Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/cWiz7uVJXpgeknDHmo5oogr_FH8.roa
File: cWiz7uVJXpgeknDHmo5oogr_FH8.roa (raw, json)
Hash identifier: Nk2VepxDVTXw5aksKbV8164S6wMgYAXlNGTAA5J5Psg=
Subject key identifier: 71:68:B3:EE:E5:49:5E:98:1E:92:70:C7:9A:8E:68:A2:0A:FF:14:7F
Certificate issuer: /CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Certificate serial: 018CC94E3702F8CD3CE34A86FB3AC8F95121
Authority key identifier: A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/cWiz7uVJXpgeknDHmo5oogr_FH8.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57619
IP address blocks: 77.71.112.0/23 maxlen: 23
77.71.112.0/22 maxlen: 22
77.71.112.0/24 maxlen: 24
77.71.113.0/24 maxlen: 24
77.71.114.0/24 maxlen: 24
77.71.114.0/23 maxlen: 23
77.71.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:37:02:f8:cd:3c:e3:4a:86:fb:3a:c8:f9:51:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e03c7792a884734ecd34eb42c7c5049f0c769e
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7168b3eee5495e981e9270c79a8e68a20aff147f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f5:ff:ae:78:71:27:e8:d5:77:4d:5f:b8:81:
27:25:2d:ca:46:02:16:b8:fc:36:f3:2a:b7:4c:25:
17:5a:87:3b:20:2d:2a:0d:cd:f3:35:47:7f:93:dc:
3c:57:1f:75:83:31:eb:63:69:26:7f:e5:46:40:98:
23:d7:cc:e1:1b:98:b0:b3:8f:13:4c:6d:69:a8:a0:
26:b3:c1:4a:6e:81:30:dc:d6:f0:68:d2:5d:67:54:
25:00:20:e8:2f:b2:79:84:68:8f:54:69:c4:62:e8:
69:2f:e5:b3:40:c4:dd:3f:e7:8d:3d:1d:14:78:d6:
67:30:19:e3:da:60:9b:55:c2:46:96:97:b8:1e:ad:
3b:e7:34:f5:5f:3a:b7:45:89:a5:41:87:7f:54:42:
99:b1:cc:c0:ab:d1:af:5c:16:3e:cf:79:4d:d9:a0:
5c:92:bc:f4:37:b1:62:ae:70:f9:33:55:49:ff:42:
12:51:4c:67:8a:f0:cc:35:37:2d:4d:34:78:f3:a9:
b3:fe:d9:5a:b9:4b:9c:a4:3c:94:f8:08:44:f2:36:
55:60:54:5b:75:9c:63:10:c5:f8:4f:b0:c0:0b:6e:
7a:a8:a5:52:5a:bd:a9:c8:88:42:3e:fe:3a:3f:50:
37:8d:93:92:a3:37:09:97:33:5a:6b:a3:58:8f:2f:
5f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:68:B3:EE:E5:49:5E:98:1E:92:70:C7:9A:8E:68:A2:0A:FF:14:7F
X509v3 Authority Key Identifier:
keyid:A0:E0:3C:77:92:A8:84:73:4E:CD:34:EB:42:C7:C5:04:9F:0C:76:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/cWiz7uVJXpgeknDHmo5oogr_FH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/447964-0765-4bcb-a760-7248c85e5eb8/1/oOA8d5KohHNOzTTrQsfFBJ8Mdp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.71.112.0/22
Signature Algorithm: sha256WithRSAEncryption
80:3d:4f:35:09:15:8c:20:84:e4:4e:ec:1f:54:4f:89:8d:57:
14:57:de:ec:a3:34:54:20:e3:77:09:2f:c3:c9:0d:02:b9:a7:
07:a6:c8:55:68:1a:1d:bc:33:19:28:e7:dc:b9:64:83:8b:69:
0a:ad:5f:f0:7c:8e:5d:bd:ba:75:0a:7b:e6:4d:9f:8d:cc:c6:
c4:da:0a:44:09:a8:e2:39:72:14:bd:53:b6:90:b7:6b:29:ad:
9b:db:e7:50:22:da:9f:cd:9a:56:6d:55:ca:7d:09:3e:5c:7b:
bc:b3:89:a3:28:51:29:c4:ab:41:12:b8:81:57:17:49:93:3c:
24:18:f2:8c:c0:04:5a:fd:ce:fc:cc:23:17:74:76:73:20:c8:
7a:2e:dc:5c:d0:50:88:29:15:be:83:7c:21:e6:29:d5:26:41:
46:a4:50:f3:e5:73:82:70:a4:1b:8a:bc:23:e6:3b:d8:ba:7d:
4c:22:ed:60:fe:2b:1f:3f:7a:3c:cf:78:cc:9b:1b:7b:c4:3f:
e1:fb:e3:22:62:ae:1d:c2:68:8e:e9:e1:65:fc:db:51:ae:a3:
e8:d5:d7:f5:3d:7e:19:f0:5c:36:cc:6e:09:3e:8d:25:5a:f1:
2c:10:23:48:43:80:d7:b7:b0:2b:ac:4c:f9:0c:d6:ce:dd:d8:
e7:fe:d8:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTjcC+M0840qG+zrI+VEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTAzYzc3OTJhODg0NzM0ZWNkMzRlYjQyYzdjNTA0OWYw
Yzc2OWUwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTY4YjNlZWU1NDk1ZTk4MWU5MjcwYzc5YThlNjhhMjBhZmYxNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfX/rnhxJ+jVd01fuIEnJS3KRgIW
uPw28yq3TCUXWoc7IC0qDc3zNUd/k9w8Vx91gzHrY2kmf+VGQJgj18zhG5iws48T
TG1pqKAms8FKboEw3NbwaNJdZ1QlACDoL7J5hGiPVGnEYuhpL+WzQMTdP+eNPR0U
eNZnMBnj2mCbVcJGlpe4Hq075zT1Xzq3RYmlQYd/VEKZsczAq9GvXBY+z3lN2aBc
krz0N7FirnD5M1VJ/0ISUUxnivDMNTctTTR486mz/tlauUucpDyU+AhE8jZVYFRb
dZxjEMX4T7DAC256qKVSWr2pyIhCPv46P1A3jZOSozcJlzNaa6NYjy9fYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFos+7lSV6YHpJwx5qOaKIK/xR/MB8GA1UdIwQY
MBaAFKDgPHeSqIRzTs0060LHxQSfDHaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09BOGQ1S29oSE5PelRUclFzZkZCSjhNZHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC80NDc5NjQtMDc2NS00YmNiLWE3NjAt
NzI0OGM4NWU1ZWI4LzEvY1dpejd1VkpYcGdla25ESG1vNW9vZ3JfRkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC80NDc5NjQtMDc2NS00YmNiLWE3NjAtNzI0OGM4NWU1ZWI4
LzEvb09BOGQ1S29oSE5PelRUclFzZkZCSjhNZHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTUdwMA0G
CSqGSIb3DQEBCwUAA4IBAQCAPU81CRWMIITkTuwfVE+JjVcUV97sozRUION3CS/D
yQ0CuacHpshVaBodvDMZKOfcuWSDi2kKrV/wfI5dvbp1CnvmTZ+NzMbE2gpECaji
OXIUvVO2kLdrKa2b2+dQItqfzZpWbVXKfQk+XHu8s4mjKFEpxKtBEriBVxdJkzwk
GPKMwARa/c78zCMXdHZzIMh6Ltxc0FCIKRW+g3wh5inVJkFGpFDz5XOCcKQbirwj
5jvYun1MIu1g/isfP3o8z3jMmxt7xD/h++MiYq4dwmiO6eFl/NtRrqPo1df1PX4Z
8Fw2zG4JPo0lWvEsECNIQ4DXt7ArrEz5DNbO3djn/tiJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:04 2025 by rpki-client