Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/rR4l2xUYr0OdmuEcxVObDbOzlqI.roa
File: rR4l2xUYr0OdmuEcxVObDbOzlqI.roa (raw, json)
Hash identifier: SbZ3z0LnIb85i0XrcQrhpe4jEBYPuMhEizzk+VDHMwg=
Subject key identifier: AD:1E:25:DB:15:18:AF:43:9D:9A:E1:1C:C5:53:9B:0D:B3:B3:96:A2
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA5B4DC21CE50FB61B2715235A58D0
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/rR4l2xUYr0OdmuEcxVObDbOzlqI.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209079
IP address blocks: 87.107.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5b:4d:c2:1c:e5:0f:b6:1b:27:15:23:5a:58:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad1e25db1518af439d9ae11cc5539b0db3b396a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b4:62:0c:cd:56:2b:bb:f2:65:43:46:42:9b:
d7:7f:81:96:52:cd:34:61:5a:f4:a4:fb:33:87:49:
6d:2a:20:a1:cc:a3:b6:54:e4:de:79:e5:ae:f2:04:
41:cf:18:a4:ee:64:60:30:7f:ef:fa:db:b9:f4:08:
94:dd:2d:3e:cd:17:79:5d:61:c2:21:62:6c:8c:0e:
68:8a:76:8c:fa:34:43:07:b8:75:67:3c:26:fd:8d:
25:63:eb:81:2a:ca:6b:d8:4c:79:14:ac:01:f2:70:
1f:96:ab:67:ca:94:d3:c8:d2:90:26:4a:22:fc:75:
53:08:ea:ec:a3:f5:0b:9a:ec:bf:09:d2:e5:76:df:
35:c4:b6:b0:1a:69:28:9f:ec:52:d0:80:9a:d4:e1:
12:16:c1:68:24:70:fd:54:06:20:0e:26:1d:69:06:
c4:0a:6e:82:1f:f4:93:7d:a5:ae:9b:bb:ef:7b:59:
c0:0c:91:cd:77:84:fb:8e:e0:5e:9a:88:6e:d5:de:
b8:10:8a:84:2b:e0:ec:9a:f0:7e:26:85:ec:4b:9e:
16:c0:5b:f4:2e:14:b1:25:a7:cb:63:de:c9:b2:59:
f8:12:97:60:9b:fb:05:06:d3:b3:de:5c:d1:69:10:
02:51:4a:a9:44:da:4f:04:87:55:23:02:23:b3:5e:
24:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:1E:25:DB:15:18:AF:43:9D:9A:E1:1C:C5:53:9B:0D:B3:B3:96:A2
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/rR4l2xUYr0OdmuEcxVObDbOzlqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.20.0/22
Signature Algorithm: sha256WithRSAEncryption
08:bf:1a:c0:39:2e:9e:b7:3a:e2:2e:82:d2:84:80:e1:6c:6e:
40:46:97:23:32:11:37:e6:09:a3:fd:ce:f0:62:9e:5e:80:c2:
75:60:c9:96:b3:f2:63:c2:f0:01:84:ca:fe:ce:af:7b:c5:c8:
af:fa:bf:76:0c:6e:f1:5d:59:a4:b5:c8:7c:e5:a6:c1:a5:71:
93:35:17:df:31:e6:f1:18:99:28:ef:3f:80:e0:fb:fa:ac:8a:
d1:a7:74:68:0b:d6:05:31:5b:8c:eb:3f:a2:f1:39:86:0d:c6:
a8:08:c8:f8:13:73:a5:9e:19:13:51:2d:c3:81:ad:47:62:33:
27:2d:c6:b2:0c:6c:bf:48:9c:58:41:b5:af:17:f2:7f:82:44:
57:16:92:18:99:63:d1:4a:e6:2b:35:9a:79:5e:d3:bc:04:c8:
53:a5:e5:4b:c1:37:89:35:e6:09:3d:bc:f2:d1:08:18:bf:d6:
4e:f4:a0:a6:b6:57:ad:34:6a:18:c8:c7:96:0e:74:db:96:c5:
23:03:b6:09:c6:88:0d:38:c0:43:09:2a:78:9b:5e:b7:87:cd:
27:9e:1b:a4:2d:2f:b4:60:8a:69:32:d1:30:c2:03:78:9f:a1:
f6:db:1f:6c:e0:23:22:6a:3e:84:68:d7:5e:20:f7:e7:5a:49:
1a:2d:f6:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ltNwhzlD7YbJxUjWljQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDFlMjVkYjE1MThhZjQzOWQ5YWUxMWNjNTUzOWIwZGIzYjM5NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLRiDM1WK7vyZUNGQpvXf4GWUs00
YVr0pPszh0ltKiChzKO2VOTeeeWu8gRBzxik7mRgMH/v+tu59AiU3S0+zRd5XWHC
IWJsjA5oinaM+jRDB7h1Zzwm/Y0lY+uBKspr2Ex5FKwB8nAflqtnypTTyNKQJkoi
/HVTCOrso/ULmuy/CdLldt81xLawGmkon+xS0ICa1OESFsFoJHD9VAYgDiYdaQbE
Cm6CH/STfaWum7vve1nADJHNd4T7juBemohu1d64EIqEK+DsmvB+JoXsS54WwFv0
LhSxJafLY97Jsln4Epdgm/sFBtOz3lzRaRACUUqpRNpPBIdVIwIjs14kewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0eJdsVGK9DnZrhHMVTmw2zs5aiMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvclI0bDJ4VVlyME9kbXVFY3hWT2JEYk96bHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCV2sUMA0G
CSqGSIb3DQEBCwUAA4IBAQAIvxrAOS6etzriLoLShIDhbG5ARpcjMhE35gmj/c7w
Yp5egMJ1YMmWs/JjwvABhMr+zq97xciv+r92DG7xXVmktch85abBpXGTNRffMebx
GJko7z+A4Pv6rIrRp3RoC9YFMVuM6z+i8TmGDcaoCMj4E3OlnhkTUS3Dga1HYjMn
LcayDGy/SJxYQbWvF/J/gkRXFpIYmWPRSuYrNZp5XtO8BMhTpeVLwTeJNeYJPbzy
0QgYv9ZO9KCmtletNGoYyMeWDnTblsUjA7YJxogNOMBDCSp4m163h80nnhukLS+0
YIppMtEwwgN4n6H22x9s4CMiaj6EaNdeIPfnWkkaLfYK
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:45:04 2025 by rpki-client