Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/iL0fpiq0g7Tpl8O9Cr71bc0UOYU.roa
File: iL0fpiq0g7Tpl8O9Cr71bc0UOYU.roa (raw, json)
Hash identifier: +0HQwj7rpV4acr+qdH/U1EOSgBMGpBNUkpCPoAIrOlE=
Subject key identifier: 88:BD:1F:A6:2A:B4:83:B4:E9:97:C3:BD:0A:BE:F5:6D:CD:14:39:85
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 0194266BD6F8E577459F72027E1DF71FB18D
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/iL0fpiq0g7Tpl8O9Cr71bc0UOYU.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 77.73.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d6:f8:e5:77:45:9f:72:02:7e:1d:f7:1f:b1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88bd1fa62ab483b4e997c3bd0abef56dcd143985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ad:05:c0:67:65:f6:12:d0:f1:58:ff:a6:c3:
79:2f:b5:e5:38:8f:7e:2a:af:fd:16:af:a7:7f:2d:
6f:66:96:f8:77:ad:f5:e4:cb:fe:2c:df:a9:82:9b:
cc:07:e4:d8:87:7d:80:87:b1:90:17:13:98:2f:5b:
88:3a:41:7f:c9:ae:c0:3a:81:5d:5c:49:9a:0c:8b:
42:6b:79:9c:f9:de:c1:ba:cd:99:e1:8e:4f:05:95:
3f:00:5b:4e:48:af:69:43:01:fe:2f:85:38:25:46:
a0:c7:09:34:b3:15:0e:1a:d8:ae:b6:37:c1:8e:25:
84:15:fb:8c:4d:45:5a:ad:01:e7:5d:9d:ba:1d:e3:
2f:74:91:0f:f8:18:be:a1:c8:b1:c4:6e:58:cb:af:
47:70:e1:98:3f:5c:b8:18:7a:60:22:e8:61:90:c9:
57:31:7b:04:5d:10:17:ea:1d:b5:12:b6:01:b7:fa:
05:5d:e1:5c:0f:9e:cc:1e:3e:e2:b2:48:f5:38:ca:
00:da:f7:2c:6b:aa:aa:8d:d2:67:6f:a6:48:58:cf:
ed:40:05:e1:7d:01:9b:35:28:97:e2:92:64:12:db:
74:b3:ea:ea:5a:0a:2f:68:c1:53:12:66:b4:bc:6a:
1b:93:44:3b:e4:1a:6f:e3:a4:cd:f5:05:60:d5:fc:
8e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BD:1F:A6:2A:B4:83:B4:E9:97:C3:BD:0A:BE:F5:6D:CD:14:39:85
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/iL0fpiq0g7Tpl8O9Cr71bc0UOYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.131.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:88:07:c6:1e:a9:99:cc:56:0b:96:96:b6:b7:dd:4d:9f:cc:
4e:d5:5e:a6:81:7e:63:36:e1:08:95:9b:32:1c:ee:08:32:91:
6c:e6:ca:85:59:85:fc:c2:2e:64:71:83:a8:f8:5d:8d:1e:dc:
41:ad:36:52:c6:6c:38:dd:8d:ba:3c:d4:5f:bc:80:6c:94:2a:
ef:c9:f3:3c:1a:cc:d6:8d:5f:9c:5a:b5:1c:9b:47:e9:e4:79:
ac:b0:af:a6:81:ba:1e:60:8d:69:50:28:11:7a:29:1a:7f:63:
56:db:53:f6:ad:ac:ea:6c:6d:bf:4a:71:51:9f:70:bb:73:7b:
c4:b4:62:7d:90:69:28:25:27:91:84:a6:73:70:3d:2b:88:73:
97:55:2d:6b:ec:6e:78:ca:18:75:93:1a:bf:6a:3a:17:7f:eb:
3f:63:5c:a9:94:98:63:12:be:d7:99:6b:8f:47:44:d9:97:1a:
60:78:1b:49:82:38:9e:78:55:64:8d:b6:3f:23:aa:f9:00:73:
4f:92:b0:59:0e:58:20:aa:96:7a:1a:ee:06:2e:f3:fb:63:24:
84:cb:37:62:db:c9:d2:45:59:77:50:96:3e:58:6f:6e:6d:b0:
36:05:0c:c6:eb:20:0c:54:29:57:3b:d2:ed:a3:c7:35:bf:e7:
35:a8:18:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma9b45XdFn3ICfh33H7GNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGJkMWZhNjJhYjQ4M2I0ZTk5N2MzYmQwYWJlZjU2ZGNkMTQzOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K0FwGdl9hLQ8Vj/psN5L7XlOI9+
Kq/9Fq+nfy1vZpb4d6315Mv+LN+pgpvMB+TYh32Ah7GQFxOYL1uIOkF/ya7AOoFd
XEmaDItCa3mc+d7Bus2Z4Y5PBZU/AFtOSK9pQwH+L4U4JUagxwk0sxUOGtiutjfB
jiWEFfuMTUVarQHnXZ26HeMvdJEP+Bi+ocixxG5Yy69HcOGYP1y4GHpgIuhhkMlX
MXsEXRAX6h21ErYBt/oFXeFcD57MHj7iskj1OMoA2vcsa6qqjdJnb6ZIWM/tQAXh
fQGbNSiX4pJkEtt0s+rqWgovaMFTEma0vGobk0Q75Bpv46TN9QVg1fyOCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIi9H6YqtIO06ZfDvQq+9W3NFDmFMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvaUwwZnBpcTBnN1RwbDhPOUNyNzFiYzBVT1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmDMA0G
CSqGSIb3DQEBCwUAA4IBAQC8iAfGHqmZzFYLlpa2t91Nn8xO1V6mgX5jNuEIlZsy
HO4IMpFs5sqFWYX8wi5kcYOo+F2NHtxBrTZSxmw43Y26PNRfvIBslCrvyfM8GszW
jV+cWrUcm0fp5HmssK+mgboeYI1pUCgReikaf2NW21P2razqbG2/SnFRn3C7c3vE
tGJ9kGkoJSeRhKZzcD0riHOXVS1r7G54yhh1kxq/ajoXf+s/Y1yplJhjEr7XmWuP
R0TZlxpgeBtJgjieeFVkjbY/I6r5AHNPkrBZDlggqpZ6Gu4GLvP7YySEyzdi28nS
RVl3UJY+WG9ubbA2BQzG6yAMVClXO9Lto8c1v+c1qBjq
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:44:39 2025 by rpki-client