Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/NfFWK6CE2t9Pa-x8zwAV9BuwlEI.roa
File: NfFWK6CE2t9Pa-x8zwAV9BuwlEI.roa (raw, json)
Hash identifier: YfoMWCybmpdOuYSX8n89Rg3jlFAY6S7JvtkdJ5G+mxc=
Subject key identifier: 35:F1:56:2B:A0:84:DA:DF:4F:6B:EC:7C:CF:00:15:F4:1B:B0:94:42
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0194252151620248A28DA06FD2627BC15314
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/NfFWK6CE2t9Pa-x8zwAV9BuwlEI.roa
Signing time: Thu 02 Jan 2025 03:48:48 +0000
ROA not before: Thu 02 Jan 2025 03:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201450
IP address blocks: 77.111.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:51:62:02:48:a2:8d:a0:6f:d2:62:7b:c1:53:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 2 03:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35f1562ba084dadf4f6bec7ccf0015f41bb09442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ab:63:d6:da:e2:ef:62:fc:e7:60:1b:96:6d:
a0:db:c1:dc:a7:03:68:3f:89:97:a4:b7:44:25:98:
86:0c:61:c2:4f:7e:f3:d6:6f:88:fe:96:fc:8c:53:
67:41:9d:e2:94:45:e1:57:59:a2:7f:03:a9:d2:b3:
df:12:ec:d7:18:12:10:0d:a2:4f:ad:46:50:7d:b5:
4e:e2:43:85:c9:74:ed:63:8e:42:da:a3:95:10:dd:
c0:c1:b7:99:88:4c:5a:ed:c0:8d:f2:5f:52:89:2b:
21:27:0e:44:8b:be:a1:02:77:b5:cf:fd:b9:61:69:
c6:49:fe:88:ca:6e:84:6e:9b:9c:2e:be:ab:bd:3e:
3c:59:73:30:05:94:99:7e:39:f9:11:0a:5d:7d:ff:
cf:ad:09:87:58:bb:42:91:b7:c2:50:70:c3:a2:6c:
df:42:93:c3:7b:76:e7:b9:e1:cc:f0:06:7c:6b:7b:
44:9f:0d:71:5a:7f:e5:0e:23:89:db:fc:b4:7d:0b:
93:29:a4:ca:39:59:1c:1b:19:e3:28:9b:0a:1d:dc:
52:7a:a4:4e:0c:87:bd:ff:45:3c:4a:8c:2d:4f:31:
94:7e:d8:48:f7:83:86:28:eb:86:99:49:a2:d4:3d:
bd:4e:48:8e:53:b3:44:76:1b:fa:72:66:17:b9:a0:
75:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F1:56:2B:A0:84:DA:DF:4F:6B:EC:7C:CF:00:15:F4:1B:B0:94:42
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/NfFWK6CE2t9Pa-x8zwAV9BuwlEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:26:d3:8d:47:c6:7a:e3:75:35:db:1d:1e:46:40:60:05:36:
3d:e2:32:9a:0f:9d:67:e5:cb:62:73:c9:ea:c1:5d:83:ac:4a:
9e:8d:e3:87:64:96:e4:03:aa:fa:26:7d:55:40:d6:b2:a3:59:
56:66:e6:c3:fd:e7:64:14:a2:bc:7e:5a:2d:3b:8f:44:46:eb:
46:45:3f:25:72:fc:0c:f1:71:f6:22:1c:c9:df:8d:cc:53:3f:
87:06:25:b3:0f:6c:1c:41:f8:1d:bc:60:aa:f6:55:e6:0a:b6:
92:68:a6:5d:ae:04:d1:45:34:ae:df:53:f8:3d:ca:36:7c:f6:
d2:cd:27:8d:1e:55:b6:c0:6b:8d:38:67:66:b0:31:5f:b4:eb:
d9:b6:9d:93:64:51:7a:33:42:9a:41:8f:bc:ba:04:30:75:85:
78:18:af:a9:d6:38:19:da:a6:5a:9f:42:9d:44:bd:aa:8c:d5:
df:09:d0:af:f4:b9:42:20:84:79:26:22:89:01:9e:43:c4:a7:
cc:51:4a:9f:10:ad:15:62:f1:63:84:72:7c:a0:70:9b:02:17:
60:58:3b:dc:55:d8:4d:d2:e3:31:90:37:11:63:4d:58:1d:f5:
d3:e5:9f:7d:a8:5d:47:89:ab:39:27:63:ce:6a:d7:f3:02:67:
b5:0c:ad:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIVFiAkiijaBv0mJ7wVMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUwMTAyMDM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYxNTYyYmEwODRkYWRmNGY2YmVjN2NjZjAwMTVmNDFiYjA5NDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6atj1tri72L852Ablm2g28HcpwNo
P4mXpLdEJZiGDGHCT37z1m+I/pb8jFNnQZ3ilEXhV1mifwOp0rPfEuzXGBIQDaJP
rUZQfbVO4kOFyXTtY45C2qOVEN3AwbeZiExa7cCN8l9SiSshJw5Ei76hAne1z/25
YWnGSf6Iym6EbpucLr6rvT48WXMwBZSZfjn5EQpdff/PrQmHWLtCkbfCUHDDomzf
QpPDe3bnueHM8AZ8a3tEnw1xWn/lDiOJ2/y0fQuTKaTKOVkcGxnjKJsKHdxSeqRO
DIe9/0U8SowtTzGUfthI94OGKOuGmUmi1D29TkiOU7NEdhv6cmYXuaB1MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXxViughNrfT2vsfM8AFfQbsJRCMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvTmZGV0s2Q0UydDlQYS14OHp3QVY5QnV3bEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9+MA0G
CSqGSIb3DQEBCwUAA4IBAQB7JtONR8Z643U12x0eRkBgBTY94jKaD51n5ctic8nq
wV2DrEqejeOHZJbkA6r6Jn1VQNayo1lWZubD/edkFKK8flotO49ERutGRT8lcvwM
8XH2IhzJ343MUz+HBiWzD2wcQfgdvGCq9lXmCraSaKZdrgTRRTSu31P4Pco2fPbS
zSeNHlW2wGuNOGdmsDFftOvZtp2TZFF6M0KaQY+8ugQwdYV4GK+p1jgZ2qZan0Kd
RL2qjNXfCdCv9LlCIIR5JiKJAZ5DxKfMUUqfEK0VYvFjhHJ8oHCbAhdgWDvcVdhN
0uMxkDcRY01YHfXT5Z99qF1Hias5J2POatfzAme1DK1a
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:22:32 2025 by rpki-client