Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e37382e3132312e302f32342d3234203d3e20313336373837.roa
File: 37372e37382e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TZWijP8e7XJd1oRbV0m2BUdyNxLEyAGyWGuj6OMa0H8=
Subject key identifier: 91:29:66:26:0A:5B:50:A5:E0:7D:88:A5:C4:5C:8C:E7:96:C4:CE:53
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E2CF0AA67A6B56C5E8837CE3ABDBE334E9DFC28
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e37382e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:30 +0000
ROA not before: Mon 27 Jan 2025 09:40:30 +0000
ROA not after: Mon 26 Jan 2026 09:45:30 +0000
asID: 136787
IP address blocks: 77.78.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:2c:f0:aa:67:a6:b5:6c:5e:88:37:ce:3a:bd:be:33:4e:9d:fc:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:30 2025 GMT
Not After : Jan 26 09:45:30 2026 GMT
Subject: CN=912966260A5B50A5E07D88A5C45C8CE796C4CE53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:0f:71:0a:73:17:67:2b:d2:f3:97:8f:47:
22:e3:43:40:16:e8:73:c6:fe:5b:e4:3f:d1:45:6b:
55:c9:23:7f:33:0f:44:f5:54:f8:3c:7a:19:bf:14:
6f:7b:46:76:7c:d1:eb:5e:a5:e4:a0:9c:55:f0:1b:
06:76:03:8e:fb:90:e3:fc:a5:49:3e:a2:7f:c5:96:
3b:d4:5b:36:0b:c2:13:7f:ef:41:eb:bd:90:85:17:
8e:31:dd:51:74:d6:50:bf:96:36:1a:31:5f:f0:29:
9d:ee:03:0d:1f:30:28:b6:c7:53:73:f8:1a:7b:76:
a1:28:71:de:58:05:71:af:e4:14:fa:1c:30:b7:e3:
9e:59:5d:60:a1:0b:73:b2:dc:c7:ef:cb:b4:08:fc:
bc:2d:95:2a:d1:fe:c3:13:b0:f1:eb:ec:ca:e5:06:
da:50:87:31:74:08:b5:f4:fe:1f:dd:6e:d6:77:44:
26:dc:a3:f7:23:ee:0e:ef:b3:a3:5c:fa:61:51:18:
10:c0:e8:be:e5:57:57:5f:51:4b:0a:f9:6d:76:e2:
0d:e4:9d:8f:f0:68:b8:8c:56:e4:05:d5:5f:da:f2:
fb:f4:35:b1:f6:02:9f:dc:3a:fb:2f:eb:7c:81:fe:
2b:32:aa:f0:d5:c0:e2:4a:97:28:f8:7b:16:96:aa:
55:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:29:66:26:0A:5B:50:A5:E0:7D:88:A5:C4:5C:8C:E7:96:C4:CE:53
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e37382e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.121.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e3:d8:29:74:59:58:65:f2:11:31:bb:0c:cf:14:97:50:02:
ff:21:c0:c7:38:ef:13:9c:c2:df:5e:15:10:08:15:3a:45:98:
18:c1:67:db:87:d5:93:f0:17:98:f5:a6:ad:1c:92:5a:e9:cd:
b2:2d:f6:57:8b:8c:00:8a:7c:b4:06:80:d9:28:15:2e:d3:2f:
12:77:81:d3:71:68:23:4a:a9:eb:71:e9:bd:13:e5:0a:e1:e7:
d4:f6:34:8c:b8:66:aa:da:3e:85:c0:15:30:cf:74:9c:2d:94:
fd:db:e5:40:63:6f:7d:4a:98:fd:c9:81:d8:7f:f0:aa:0a:c7:
3b:ad:94:d9:f7:7a:00:f5:f5:34:89:15:4b:05:8e:f4:e5:88:
81:9b:dd:63:96:16:46:3f:d6:2f:eb:91:23:ad:79:a3:ae:fa:
32:5f:57:df:6a:f3:67:1e:51:58:c1:06:af:68:b2:2b:78:64:
41:bc:4a:0e:46:e9:a1:37:e1:8f:c5:55:54:dd:ba:2d:b1:7b:
35:90:a3:95:bc:92:6f:2a:02:61:08:71:b3:2d:f1:0a:a4:9b:
78:34:0f:93:b3:75:a8:01:6a:73:3b:2d:35:ea:89:d9:c4:ed:
8b:16:48:c2:90:ac:f4:f8:e2:e4:47:2b:22:78:b6:14:22:30:
e7:e5:88:8e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHizwqmemtWxeiDfOOr2+M06d/CgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMzBaFw0yNjAxMjYwOTQ1MzBaMDMxMTAvBgNV
BAMTKDkxMjk2NjI2MEE1QjUwQTVFMDdEODhBNUM0NUM4Q0U3OTZDNENFNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk8Q9xCnMXZyvS85ePRyLjQ0AW
6HPG/lvkP9FFa1XJI38zD0T1VPg8ehm/FG97RnZ80etepeSgnFXwGwZ2A477kOP8
pUk+on/FljvUWzYLwhN/70HrvZCFF44x3VF01lC/ljYaMV/wKZ3uAw0fMCi2x1Nz
+Bp7dqEocd5YBXGv5BT6HDC3455ZXWChC3Oy3Mfvy7QI/LwtlSrR/sMTsPHr7Mrl
BtpQhzF0CLX0/h/dbtZ3RCbco/cj7g7vs6Nc+mFRGBDA6L7lV1dfUUsK+W124g3k
nY/waLiMVuQF1V/a8vv0NbH2Ap/cOvsv63yB/isyqvDVwOJKlyj4exaWqlWDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkSlmJgpbUKXgfYilxFyM55bEzlMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzczODJlMzEzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TU55MA0GCSqGSIb3DQEBCwUAA4IBAQCb49gpdFlYZfIRMbsMzxSXUAL/IcDHOO8T
nMLfXhUQCBU6RZgYwWfbh9WT8BeY9aatHJJa6c2yLfZXi4wAiny0BoDZKBUu0y8S
d4HTcWgjSqnrcem9E+UK4efU9jSMuGaq2j6FwBUwz3ScLZT92+VAY299Spj9yYHY
f/CqCsc7rZTZ93oA9fU0iRVLBY705YiBm91jlhZGP9Yv65EjrXmjrvoyX1ffavNn
HlFYwQavaLIreGRBvEoORumhN+GPxVVU3botsXs1kKOVvJJvKgJhCHGzLfEKpJt4
NA+Ts3WoAWpzOy016onZxO2LFkjCkKz0+OLkRysieLYUIjDn5YiO
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:16:13 2025 by rpki-client