Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/U3moSjgLtc28nWvPqi0yFKSO3r4.roa
File: U3moSjgLtc28nWvPqi0yFKSO3r4.roa (raw, json)
Hash identifier: yy0z8EFc2P2yOYlK0LdaqPXOy+81gs4j81+B3I6NpO0=
Subject key identifier: 53:79:A8:4A:38:0B:B5:CD:BC:9D:6B:CF:AA:2D:32:14:A4:8E:DE:BE
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01953C418978F02FDC32C9B1E7A8620C40B4
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/U3moSjgLtc28nWvPqi0yFKSO3r4.roa
Signing time: Tue 25 Feb 2025 08:38:02 +0000
ROA not before: Tue 25 Feb 2025 08:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 81.12.90.0/23 maxlen: 23
87.107.31.0/24 maxlen: 24
87.107.32.0/23 maxlen: 23
87.107.85.0/24 maxlen: 24
87.107.142.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:41:89:78:f0:2f:dc:32:c9:b1:e7:a8:62:0c:40:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Feb 25 08:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5379a84a380bb5cdbc9d6bcfaa2d3214a48edebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:b8:96:b8:50:91:b2:cf:a3:5b:73:06:9c:
03:17:27:97:a3:04:72:7f:f9:17:50:46:06:a8:9f:
22:35:29:3b:99:09:df:55:e3:33:c5:6e:a8:ab:27:
01:82:78:d2:f4:eb:60:09:2b:43:d5:59:7d:5b:85:
bd:83:c6:d3:e2:72:c2:28:d6:98:39:35:f6:b6:67:
6c:bc:52:62:08:cd:da:8c:1c:e5:1c:a6:87:82:8b:
21:9e:ea:98:28:52:a0:f6:5a:b5:e2:01:e9:59:71:
6a:fe:af:dd:ea:35:af:61:3f:62:f4:6c:70:89:4e:
77:2d:92:54:87:5a:10:3c:6d:e0:83:f1:a7:40:7f:
92:87:94:5c:ff:0e:97:5b:37:32:a1:5a:a0:ab:f9:
af:a1:30:ac:83:aa:80:d4:57:bf:cd:56:3f:87:cf:
65:ca:72:cc:7d:af:0b:8c:c8:b9:49:2d:9d:77:ea:
22:78:8c:a3:f9:7f:6b:58:b8:fe:a5:63:20:52:5b:
50:43:63:e8:69:5b:10:cd:bc:2d:5b:78:b9:8d:d9:
df:dc:71:a3:5c:23:53:80:ed:0f:04:db:f0:f4:cd:
ae:4e:a0:25:fb:d8:ec:92:16:78:f5:c5:22:a8:4e:
ba:79:70:60:43:fd:94:91:02:1c:ab:2b:79:b8:27:
be:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:79:A8:4A:38:0B:B5:CD:BC:9D:6B:CF:AA:2D:32:14:A4:8E:DE:BE
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/U3moSjgLtc28nWvPqi0yFKSO3r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.90.0/23
87.107.31.0-87.107.33.255
87.107.85.0/24
87.107.142.0/23
Signature Algorithm: sha256WithRSAEncryption
03:33:0a:78:b2:73:bd:79:f7:c8:80:86:86:a9:43:cf:fc:23:
9e:11:3c:29:b0:d7:94:71:10:ef:9b:31:52:76:a4:19:71:72:
7f:58:bc:63:7b:e6:42:4b:16:e1:b3:32:19:7d:88:48:46:52:
88:74:73:87:b1:1f:15:b0:9b:bb:a4:d9:3e:c4:1d:97:f5:e3:
dd:bc:38:3d:3d:50:fe:1d:4a:7d:50:c8:90:09:2c:a9:79:a7:
86:ce:25:8e:54:c7:c0:44:36:66:0a:3c:66:fc:d4:4c:08:97:
89:1d:c4:1f:7d:04:94:ac:b7:db:0d:3a:06:e0:a3:03:74:df:
c4:58:c7:34:55:a4:e6:0e:74:d9:cd:8b:eb:25:40:52:82:77:
43:9d:b7:2a:0a:0f:fe:04:d9:fc:5e:0c:1c:d9:24:b1:e3:c5:
a6:40:6b:90:06:70:35:34:a8:07:5d:47:ed:f4:a9:95:a8:b9:
34:38:65:fb:63:43:d0:15:96:78:07:3d:b9:46:9c:fb:49:b8:
a9:c6:d0:b9:c2:ef:b7:f3:6d:eb:21:1d:e5:30:f7:69:66:be:
8f:8a:64:dc:d4:90:b8:1b:f4:ee:3d:01:a1:97:a9:6b:49:c5:
b8:c3:5a:78:10:16:da:47:b2:74:ef:20:d5:00:66:03:d5:ea:
0e:f5:5c:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZU8QYl48C/cMsmx56hiDEC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMjI1MDgzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc5YTg0YTM4MGJiNWNkYmM5ZDZiY2ZhYTJkMzIxNGE0OGVkZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAS4lrhQkbLPo1tzBpwDFyeXowRy
f/kXUEYGqJ8iNSk7mQnfVeMzxW6oqycBgnjS9OtgCStD1Vl9W4W9g8bT4nLCKNaY
OTX2tmdsvFJiCM3ajBzlHKaHgoshnuqYKFKg9lq14gHpWXFq/q/d6jWvYT9i9Gxw
iU53LZJUh1oQPG3gg/GnQH+Sh5Rc/w6XWzcyoVqgq/mvoTCsg6qA1Fe/zVY/h89l
ynLMfa8LjMi5SS2dd+oieIyj+X9rWLj+pWMgUltQQ2PoaVsQzbwtW3i5jdnf3HGj
XCNTgO0PBNvw9M2uTqAl+9jskhZ49cUiqE66eXBgQ/2UkQIcqyt5uCe+vQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFN5qEo4C7XNvJ1rz6otMhSkjt6+MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvVTNtb1NqZ0x0YzI4bld2UHFpMHlGS1NPM3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBUQxaMAwD
BABXax8DBAFXayADBABXa1UDBAFXa44wDQYJKoZIhvcNAQELBQADggEBAAMzCniy
c71598iAhoapQ8/8I54RPCmw15RxEO+bMVJ2pBlxcn9YvGN75kJLFuGzMhl9iEhG
Uoh0c4exHxWwm7uk2T7EHZf14928OD09UP4dSn1QyJAJLKl5p4bOJY5Ux8BENmYK
PGb81EwIl4kdxB99BJSst9sNOgbgowN038RYxzRVpOYOdNnNi+slQFKCd0OdtyoK
D/4E2fxeDBzZJLHjxaZAa5AGcDU0qAddR+30qZWouTQ4ZftjQ9AVlngHPblGnPtJ
uKnG0LnC77fzbeshHeUw92lmvo+KZNzUkLgb9O49AaGXqWtJxbjDWngQFtpHsnTv
INUAZgPV6g71XFg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:42:24 2025 by rpki-client