:98:8f:ef:4c:99:34:68:3c:a3:96:d7:61:6c:c1:
ad:e8:cb:44:06:65:53:13:20:dc:34:31:1e:ce:4d:39:53:38:
68:12:11:55:76:bb:43:3a:a1:e0:88:a9:f4:9d:65:d6:57:3c:
4a:9b:3c:aa:a9:e2:40:f5:9c:7b:19:d6:53:80:46:6a:29:c6:
ea:69:01:50:8a:22:c0:c3:2e:c2:a4:97:07:bd:ba:97:24:75:
f0:55:ff:0e:66:9f:33:02:a9:8c:ef:43:b8:f5:4c:51:43:8c:
c3:87:8c:12:99:95:5b:09:ba:cf:a7:fb:33:0b:8a:26:37:b0:
1e:75:7d:25:e2:a6:4d:6d:76:0d:50:b4:f6:84:87:e4:46:9e:
04:eb:4b:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntRr9YTbN+rWfO+KO3/r+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MzI3MmMwYzMyZGIwMDRmMDc4Zjg3NGI5OWRhOWEwYjdl
NjNhZmQwHhcNMjUwMTAyMTU0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQwZmU2Y2NhY2FhNTdlNWJiZDEwOTc0N2I5ZjY3ZTVjOGQ5YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9K0foMebLpJBHNhH6GE9cZ6qvpk
iTXfsoOY1e1HXhwrX8bvHFSmLmnlP43zknuQjZR32RLyG3GyvxDS3eI0vXjLOw/7
jRZTe2AHDN1Yo7djQGlyoNwfNvtwaFXqYy5U9MHDhoN1BcXDCLHxD7i+HePmR4ss
b3tNEGxTRK2hFpmb0RxAhzE5bcXhMZesgrtqdQCjqRswBaztM2imj8hTQ83r0J+L
SW5ES9GbKmA1TC40q0XbcWQvVYpoA2QElUbGaKSTPqmMeHdrGKcl4saw2Whtp9HM
Xp2ZNTYyoJ4RTr1bdrI5HiYpiW+OyHAK/UaNKMrHArjhHgzYJYMtGDRkMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZA/mzKyqV+W70Ql0e59n5cjZqoMB8GA1UdIwQY
MBaAFPgycsDDLbAE8Hj4dLmdqaC35jr9MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ESnl3TU10c0FUd2VQaDB1WjJwb0xmbU92MC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMvOTRhMWUwLWMxODAtNGJhZi05ZWEw
LWY2N2U3MDc4ODc4ZS8xL3hrRC1iTXJLcFg1YnZSQ1hSN24yZmx5Tm1xZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTMvOTRhMWUwLWMxODAtNGJhZi05ZWEwLWY2N2U3MDc4ODc4
ZS8xLzEtREp5d01NdHNBVHdlUGgwdVoycG9MZm1PdjAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABNSFcw
DQQCAAIwBwMFAyoR3QAwDQYJKoZIhvcNAQELBQADggEBAIzD95L9SAdFWNjfkFp+
eLAKN6crOcW1E5dQDAB7xKYp6w7ZbIa4+y/qd7ZtFk69ILiZC3kHW+XgEG7fkasR
jSMEI4+lopsAYoKTOkrRz5/sowQasqHGQezEZyO1MRwdQhdBd/jHUQ7sZo2okFwZ
+aGYj+9MmTRoPKOW12Fswa3oy0QGZVMTINw0MR7OTTlTOGgSEVV2u0M6oeCIqfSd
ZdZXPEqbPKqp4kD1nHsZ1lOARmopxuppAVCKIsDDLsKklwe9upckdfBV/w5mnzMC
qYzvQ7j1TFFDjMOHjBKZlVsJus+n+zMLiiY3sB51fSXipk1tdg1QtPaEh+RGngTr
S2w=
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:26:15 2025 by rpki-client