Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/iOPzcMHMdJHeBa10FwSaxUD1hQk.roa
File: iOPzcMHMdJHeBa10FwSaxUD1hQk.roa (raw, json)
Hash identifier: xY1DZQGxWVwMc7HGVUH0sfEmUIj4uHKFlltCBQuySqI=
Subject key identifier: 88:E3:F3:70:C1:CC:74:91:DE:05:AD:74:17:04:9A:C5:40:F5:85:09
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0194222020F5CC27A374323D0229BD5731F6
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/iOPzcMHMdJHeBa10FwSaxUD1hQk.roa
Signing time: Wed 01 Jan 2025 13:48:38 +0000
ROA not before: Wed 01 Jan 2025 13:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 77.111.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:20:f5:cc:27:a3:74:32:3d:02:29:bd:57:31:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88e3f370c1cc7491de05ad7417049ac540f58509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:06:be:b0:93:f0:2c:36:b1:b9:7b:78:8a:
3f:0d:84:eb:f8:fe:09:03:2f:c7:a7:02:ff:ec:33:
36:12:9a:84:9d:16:2b:03:9b:05:18:34:57:19:7c:
70:45:0a:c0:72:f4:33:87:88:0b:03:d4:5e:1c:41:
5d:27:e4:7d:3f:c0:ff:0f:ae:8b:cf:20:b4:23:01:
95:6d:29:83:8c:7e:45:c2:3a:13:a9:12:f1:44:cc:
58:34:9b:f9:39:09:a1:d8:c1:19:67:42:d3:ec:5c:
f9:0a:ec:89:78:46:ce:5e:a7:56:52:3d:1a:f5:19:
60:93:db:14:89:9a:45:62:8f:db:2c:8b:9e:fa:70:
50:f1:37:c3:14:72:19:7b:4f:e0:f7:49:51:12:01:
71:4d:78:de:59:92:34:9c:57:4b:5b:38:d1:92:d1:
50:6b:54:29:63:ee:e8:8c:70:95:a3:84:1e:ce:39:
b2:78:33:77:63:db:3e:7c:89:28:0f:51:aa:b2:68:
80:73:0c:16:ad:84:ad:f0:ee:c8:09:8d:f6:3c:c8:
17:fa:41:1b:7a:27:04:aa:d7:ae:d1:2a:5a:0f:eb:
7f:2b:3d:7c:18:1e:5d:cc:aa:c9:95:2c:65:62:a4:
e7:9a:d0:90:35:a6:16:f0:8e:60:2a:ed:c4:10:83:
87:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E3:F3:70:C1:CC:74:91:DE:05:AD:74:17:04:9A:C5:40:F5:85:09
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/iOPzcMHMdJHeBa10FwSaxUD1hQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.101.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e2:90:87:0f:70:62:b6:ee:c8:a7:f1:d4:43:2f:a6:8a:56:
c1:d2:59:04:b3:ed:c9:fe:e5:0b:b3:0d:dd:5b:9b:cb:93:cf:
ca:84:57:f0:17:5a:b7:91:c3:7d:ba:da:ff:51:27:e2:8a:f6:
ea:fe:d2:fb:25:ae:20:22:6a:4d:d0:6a:fb:e8:64:b7:42:23:
55:da:90:f5:13:c5:cf:a0:52:28:a2:02:99:4c:aa:4f:26:29:
b0:52:68:40:cf:2a:23:1d:b8:9f:c8:f3:8e:07:25:2f:b7:75:
fd:68:e1:2c:e0:cc:e1:f5:8e:87:79:3c:22:e7:c0:34:12:e6:
8a:b6:48:33:1d:28:e5:8a:88:ca:48:7c:69:f5:9e:6d:a8:84:
51:2f:7b:06:9e:13:9d:fe:f0:8d:e5:db:d5:30:fd:c1:f1:bd:
19:f1:a4:36:a8:c5:bb:26:b1:b8:44:d8:dc:5a:24:97:8f:07:
0b:31:f4:40:da:15:11:04:d0:f9:ad:bd:47:22:83:2f:a1:84:
71:1e:8f:df:74:24:36:0a:bc:fc:0e:a0:aa:22:16:ba:25:32:
6d:56:a8:28:6f:6d:7b:62:e6:fe:4c:cf:2d:ad:6f:67:f2:62:
c2:3e:f7:fe:c2:f2:f4:c1:90:d0:dc:f7:14:5e:35:45:1c:40:
ee:eb:7e:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiICD1zCejdDI9Aim9VzH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGUzZjM3MGMxY2M3NDkxZGUwNWFkNzQxNzA0OWFjNTQwZjU4NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrkGvrCT8Cw2sbl7eIo/DYTr+P4J
Ay/HpwL/7DM2EpqEnRYrA5sFGDRXGXxwRQrAcvQzh4gLA9ReHEFdJ+R9P8D/D66L
zyC0IwGVbSmDjH5FwjoTqRLxRMxYNJv5OQmh2MEZZ0LT7Fz5CuyJeEbOXqdWUj0a
9Rlgk9sUiZpFYo/bLIue+nBQ8TfDFHIZe0/g90lREgFxTXjeWZI0nFdLWzjRktFQ
a1QpY+7ojHCVo4QezjmyeDN3Y9s+fIkoD1GqsmiAcwwWrYSt8O7ICY32PMgX+kEb
eicEqteu0SpaD+t/Kz18GB5dzKrJlSxlYqTnmtCQNaYW8I5gKu3EEIOHIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjj83DBzHSR3gWtdBcEmsVA9YUJMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvaU9QemNNSE1kSkhlQmExMEZ3U2F4VUQxaFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9lMA0G
CSqGSIb3DQEBCwUAA4IBAQAH4pCHD3Bitu7Ip/HUQy+milbB0lkEs+3J/uULsw3d
W5vLk8/KhFfwF1q3kcN9utr/USfiivbq/tL7Ja4gImpN0Gr76GS3QiNV2pD1E8XP
oFIoogKZTKpPJimwUmhAzyojHbifyPOOByUvt3X9aOEs4Mzh9Y6HeTwi58A0EuaK
tkgzHSjliojKSHxp9Z5tqIRRL3sGnhOd/vCN5dvVMP3B8b0Z8aQ2qMW7JrG4RNjc
WiSXjwcLMfRA2hURBND5rb1HIoMvoYRxHo/fdCQ2Crz8DqCqIha6JTJtVqgob217
Yub+TM8trW9n8mLCPvf+wvL0wZDQ3PcUXjVFHEDu637R
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:22 2025 by rpki-client