Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/d3w3nqB5Kl-FSC0jSCG-gsD4dlY.roa
File: d3w3nqB5Kl-FSC0jSCG-gsD4dlY.roa (raw, json)
Hash identifier: 33QNQ+kF6mFEetO5Rno9ayPExXyzerB4sZWFH0Ulruk=
Subject key identifier: 77:7C:37:9E:A0:79:2A:5F:85:48:2D:23:48:21:BE:82:C0:F8:76:56
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01941F8C60EBF26476F5765866C18B2CFD42
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/d3w3nqB5Kl-FSC0jSCG-gsD4dlY.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209588
IP address blocks: 92.51.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:60:eb:f2:64:76:f5:76:58:66:c1:8b:2c:fd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=777c379ea0792a5f85482d234821be82c0f87656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:01:c8:f8:72:ec:78:27:18:5c:ce:a6:04:86:
a6:3a:ab:4d:78:45:90:42:f1:a1:72:a0:10:ef:1d:
ac:11:ce:6e:25:51:bf:ab:3e:00:f6:c0:d7:60:d3:
a3:3e:40:6e:31:76:6d:22:3f:5f:42:96:a5:37:5c:
f3:3c:0f:5d:e0:6a:26:ed:4c:1c:c9:49:6c:2e:f9:
8d:b5:db:4f:06:d4:3f:f6:1d:64:af:5c:12:0d:ad:
11:9b:b4:cf:4e:42:85:a1:db:43:5a:99:6a:b4:95:
d2:63:f1:35:76:4b:8b:80:14:ea:08:06:85:2f:52:
3f:08:19:b0:00:7d:27:12:54:d7:30:16:6c:8d:09:
21:6b:b3:db:6e:58:ee:1c:55:3c:5a:01:5c:3c:ee:
19:8e:c7:b3:66:45:1b:3c:5e:db:94:94:c7:e7:ad:
b7:c8:ed:a3:eb:b6:a9:80:7e:de:c5:40:dd:ea:37:
9d:a3:b9:9a:8f:66:ee:f5:9f:36:02:d2:cd:c3:7f:
39:12:d4:11:9b:e5:a4:85:c7:ec:b0:d1:77:80:14:
33:7f:c8:81:41:cb:f4:26:aa:48:f6:a7:73:85:dc:
7a:67:76:8f:ff:f0:43:ee:f9:86:9f:1d:d1:68:df:
85:18:82:62:08:c2:6d:19:65:01:a3:7e:c3:f7:3d:
ea:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7C:37:9E:A0:79:2A:5F:85:48:2D:23:48:21:BE:82:C0:F8:76:56
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/d3w3nqB5Kl-FSC0jSCG-gsD4dlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.2.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:95:a3:6a:f8:3f:86:b5:15:c0:0c:c2:4a:b8:6f:d4:eb:95:
84:a4:c5:78:0f:02:e9:ef:e9:4f:3d:ad:2b:b2:6e:7e:21:30:
2d:f5:d4:41:aa:ae:5a:c0:47:3d:6b:cd:76:44:a2:be:44:87:
fd:51:1a:59:e3:25:fa:3b:00:b0:2b:ad:7a:c6:78:4f:80:cf:
2d:82:0d:09:7d:e2:65:de:36:14:83:87:bb:87:99:03:9d:a4:
ed:da:00:87:3a:c3:d3:91:f0:b2:40:55:47:c4:4c:49:ff:c0:
3b:f1:83:6d:d9:49:7c:a7:0c:0c:f2:28:7b:36:b8:f4:6a:69:
33:a4:b4:62:7f:62:a5:96:70:c4:d6:7f:9e:11:64:87:5b:b6:
c8:30:78:44:32:76:c7:5c:30:63:22:a3:c6:dd:7e:7b:48:02:
2a:c3:f4:21:ab:a6:34:4d:88:5d:06:a0:3c:22:7f:52:60:7e:
2e:2b:84:53:83:3f:52:da:66:af:c5:04:29:f6:ab:87:46:a4:
84:f3:53:b0:66:e0:80:b3:95:b9:ff:24:20:16:1a:8a:16:ce:
de:41:2c:07:26:d9:47:f6:78:c8:6a:e5:fd:c8:66:ce:1c:65:
ac:80:15:69:59:c6:89:c2:91:d8:ac:aa:42:b2:b7:ac:87:29:
b7:3e:05:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjGDr8mR29XZYZsGLLP1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzdjMzc5ZWEwNzkyYTVmODU0ODJkMjM0ODIxYmU4MmMwZjg3NjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQHI+HLseCcYXM6mBIamOqtNeEWQ
QvGhcqAQ7x2sEc5uJVG/qz4A9sDXYNOjPkBuMXZtIj9fQpalN1zzPA9d4Gom7Uwc
yUlsLvmNtdtPBtQ/9h1kr1wSDa0Rm7TPTkKFodtDWplqtJXSY/E1dkuLgBTqCAaF
L1I/CBmwAH0nElTXMBZsjQkha7PbbljuHFU8WgFcPO4ZjsezZkUbPF7blJTH5623
yO2j67apgH7exUDd6jedo7maj2bu9Z82AtLNw385EtQRm+WkhcfssNF3gBQzf8iB
Qcv0JqpI9qdzhdx6Z3aP//BD7vmGnx3RaN+FGIJiCMJtGWUBo37D9z3qUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHd8N56geSpfhUgtI0ghvoLA+HZWMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvZDN3M25xQjVLbC1GU0MwalNDRy1nc0Q0ZGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXDMCMA0G
CSqGSIb3DQEBCwUAA4IBAQDBlaNq+D+GtRXADMJKuG/U65WEpMV4DwLp7+lPPa0r
sm5+ITAt9dRBqq5awEc9a812RKK+RIf9URpZ4yX6OwCwK616xnhPgM8tgg0JfeJl
3jYUg4e7h5kDnaTt2gCHOsPTkfCyQFVHxExJ/8A78YNt2Ul8pwwM8ih7Nrj0amkz
pLRif2KllnDE1n+eEWSHW7bIMHhEMnbHXDBjIqPG3X57SAIqw/Qhq6Y0TYhdBqA8
In9SYH4uK4RTgz9S2mavxQQp9quHRqSE81OwZuCAs5W5/yQgFhqKFs7eQSwHJtlH
9njIauX9yGbOHGWsgBVpWcaJwpHYrKpCsreshym3PgXU
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:38:29 2025 by rpki-client