Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/I6QQ8D4a1STk2kbXz6J_lGrDBok.roa
File: I6QQ8D4a1STk2kbXz6J_lGrDBok.roa (raw, json)
Hash identifier: ZM3Jp/vIZlNwcWJYO4LQNG51RgTy2h9eCX0o1rBPK2s=
Subject key identifier: 23:A4:10:F0:3E:1A:D5:24:E4:DA:46:D7:CF:A2:7F:94:6A:C3:06:89
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA5D0B156D1895F4EDC26F40F624F9
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/I6QQ8D4a1STk2kbXz6J_lGrDBok.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212036
IP address blocks: 87.107.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5d:0b:15:6d:18:95:f4:ed:c2:6f:40:f6:24:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23a410f03e1ad524e4da46d7cfa27f946ac30689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f7:0c:2e:c8:ec:62:f6:8d:98:00:a9:07:87:
9d:8b:85:a8:47:42:d1:b1:3d:c8:1d:32:b3:92:6b:
83:e2:74:04:92:82:cb:0b:80:ad:fa:de:8a:37:97:
eb:e0:42:d8:0a:f9:ba:ab:70:55:42:67:03:59:5a:
50:0e:4c:d8:e5:a2:68:b8:ab:0b:f9:6a:9d:90:84:
9f:cf:af:a7:e1:01:14:ca:a5:0d:c0:28:fc:f2:ee:
0f:f5:bd:01:2c:73:e9:37:99:f9:f1:10:ec:67:10:
d4:b5:4e:07:d3:52:fd:9a:da:0b:71:7f:d6:e9:62:
57:57:27:72:e5:60:59:0f:47:da:b0:1b:a9:43:f5:
c9:fe:3e:c8:6a:4a:b4:ad:65:2a:a3:2a:d4:b9:3c:
ce:65:8b:87:e6:9f:4b:87:8a:a2:a5:ee:23:e8:00:
77:05:5a:2d:ee:47:fe:6d:cb:2b:af:e3:e0:6f:48:
0e:d7:6d:21:ad:8b:91:ef:c2:82:c2:e5:da:2a:e1:
2a:2c:ae:57:78:a7:8c:bb:4d:57:5d:8c:55:41:54:
23:52:9f:b1:8a:8e:4d:cc:41:7b:d1:90:01:fa:46:
63:1a:b1:db:99:2b:4c:8e:21:c4:b8:cc:19:2d:bc:
be:a4:29:b1:52:6b:67:87:24:2b:29:56:d1:54:06:
4b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A4:10:F0:3E:1A:D5:24:E4:DA:46:D7:CF:A2:7F:94:6A:C3:06:89
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/I6QQ8D4a1STk2kbXz6J_lGrDBok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.101.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:6e:93:87:31:74:b0:34:5e:36:9a:1b:6e:a3:d5:f5:93:35:
c5:b8:4e:db:59:31:53:63:70:64:87:d1:38:6b:a7:65:43:a2:
08:62:0f:87:57:fe:5b:4a:9a:91:4c:62:34:ed:9c:dd:12:6e:
88:c5:47:a0:e6:82:39:b1:5a:4b:a1:43:e7:9b:db:80:10:06:
aa:57:6f:5e:1a:cb:a4:39:14:c0:0f:77:2d:c3:04:47:47:66:
72:74:b0:ce:fd:eb:08:d6:43:29:c0:5b:61:59:ab:30:2b:5c:
d4:08:78:68:40:5c:f8:01:8e:b5:fb:7e:05:a5:d5:81:8f:78:
49:87:bc:1f:fd:b7:51:c1:28:f7:9a:11:b8:49:06:05:75:b6:
7e:8d:60:f8:6f:9e:23:17:2f:cd:fa:28:d0:b8:c9:87:be:47:
76:3d:7b:cb:7b:15:e7:0f:fc:32:ae:97:ea:87:30:0f:19:b0:
e6:6b:5a:5e:c6:16:9c:b8:19:4a:de:1d:ee:3d:fc:2b:65:f7:
1a:25:63:f8:fa:14:8d:41:78:a2:17:ad:b9:9a:20:78:b8:3a:
be:41:9b:af:e5:88:85:94:2c:5b:8d:d2:3a:a2:4a:10:4a:97:
01:82:0c:58:dc:6b:99:c0:7c:c2:8f:f4:f9:d0:3c:cb:76:67:
cc:6e:d6:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+l0LFW0YlfTtwm9A9iT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E0MTBmMDNlMWFkNTI0ZTRkYTQ2ZDdjZmEyN2Y5NDZhYzMwNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/cMLsjsYvaNmACpB4edi4WoR0LR
sT3IHTKzkmuD4nQEkoLLC4Ct+t6KN5fr4ELYCvm6q3BVQmcDWVpQDkzY5aJouKsL
+WqdkISfz6+n4QEUyqUNwCj88u4P9b0BLHPpN5n58RDsZxDUtU4H01L9mtoLcX/W
6WJXVydy5WBZD0fasBupQ/XJ/j7Iakq0rWUqoyrUuTzOZYuH5p9Lh4qipe4j6AB3
BVot7kf+bcsrr+Pgb0gO120hrYuR78KCwuXaKuEqLK5XeKeMu01XXYxVQVQjUp+x
io5NzEF70ZAB+kZjGrHbmStMjiHEuMwZLby+pCmxUmtnhyQrKVbRVAZLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOkEPA+GtUk5NpG18+if5RqwwaJMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvSTZRUThENGExU1RrMmtiWHo2Sl9sR3JEQm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV2tlMA0G
CSqGSIb3DQEBCwUAA4IBAQA8bpOHMXSwNF42mhtuo9X1kzXFuE7bWTFTY3Bkh9E4
a6dlQ6IIYg+HV/5bSpqRTGI07ZzdEm6IxUeg5oI5sVpLoUPnm9uAEAaqV29eGsuk
ORTAD3ctwwRHR2ZydLDO/esI1kMpwFthWaswK1zUCHhoQFz4AY61+34FpdWBj3hJ
h7wf/bdRwSj3mhG4SQYFdbZ+jWD4b54jFy/N+ijQuMmHvkd2PXvLexXnD/wyrpfq
hzAPGbDma1pexhacuBlK3h3uPfwrZfcaJWP4+hSNQXiiF625miB4uDq+QZuv5YiF
lCxbjdI6okoQSpcBggxY3GuZwHzCj/T50DzLdmfMbtZn
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:42:23 2025 by rpki-client