Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/Vdwg4jZTZKi88xQKuBxoZssjp_k.roa
File: Vdwg4jZTZKi88xQKuBxoZssjp_k.roa (raw, json)
Hash identifier: hwh3ABZocgZCb4N1/O/URPEp43kD/9E64qXYxUCEgXY=
Subject key identifier: 55:DC:20:E2:36:53:64:A8:BC:F3:14:0A:B8:1C:68:66:CB:23:A7:F9
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 018240A9C1E007C85B89A0E2C6791A141FA7
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/Vdwg4jZTZKi88xQKuBxoZssjp_k.roa
Signing time: Wed 27 Jul 2022 17:17:23 +0000
ROA not before: Wed 27 Jul 2022 17:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.73.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:40:a9:c1:e0:07:c8:5b:89:a0:e2:c6:79:1a:14:1f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jul 27 17:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55dc20e2365364a8bcf3140ab81c6866cb23a7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f6:d7:94:ca:31:c2:51:e1:39:c9:8c:dd:71:
f8:0f:65:99:cf:0d:e9:8f:07:5b:b9:67:ae:0d:ba:
ac:23:9a:99:88:cc:de:16:65:35:04:d5:f9:29:77:
e3:c0:e4:54:d4:2a:2d:68:8a:01:b5:1d:bb:34:29:
82:6d:4e:11:be:4a:59:2f:01:17:2f:1b:36:73:36:
1e:26:ae:7c:65:27:94:e9:53:17:9f:44:5e:f0:b1:
ac:e0:59:fc:be:64:90:e1:0c:64:15:5f:16:57:82:
b0:b5:e5:66:1a:87:dd:63:58:9c:70:40:8e:f9:09:
61:ad:97:7d:7a:fc:2e:38:9b:12:b0:8d:c1:7f:78:
3b:dd:6c:44:63:22:3c:a1:f7:8f:92:b5:9d:40:94:
c7:ef:e6:1f:99:1d:76:d1:3d:ce:62:df:bf:9a:b4:
fc:9f:cc:d7:81:1d:ab:13:8e:a7:fe:d1:a6:14:25:
bc:6d:30:57:9a:1b:f6:40:cb:45:49:83:66:60:9f:
47:5d:7d:77:2d:37:33:30:a9:4a:7b:5f:23:f2:ba:
d7:53:52:e0:67:dc:55:f0:0a:f8:c2:24:40:c7:36:
ba:05:db:30:02:e5:a2:40:36:a0:17:5a:35:ba:f6:
68:e9:2b:fe:7e:76:bb:a7:f3:2e:fa:4c:ed:e8:23:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:DC:20:E2:36:53:64:A8:BC:F3:14:0A:B8:1C:68:66:CB:23:A7:F9
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/Vdwg4jZTZKi88xQKuBxoZssjp_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.132.0/24
Signature Algorithm: sha256WithRSAEncryption
69:d9:ea:45:8b:4a:7e:bc:34:31:36:ea:06:93:1a:91:ff:ad:
2d:37:ec:bf:08:00:b4:61:12:0e:2e:3d:39:f2:2c:e1:bd:ff:
b2:9f:d8:0f:51:db:5e:8c:59:d6:97:e2:96:04:78:9a:93:b2:
7e:a2:16:57:9e:5e:66:a3:cc:33:b6:d6:b9:e9:95:76:4a:54:
da:05:f4:a9:fb:34:34:da:9d:1c:3c:2c:50:e7:1e:e5:75:ce:
fa:99:b9:16:8e:e3:bd:22:8c:e9:dd:dc:78:69:84:b3:db:35:
fe:a1:dc:fd:b3:00:8c:5d:c9:dc:e2:4c:25:71:3c:1e:39:75:
c7:64:df:0d:8a:4b:d0:cf:92:92:10:8d:c5:27:d6:16:f9:9e:
0e:12:84:16:60:d1:27:49:bc:94:2f:67:d6:23:26:21:b9:29:
45:64:30:1b:ec:1b:0b:39:59:11:73:42:9c:a9:3e:6f:b9:fa:
e2:20:e4:c9:df:d6:12:dc:05:a9:bb:82:52:a8:00:8b:03:c6:
77:56:6d:da:2c:79:67:10:98:39:b3:0e:f2:a8:99:97:e4:24:
11:e0:46:df:10:a5:9e:1c:01:23:b1:b2:d7:26:4c:e6:91:9b:
22:91:08:a6:de:2d:bc:b5:48:5f:55:16:f9:a0:0d:50:f7:0b:
63:cb:6e:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJAqcHgB8hbiaDixnkaFB+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjIwNzI3MTcxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWRjMjBlMjM2NTM2NGE4YmNmMzE0MGFiODFjNjg2NmNiMjNhN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/bXlMoxwlHhOcmM3XH4D2WZzw3p
jwdbuWeuDbqsI5qZiMzeFmU1BNX5KXfjwORU1CotaIoBtR27NCmCbU4RvkpZLwEX
Lxs2czYeJq58ZSeU6VMXn0Re8LGs4Fn8vmSQ4QxkFV8WV4KwteVmGofdY1iccECO
+QlhrZd9evwuOJsSsI3Bf3g73WxEYyI8ofePkrWdQJTH7+YfmR120T3OYt+/mrT8
n8zXgR2rE46n/tGmFCW8bTBXmhv2QMtFSYNmYJ9HXX13LTczMKlKe18j8rrXU1Lg
Z9xV8Ar4wiRAxza6BdswAuWiQDagF1o1uvZo6Sv+fna7p/Mu+kzt6CPGbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFXcIOI2U2SovPMUCrgcaGbLI6f5MB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvVmR3ZzRqWlRaS2k4OHhRS3VCeG9ac3NqcF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmEMA0G
CSqGSIb3DQEBCwUAA4IBAQBp2epFi0p+vDQxNuoGkxqR/60tN+y/CAC0YRIOLj05
8izhvf+yn9gPUdtejFnWl+KWBHiak7J+ohZXnl5mo8wztta56ZV2SlTaBfSp+zQ0
2p0cPCxQ5x7ldc76mbkWjuO9Iozp3dx4aYSz2zX+odz9swCMXcnc4kwlcTweOXXH
ZN8NikvQz5KSEI3FJ9YW+Z4OEoQWYNEnSbyUL2fWIyYhuSlFZDAb7BsLOVkRc0Kc
qT5vufriIOTJ39YS3AWpu4JSqACLA8Z3Vm3aLHlnEJg5sw7yqJmX5CQR4EbfEKWe
HAEjsbLXJkzmkZsikQim3i28tUhfVRb5oA1Q9wtjy25Q
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:13:53 2025 by rpki-client