Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/jdQZdakevZhVtKrglfN2RFnzQcI.roa
File: jdQZdakevZhVtKrglfN2RFnzQcI.roa (raw, json)
Hash identifier: YWgCWrFOGK/KKipBlp5lhfep+s/kMG6GomEIbVictxA=
Subject key identifier: 8D:D4:19:75:A9:1E:BD:98:55:B4:AA:E0:95:F3:76:44:59:F3:41:C2
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01942444D7F12F22C34AED9F5E74575ACA3C
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/jdQZdakevZhVtKrglfN2RFnzQcI.roa
Signing time: Wed 01 Jan 2025 23:47:59 +0000
ROA not before: Wed 01 Jan 2025 23:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60447
IP address blocks: 77.246.208.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d7:f1:2f:22:c3:4a:ed:9f:5e:74:57:5a:ca:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 1 23:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dd41975a91ebd9855b4aae095f3764459f341c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:d2:bf:59:83:dc:2b:82:25:87:9f:ac:d9:
64:41:22:b4:79:43:e9:f8:ae:be:32:c6:ab:a9:e8:
8a:b4:0f:7b:ce:a3:dd:ae:50:e3:a8:a1:b8:6e:98:
52:0f:d1:63:15:03:e4:ba:14:3d:22:34:48:7c:e7:
27:8a:d1:1a:f8:50:ea:ee:4b:d8:ef:9b:7d:59:af:
89:ab:85:6a:fa:87:2a:8c:ce:ff:38:94:3d:da:51:
26:eb:37:4d:1c:44:2a:08:a3:3d:d5:94:4a:88:3b:
31:84:2a:ff:ff:b1:38:21:d8:fd:b3:48:0a:bc:0b:
e9:f2:9d:e8:33:a5:d0:0f:4a:86:5e:ee:9b:b4:e6:
61:e6:4d:98:94:26:10:79:45:b3:4e:93:bf:bd:4b:
66:af:5d:f0:64:97:82:7d:e9:5d:9e:40:1d:2b:73:
d7:e4:13:53:7d:98:cd:ab:7b:39:b3:27:51:1b:f4:
5f:23:e1:62:19:c6:fb:ad:d9:af:f0:f3:0c:a9:1b:
8b:bc:10:5c:b4:31:91:f7:0e:b1:c1:fb:4d:f4:73:
e5:db:c8:de:ed:3a:07:e0:69:78:e5:28:1c:36:60:
95:2b:7c:6f:b6:48:5a:52:a0:36:04:c3:d4:32:77:
35:4a:e5:62:ce:fd:bc:77:d5:f5:58:bb:80:5a:38:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D4:19:75:A9:1E:BD:98:55:B4:AA:E0:95:F3:76:44:59:F3:41:C2
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/jdQZdakevZhVtKrglfN2RFnzQcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.208.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:12:ac:40:4b:11:db:c8:77:f1:c8:25:3f:53:6c:95:17:83:
d3:94:4e:ab:80:3d:e7:1f:5e:ca:26:3d:7b:4c:9b:90:15:62:
ce:be:1c:31:aa:74:5a:da:2a:1f:48:7b:b7:2e:d6:3f:56:87:
ae:bd:f4:dd:27:c8:35:f6:34:de:a2:63:7d:27:8f:27:ab:97:
11:bd:fc:79:35:b4:02:0e:e2:c1:f2:09:9c:a8:c5:67:78:06:
51:d6:9e:f0:f1:59:41:ad:d1:df:44:9b:de:be:84:8c:29:89:
f4:bf:9d:86:b0:14:4e:3f:26:2d:29:29:b5:13:b7:1c:80:69:
83:c1:b5:a3:b5:87:1a:b2:05:ee:18:b2:bc:21:c0:97:3d:57:
e4:64:11:03:8b:8c:67:7a:aa:a8:e6:a0:e8:02:9f:e6:72:df:
f1:4a:c5:28:e2:6c:73:70:a9:21:8b:aa:6c:32:32:48:b2:5e:
7c:af:76:7b:fc:6f:08:ca:ac:06:8f:34:ac:93:9d:b6:67:3f:
32:8c:7f:9b:ac:9b:25:17:e7:e1:ef:6e:16:1d:a7:9b:de:04:
ab:e2:26:53:69:35:4b:76:9b:df:7d:7f:18:32:20:41:8f:9f:
7a:c0:d6:44:66:4d:22:e7:c5:d2:ec:0f:af:4f:b7:6f:4b:cc:
6f:49:7b:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNfxLyLDSu2fXnRXWso8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTAxMjM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ0MTk3NWE5MWViZDk4NTViNGFhZTA5NWYzNzY0NDU5ZjM0MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykPSv1mD3CuCJYefrNlkQSK0eUPp
+K6+MsarqeiKtA97zqPdrlDjqKG4bphSD9FjFQPkuhQ9IjRIfOcnitEa+FDq7kvY
75t9Wa+Jq4Vq+ocqjM7/OJQ92lEm6zdNHEQqCKM91ZRKiDsxhCr//7E4Idj9s0gK
vAvp8p3oM6XQD0qGXu6btOZh5k2YlCYQeUWzTpO/vUtmr13wZJeCfeldnkAdK3PX
5BNTfZjNq3s5sydRG/RfI+FiGcb7rdmv8PMMqRuLvBBctDGR9w6xwftN9HPl28je
7ToH4Gl45SgcNmCVK3xvtkhaUqA2BMPUMnc1SuVizv28d9X1WLuAWjgHHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3UGXWpHr2YVbSq4JXzdkRZ80HCMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvamRRWmRha2V2WmhWdEtyZ2xmTjJSRm56UWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTfbQMA0G
CSqGSIb3DQEBCwUAA4IBAQAcEqxASxHbyHfxyCU/U2yVF4PTlE6rgD3nH17KJj17
TJuQFWLOvhwxqnRa2iofSHu3LtY/VoeuvfTdJ8g19jTeomN9J48nq5cRvfx5NbQC
DuLB8gmcqMVneAZR1p7w8VlBrdHfRJvevoSMKYn0v52GsBROPyYtKSm1E7ccgGmD
wbWjtYcasgXuGLK8IcCXPVfkZBEDi4xneqqo5qDoAp/mct/xSsUo4mxzcKkhi6ps
MjJIsl58r3Z7/G8IyqwGjzSsk522Zz8yjH+brJslF+fh724WHaeb3gSr4iZTaTVL
dpvffX8YMiBBj596wNZEZk0i58XS7A+vT7dvS8xvSXs7
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:54:30 2025 by rpki-client