Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/3zxRhVRfVgeSXxqpb9aJEA5lCTI.roa
File: 3zxRhVRfVgeSXxqpb9aJEA5lCTI.roa (raw, json)
Hash identifier: WgZ6nZFROkZzd+gq0zWLwo652R9ZUzZsi3zhzfxkcQM=
Subject key identifier: DF:3C:51:85:54:5F:56:07:92:5F:1A:A9:6F:D6:89:10:0E:65:09:32
Certificate issuer: /CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Certificate serial: 01857246C2498E4953688939F5F3DFDA0E48
Authority key identifier: A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/3zxRhVRfVgeSXxqpb9aJEA5lCTI.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2111
IP address blocks: 77.71.96.0/21 maxlen: 21
77.71.96.0/20 maxlen: 20
77.71.96.0/22 maxlen: 22
77.71.100.0/22 maxlen: 22
77.71.104.0/22 maxlen: 22
77.71.104.0/21 maxlen: 21
77.71.108.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c2:49:8e:49:53:68:89:39:f5:f3:df:da:0e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df3c5185545f5607925f1aa96fd689100e650932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c0:97:6d:fe:c4:76:b5:d7:a5:f6:41:47:77:
33:94:3e:ea:c0:67:d0:3f:d3:a1:67:53:5e:18:95:
cd:09:a9:e0:ba:a5:df:fe:05:6b:dd:26:58:bc:04:
68:81:8b:c6:ab:fb:4d:3a:22:a5:fa:17:01:2e:dd:
be:7b:af:5b:76:5f:da:1c:d1:f5:ba:96:df:89:8e:
ea:99:c7:35:ea:d9:31:59:d8:37:9f:24:43:c5:32:
c1:65:f9:aa:5c:64:97:58:00:1c:58:88:ca:71:b6:
a7:3c:ea:5e:8e:4f:eb:2e:9b:73:51:95:6a:db:04:
00:eb:96:c7:88:ed:32:c1:50:9a:49:02:c0:ae:1b:
c7:ae:6f:a3:33:4b:11:21:bf:c3:2e:75:7f:49:9e:
c7:2f:d8:11:76:54:32:9d:47:04:4c:3e:8b:82:b5:
19:0b:b9:20:05:ff:c5:58:ab:2d:de:e4:4c:56:18:
22:f5:78:d8:8e:6f:72:2c:b2:c1:e7:90:d5:2b:a2:
86:19:98:b2:66:5a:c1:59:12:14:4f:80:bc:04:ff:
bb:15:02:81:e0:5e:94:21:7e:f2:b6:92:be:a9:b6:
61:b9:af:ab:8a:bf:9e:e8:10:eb:f0:01:f4:29:0f:
2f:49:25:45:df:88:8d:54:1f:c5:b8:5a:9b:25:3a:
cd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3C:51:85:54:5F:56:07:92:5F:1A:A9:6F:D6:89:10:0E:65:09:32
X509v3 Authority Key Identifier:
keyid:A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/3zxRhVRfVgeSXxqpb9aJEA5lCTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.71.96.0/20
Signature Algorithm: sha256WithRSAEncryption
0d:4f:ad:d5:7a:e9:d9:53:81:d0:9b:75:28:cb:91:0a:1f:8e:
b6:c6:2b:2c:bb:de:59:59:f9:39:ca:4d:07:12:1b:d8:17:db:
80:80:e2:f9:e1:2c:fb:c7:f0:b2:db:70:41:a4:81:ac:dc:2d:
3f:e5:71:e2:69:49:77:b1:02:a2:ef:dd:27:cb:25:71:cd:f2:
2a:1d:ec:20:00:d6:be:8a:b3:f8:50:02:17:14:da:1d:63:9c:
66:d5:0c:b2:93:b5:d8:5a:0a:06:9a:35:43:d1:45:50:b8:0c:
8d:ce:0e:1b:33:9a:50:7c:fa:a3:32:64:01:d5:f7:fc:a2:f1:
86:9c:79:dc:75:ab:6e:64:80:fa:4e:43:1c:da:a9:10:ae:19:
79:6b:5c:dd:83:0b:ef:b7:01:bf:9b:25:c6:3a:62:6a:68:30:
0e:9a:c2:0b:6a:91:fb:e7:19:be:9f:d0:60:80:8f:99:76:a7:
57:bd:54:44:a1:4c:65:ce:c0:b3:aa:e2:2c:5a:89:8c:80:20:
20:5e:ca:17:d4:44:a7:4e:76:ee:79:fd:00:7b:fd:57:bd:01:
a6:bf:18:4f:2b:97:2a:19:ad:60:0f:5a:f1:df:70:4a:81:4a:
53:57:d4:76:1c:d6:e9:a2:83:89:fc:bf:b1:6b:de:e7:81:14:
29:11:26:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRsJJjklTaIk59fPf2g5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTAzYzc3OTJhODg0NzM0ZWNkMzRlYjQyYzdjNTA0OWYw
Yzc2OWUwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNjNTE4NTU0NWY1NjA3OTI1ZjFhYTk2ZmQ2ODkxMDBlNjUwOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcCXbf7EdrXXpfZBR3czlD7qwGfQ
P9OhZ1NeGJXNCanguqXf/gVr3SZYvARogYvGq/tNOiKl+hcBLt2+e69bdl/aHNH1
upbfiY7qmcc16tkxWdg3nyRDxTLBZfmqXGSXWAAcWIjKcbanPOpejk/rLptzUZVq
2wQA65bHiO0ywVCaSQLArhvHrm+jM0sRIb/DLnV/SZ7HL9gRdlQynUcETD6LgrUZ
C7kgBf/FWKst3uRMVhgi9XjYjm9yLLLB55DVK6KGGZiyZlrBWRIUT4C8BP+7FQKB
4F6UIX7ytpK+qbZhua+rir+e6BDr8AH0KQ8vSSVF34iNVB/FuFqbJTrNNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN88UYVUX1YHkl8aqW/WiRAOZQkyMB8GA1UdIwQY
MBaAFKDgPHeSqIRzTs0060LHxQSfDHaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09BOGQ1S29oSE5PelRUclFzZkZCSjhNZHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC80NDc5NjQtMDc2NS00YmNiLWE3NjAt
NzI0OGM4NWU1ZWI4LzEvM3p4UmhWUmZWZ2VTWHhxcGI5YUpFQTVsQ1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC80NDc5NjQtMDc2NS00YmNiLWE3NjAtNzI0OGM4NWU1ZWI4
LzEvb09BOGQ1S29oSE5PelRUclFzZkZCSjhNZHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETUdgMA0G
CSqGSIb3DQEBCwUAA4IBAQANT63VeunZU4HQm3Uoy5EKH462xissu95ZWfk5yk0H
EhvYF9uAgOL54Sz7x/Cy23BBpIGs3C0/5XHiaUl3sQKi790nyyVxzfIqHewgANa+
irP4UAIXFNodY5xm1Qyyk7XYWgoGmjVD0UVQuAyNzg4bM5pQfPqjMmQB1ff8ovGG
nHncdatuZID6TkMc2qkQrhl5a1zdgwvvtwG/myXGOmJqaDAOmsILapH75xm+n9Bg
gI+ZdqdXvVREoUxlzsCzquIsWomMgCAgXsoX1ESnTnbuef0Ae/1XvQGmvxhPK5cq
Ga1gD1rx33BKgUpTV9R2HNbpooOJ/L+xa97ngRQpESaU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:13 2024 by rpki-client on console-ams.rpki-client.org