Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/3MpMrZCGcubCz0yMDFLFBO52iIg.roa
File: 3MpMrZCGcubCz0yMDFLFBO52iIg.roa (raw, json)
Hash identifier: Vunqm6pvkp6Ov4n+/UQF3IUdJpcTVJn4fLJgh0ucvaE=
Subject key identifier: DC:CA:4C:AD:90:86:72:E6:C2:CF:4C:8C:0C:52:C5:04:EE:76:88:88
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01942220141A0F2E049D006A5EDDB490ABEB
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/3MpMrZCGcubCz0yMDFLFBO52iIg.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60602
IP address blocks: 77.111.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:14:1a:0f:2e:04:9d:00:6a:5e:dd:b4:90:ab:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcca4cad908672e6c2cf4c8c0c52c504ee768888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:99:d0:3f:96:0b:66:15:11:dc:6d:9f:df:
5d:7d:eb:8d:d5:78:c8:2f:69:85:e8:33:e8:70:33:
c6:c9:ef:b1:9c:26:73:d8:35:8c:cc:95:6a:da:ce:
89:1e:b8:0e:6c:17:91:34:be:26:09:69:a6:c2:65:
d8:9c:30:6d:63:a5:5d:7d:1d:05:de:91:47:4b:1a:
7d:de:89:c4:87:b2:6d:30:42:3b:68:72:9a:9a:1b:
11:f1:62:2e:6b:9a:12:68:b2:1b:8f:1a:38:f3:d1:
05:b4:35:4f:de:82:d2:9a:2f:f2:79:46:0a:75:63:
20:b6:0f:56:4b:32:67:f9:58:fc:d2:a5:dc:88:63:
65:77:5f:05:f0:b7:ce:d3:5a:d9:54:c4:67:3b:af:
a6:4e:8a:3f:5d:a7:39:57:78:49:be:cb:83:a4:d7:
94:49:48:10:fe:68:14:32:2e:26:58:1b:f1:1f:39:
47:43:84:1f:b8:08:27:45:80:8d:b7:0c:31:c6:d8:
bc:d3:3a:03:7a:82:fd:ad:29:7e:c9:68:2a:7d:b0:
42:84:d1:24:ac:c4:20:1b:95:9e:78:24:b6:7f:0e:
96:55:2e:82:34:73:1c:63:31:6c:5c:00:3e:35:03:
f1:45:26:14:ef:91:b2:37:2a:d4:87:08:83:27:d3:
ae:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CA:4C:AD:90:86:72:E6:C2:CF:4C:8C:0C:52:C5:04:EE:76:88:88
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/3MpMrZCGcubCz0yMDFLFBO52iIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.108.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:14:d7:c5:dc:6d:25:55:02:6c:53:62:79:d0:b6:b5:f0:0b:
9f:eb:0d:aa:db:46:bc:ed:f9:de:37:a5:1e:f4:f4:01:07:fa:
47:e5:b5:0e:7a:98:af:ca:90:1d:a0:13:a8:f4:05:fa:98:4a:
b3:96:8a:19:93:19:45:a4:27:27:45:13:93:de:b5:a2:33:98:
47:5d:2e:78:38:ca:f3:25:d6:c1:b1:52:72:71:94:1b:42:c6:
07:4f:3d:04:10:38:6c:43:ab:98:82:60:c5:14:e9:b7:bf:5c:
6f:db:bd:56:a1:66:0e:d1:55:41:b1:21:55:b7:89:0c:35:13:
0f:48:17:a2:4b:5a:0d:50:67:c7:c7:53:1f:85:a4:18:ac:0b:
67:7e:e9:5f:92:ce:13:f3:c8:8e:0a:57:c7:e7:91:1e:66:f2:
02:64:99:e9:6e:0c:76:66:2c:52:2c:44:c1:c8:ec:4d:18:b8:
a4:45:c1:73:9f:8b:1c:cb:7b:f9:e7:a9:07:67:b3:d5:d4:b6:
fd:cf:94:1b:64:7f:8e:a4:63:f8:c7:9a:c3:91:81:10:e2:38:
cb:5e:b8:c8:5d:68:be:af:47:21:4a:c4:0c:68:05:fb:2f:c7:
b7:40:74:b5:06:e6:3e:6d:47:f6:fa:15:59:eb:bb:6a:a6:09:
c1:83:50:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBQaDy4EnQBqXt20kKvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NhNGNhZDkwODY3MmU2YzJjZjRjOGMwYzUyYzUwNGVlNzY4ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNyZ0D+WC2YVEdxtn99dfeuN1XjI
L2mF6DPocDPGye+xnCZz2DWMzJVq2s6JHrgObBeRNL4mCWmmwmXYnDBtY6VdfR0F
3pFHSxp93onEh7JtMEI7aHKamhsR8WIua5oSaLIbjxo489EFtDVP3oLSmi/yeUYK
dWMgtg9WSzJn+Vj80qXciGNld18F8LfO01rZVMRnO6+mToo/Xac5V3hJvsuDpNeU
SUgQ/mgUMi4mWBvxHzlHQ4QfuAgnRYCNtwwxxti80zoDeoL9rSl+yWgqfbBChNEk
rMQgG5WeeCS2fw6WVS6CNHMcYzFsXAA+NQPxRSYU75GyNyrUhwiDJ9OuBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzKTK2QhnLmws9MjAxSxQTudoiIMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvM01wTXJaQ0djdWJDejB5TURGTEZCTzUyaUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9sMA0G
CSqGSIb3DQEBCwUAA4IBAQAeFNfF3G0lVQJsU2J50La18Auf6w2q20a87fneN6Ue
9PQBB/pH5bUOepivypAdoBOo9AX6mEqzlooZkxlFpCcnRROT3rWiM5hHXS54OMrz
JdbBsVJycZQbQsYHTz0EEDhsQ6uYgmDFFOm3v1xv271WoWYO0VVBsSFVt4kMNRMP
SBeiS1oNUGfHx1MfhaQYrAtnfulfks4T88iOClfH55EeZvICZJnpbgx2ZixSLETB
yOxNGLikRcFzn4scy3v556kHZ7PV1Lb9z5QbZH+OpGP4x5rDkYEQ4jjLXrjIXWi+
r0chSsQMaAX7L8e3QHS1BuY+bUf2+hVZ67tqpgnBg1Ay
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:19 2025 by rpki-client