Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/85737e-5c58-4e0f-afef-88075d1f8dbc/1/0jcqKJJL6lo-lQHgM_GyX4Bc7Ew.roa
File: 0jcqKJJL6lo-lQHgM_GyX4Bc7Ew.roa (raw, json)
Hash identifier: 7iAx7Iiu+hCFZ7Xv0I8etSr567PDF5d4pqwP8KCFiSI=
Subject key identifier: D2:37:2A:28:92:4B:EA:5A:3E:95:01:E0:33:F1:B2:5F:80:5C:EC:4C
Certificate issuer: /CN=9f22b1cad7333d34bbd3dddea4ba07b1a8204426
Certificate serial: 01856F42EA8E7873C4503F0EBB93EE3997AE
Authority key identifier: 9F:22:B1:CA:D7:33:3D:34:BB:D3:DD:DE:A4:BA:07:B1:A8:20:44:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyKxytczPTS7093epLoHsaggRCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/85737e-5c58-4e0f-afef-88075d1f8dbc/1/0jcqKJJL6lo-lQHgM_GyX4Bc7Ew.roa
Signing time: Sun 01 Jan 2023 21:35:34 +0000
ROA not before: Sun 01 Jan 2023 21:35:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 195.78.77.0/24 maxlen: 24
195.78.76.0/23 maxlen: 23
195.78.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ea:8e:78:73:c4:50:3f:0e:bb:93:ee:39:97:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f22b1cad7333d34bbd3dddea4ba07b1a8204426
Validity
Not Before: Jan 1 21:35:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2372a28924bea5a3e9501e033f1b25f805cec4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:b7:02:12:d6:bb:24:72:a6:d7:29:c1:51:
31:04:41:a8:95:7d:80:7a:60:07:56:1f:6b:2f:78:
1a:7f:10:79:d1:af:3d:0d:3e:24:39:e4:c0:1d:ac:
42:eb:74:67:1f:e9:82:c0:d2:3b:2c:9d:06:c0:ff:
53:8f:5d:b5:b3:46:6c:ca:9f:e7:2c:e0:89:01:7d:
19:fd:e2:6b:17:85:52:3e:6f:f7:2c:68:f3:36:7c:
10:67:58:9d:2d:51:9f:78:79:75:6c:a2:77:a0:20:
0d:f5:d6:c8:1d:4a:33:b0:03:e9:3e:0b:50:4c:25:
20:59:2f:50:47:e4:e9:64:ae:a4:5e:34:cf:d9:6e:
9f:c5:1b:d4:7c:35:f4:10:9f:40:71:3b:37:02:53:
67:70:b0:b1:38:2c:6f:1f:73:18:c6:42:02:84:88:
0e:a7:f3:10:33:e7:a6:6a:b0:00:7d:02:4c:9e:95:
2d:d6:ff:0e:0b:bf:09:66:43:b0:f8:e9:a7:4b:c9:
34:15:bb:4d:5a:7f:9c:6c:64:82:03:98:16:f5:b6:
0a:6b:c6:d4:85:87:5e:ce:d6:16:a5:45:33:ac:15:
0e:8c:9e:d4:9d:49:9b:b7:d2:1b:6c:8d:3c:f7:bb:
6c:6c:f1:c7:5e:36:14:7a:f7:f4:23:f7:c3:b9:4b:
9e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:37:2A:28:92:4B:EA:5A:3E:95:01:E0:33:F1:B2:5F:80:5C:EC:4C
X509v3 Authority Key Identifier:
keyid:9F:22:B1:CA:D7:33:3D:34:BB:D3:DD:DE:A4:BA:07:B1:A8:20:44:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyKxytczPTS7093epLoHsaggRCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/85737e-5c58-4e0f-afef-88075d1f8dbc/1/0jcqKJJL6lo-lQHgM_GyX4Bc7Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/85737e-5c58-4e0f-afef-88075d1f8dbc/1/nyKxytczPTS7093epLoHsaggRCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.78.76.0/23
Signature Algorithm: sha256WithRSAEncryption
80:d9:36:44:64:1b:97:db:ac:20:99:75:2b:7e:63:b6:8a:92:
bc:06:d5:33:6f:42:b7:cf:2b:d9:d0:59:82:be:ae:7d:be:6e:
76:b1:17:d9:64:de:32:84:89:d4:28:b5:77:57:7e:ed:f2:d3:
51:ce:d5:b1:b3:e0:cf:9c:c4:1d:a7:41:f5:67:b4:84:09:4a:
1e:53:50:3c:e8:d8:53:b5:fb:19:f8:44:86:73:fa:e0:03:68:
ae:9b:08:3d:7a:eb:23:16:8c:e9:14:18:c4:cf:93:77:df:b4:
b6:0a:54:e9:78:eb:9e:ee:26:e2:50:31:60:40:4b:2d:f5:be:
60:53:c2:9c:37:16:8e:63:02:3e:7d:0f:ee:07:39:62:5f:b6:
82:26:86:78:a9:1b:95:18:0f:1e:2a:b0:6f:ef:49:7e:e6:43:
41:86:4f:e1:61:ac:1f:a9:db:b4:15:e8:e1:6b:33:47:82:be:
7e:30:67:c4:ad:ec:3a:f2:a9:c6:ce:49:d0:95:bb:de:3e:8d:
74:34:50:6a:1f:bf:2b:1f:f6:28:64:03:1b:c9:22:72:da:50:
a0:4f:62:ae:4b:b1:a6:42:11:e2:c8:2c:35:35:2a:5e:17:9d:
89:eb:08:23:9d:cc:c3:ca:47:37:a9:ee:26:67:14:0e:1d:01:
6c:cb:74:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQuqOeHPEUD8Ou5PuOZeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjJiMWNhZDczMzNkMzRiYmQzZGRkZWE0YmEwN2IxYTgy
MDQ0MjYwHhcNMjMwMTAxMjEzNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjM3MmEyODkyNGJlYTVhM2U5NTAxZTAzM2YxYjI1ZjgwNWNlYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHC3AhLWuyRyptcpwVExBEGolX2A
emAHVh9rL3gafxB50a89DT4kOeTAHaxC63RnH+mCwNI7LJ0GwP9Tj121s0Zsyp/n
LOCJAX0Z/eJrF4VSPm/3LGjzNnwQZ1idLVGfeHl1bKJ3oCAN9dbIHUozsAPpPgtQ
TCUgWS9QR+TpZK6kXjTP2W6fxRvUfDX0EJ9AcTs3AlNncLCxOCxvH3MYxkIChIgO
p/MQM+emarAAfQJMnpUt1v8OC78JZkOw+OmnS8k0FbtNWn+cbGSCA5gW9bYKa8bU
hYdeztYWpUUzrBUOjJ7UnUmbt9IbbI0897tsbPHHXjYUevf0I/fDuUueeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNI3KiiSS+paPpUB4DPxsl+AXOxMMB8GA1UdIwQY
MBaAFJ8iscrXMz00u9Pd3qS6B7GoIEQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlLeHl0Y3pQVFM3MDkzZXBMb0hzYWdnUkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84NTczN2UtNWM1OC00ZTBmLWFmZWYt
ODgwNzVkMWY4ZGJjLzEvMGpjcUtKSkw2bG8tbFFIZ01fR3lYNEJjN0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84NTczN2UtNWM1OC00ZTBmLWFmZWYtODgwNzVkMWY4ZGJj
LzEvbnlLeHl0Y3pQVFM3MDkzZXBMb0hzYWdnUkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw05MMA0G
CSqGSIb3DQEBCwUAA4IBAQCA2TZEZBuX26wgmXUrfmO2ipK8BtUzb0K3zyvZ0FmC
vq59vm52sRfZZN4yhInUKLV3V37t8tNRztWxs+DPnMQdp0H1Z7SECUoeU1A86NhT
tfsZ+ESGc/rgA2iumwg9eusjFozpFBjEz5N337S2ClTpeOue7ibiUDFgQEst9b5g
U8KcNxaOYwI+fQ/uBzliX7aCJoZ4qRuVGA8eKrBv70l+5kNBhk/hYawfqdu0Fejh
azNHgr5+MGfErew68qnGzknQlbvePo10NFBqH78rH/YoZAMbySJy2lCgT2KuS7Gm
QhHiyCw1NSpeF52J6wgjnczDykc3qe4mZxQOHQFsy3Sr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:12 2025 by rpki-client