Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/SAifF78qmhwobbNifv-ncSGKlCQ.roa
File: SAifF78qmhwobbNifv-ncSGKlCQ.roa (raw, json)
Hash identifier: /saAmnnB/hN9KICwUzdIN9J64c5nmcrdQQhBsyGdv1o=
Subject key identifier: 48:08:9F:17:BF:2A:9A:1C:28:6D:B3:62:7E:FF:A7:71:21:8A:94:24
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 019425209934F8A1B25D4DBE693A39B39064
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/SAifF78qmhwobbNifv-ncSGKlCQ.roa
Signing time: Thu 02 Jan 2025 03:48:00 +0000
ROA not before: Thu 02 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204287
IP address blocks: 77.81.104.0/21 maxlen: 32
89.46.152.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:99:34:f8:a1:b2:5d:4d:be:69:3a:39:b3:90:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 2 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48089f17bf2a9a1c286db3627effa771218a9424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8a:fd:9b:87:b5:5e:8c:eb:f7:62:07:85:2e:
3d:d2:fc:b7:68:94:6e:d6:83:6e:cd:73:dc:29:4d:
93:4c:17:58:96:ae:63:3e:f8:f3:81:99:30:6d:93:
ee:ad:f1:bb:26:8c:72:64:0f:a4:5b:ee:d1:20:95:
a0:bc:48:be:e1:6f:95:75:e9:26:2a:74:e6:ae:f0:
87:34:cd:c4:ad:44:ea:1c:7b:8d:b6:d1:3c:ed:85:
29:ab:ab:e6:9c:6b:0a:6d:23:43:f3:25:5f:85:d2:
9d:4d:9d:f5:ff:52:37:34:ac:c2:a8:67:ee:16:be:
e5:fe:58:93:66:7b:99:02:a7:c5:68:90:22:d9:92:
fb:76:df:ce:b2:de:92:d2:4f:b6:d3:34:6c:6d:46:
17:dc:3b:a7:62:5f:a2:ee:c7:78:e5:ef:ee:75:63:
49:ba:bd:e9:35:84:f4:97:5c:e5:2c:37:64:4e:5e:
0a:c3:9b:86:d1:f5:99:1d:f1:18:e2:c4:03:58:5d:
b4:7d:98:6e:06:4d:a2:68:83:58:3f:e8:2b:a0:b7:
61:3c:5a:76:65:aa:cf:49:a2:51:89:0c:17:56:6d:
99:a4:cc:ae:f1:ac:18:e8:ee:8a:5a:6a:c8:5d:7a:
58:21:8c:7c:e5:39:c9:34:1b:b9:b0:ba:0d:33:bf:
af:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:08:9F:17:BF:2A:9A:1C:28:6D:B3:62:7E:FF:A7:71:21:8A:94:24
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/SAifF78qmhwobbNifv-ncSGKlCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.104.0/21
89.46.152.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:ab:20:d0:ce:5d:93:6e:44:45:6b:3b:51:c2:b6:43:47:8e:
b5:d4:60:45:8f:eb:3d:0c:99:0a:7c:46:a0:da:c6:91:a7:87:
91:04:9a:7d:52:7f:4e:e9:39:0f:89:26:b5:38:dc:e6:d9:2a:
8b:a3:c7:b6:ab:40:c2:ca:dd:3f:09:78:73:33:48:5f:fc:df:
05:9d:8b:3d:12:04:e9:89:4b:3f:93:81:38:45:ab:bd:f5:fc:
93:2d:8a:60:72:16:da:49:c6:31:3a:4a:c4:86:fe:fd:d0:75:
d0:6b:67:a6:ff:2c:81:04:02:f4:25:78:8a:73:ef:44:53:12:
d7:f1:06:4e:b8:7e:20:84:49:85:85:4b:46:83:97:f9:36:2e:
88:b8:6e:64:7e:04:a9:50:c1:b8:fb:fe:e4:8a:eb:f2:7c:aa:
c2:8d:31:aa:8f:6e:dc:85:6a:c1:64:33:fb:30:f7:b5:9c:d8:
e3:58:79:f0:cb:93:e2:35:5c:38:74:8e:4b:77:8e:dd:30:46:
04:91:d3:c8:25:ae:93:a2:19:ec:4e:90:38:94:06:37:80:9e:
f0:df:35:00:17:bd:30:74:20:3f:1a:06:3a:cb:70:e6:cb:d1:
fd:1e:1e:80:c2:4b:df:e7:15:fb:14:ae:f5:66:73:25:9c:75:
7c:4a:e9:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIJk0+KGyXU2+aTo5s5BkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjUwMTAyMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODA4OWYxN2JmMmE5YTFjMjg2ZGIzNjI3ZWZmYTc3MTIxOGE5NDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIr9m4e1Xozr92IHhS490vy3aJRu
1oNuzXPcKU2TTBdYlq5jPvjzgZkwbZPurfG7JoxyZA+kW+7RIJWgvEi+4W+Vdekm
KnTmrvCHNM3ErUTqHHuNttE87YUpq6vmnGsKbSND8yVfhdKdTZ31/1I3NKzCqGfu
Fr7l/liTZnuZAqfFaJAi2ZL7dt/Ost6S0k+20zRsbUYX3DunYl+i7sd45e/udWNJ
ur3pNYT0l1zlLDdkTl4Kw5uG0fWZHfEY4sQDWF20fZhuBk2iaINYP+groLdhPFp2
ZarPSaJRiQwXVm2ZpMyu8awY6O6KWmrIXXpYIYx85TnJNBu5sLoNM7+vBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEgInxe/KpocKG2zYn7/p3EhipQkMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvU0FpZkY3OHFtaHdvYmJOaWZ2LW5jU0dLbENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTVFoAwQD
WS6YMA0GCSqGSIb3DQEBCwUAA4IBAQAKqyDQzl2TbkRFaztRwrZDR4611GBFj+s9
DJkKfEag2saRp4eRBJp9Un9O6TkPiSa1ONzm2SqLo8e2q0DCyt0/CXhzM0hf/N8F
nYs9EgTpiUs/k4E4Rau99fyTLYpgchbaScYxOkrEhv790HXQa2em/yyBBAL0JXiK
c+9EUxLX8QZOuH4ghEmFhUtGg5f5Ni6IuG5kfgSpUMG4+/7kiuvyfKrCjTGqj27c
hWrBZDP7MPe1nNjjWHnwy5PiNVw4dI5Ld47dMEYEkdPIJa6TohnsTpA4lAY3gJ7w
3zUAF70wdCA/GgY6y3Dmy9H9Hh6Awkvf5xX7FK71ZnMlnHV8Suk0
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:52 2025 by rpki-client