Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/0TqXMYtpsGbIwBLfIFpNm2vG0s8.roa
File: 0TqXMYtpsGbIwBLfIFpNm2vG0s8.roa (raw, json)
Hash identifier: aaFyQe5czu4LLmY9UQOXYyOA117KAgNtOPz90Lr8Qn4=
Subject key identifier: D1:3A:97:31:8B:69:B0:66:C8:C0:12:DF:20:5A:4D:9B:6B:C6:D2:CF
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 0195EB5E9B92A684AB543558DBEA594D6C56
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/0TqXMYtpsGbIwBLfIFpNm2vG0s8.roa
Signing time: Mon 31 Mar 2025 08:43:20 +0000
ROA not before: Mon 31 Mar 2025 08:43:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201642
IP address blocks: 77.111.64.0/22 maxlen: 22
194.164.0.0/23 maxlen: 23
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:5e:9b:92:a6:84:ab:54:35:58:db:ea:59:4d:6c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Mar 31 08:43:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d13a97318b69b066c8c012df205a4d9b6bc6d2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:be:49:0d:52:0b:85:f1:f2:2f:72:13:44:
76:97:4f:db:ad:93:00:1d:f2:fa:be:3b:91:c4:f7:
e7:91:61:cf:1e:2b:e6:b9:cf:50:85:48:fe:28:45:
f7:4a:4c:24:1b:c7:1d:5f:98:7b:5c:7a:83:aa:3c:
64:23:24:82:44:ce:64:09:7c:ee:58:f4:d5:cd:f5:
e8:ec:7d:19:07:f1:f3:36:57:b0:ca:06:16:76:79:
ba:1b:db:5c:45:e9:4b:c7:60:13:3a:78:9c:80:76:
60:ba:07:88:34:fb:0a:d1:8a:66:b1:71:33:c3:c2:
47:51:7e:ad:d5:e8:98:92:0a:ae:b9:65:16:e3:be:
e4:2d:be:0c:88:1d:ec:7d:1e:2b:64:8c:ca:ad:24:
5b:cf:1d:c0:e1:b7:33:b5:5b:bf:04:85:86:cc:d4:
9e:80:9a:2b:a8:a0:f1:6a:85:bf:95:a4:f3:4a:28:
d6:98:61:ee:11:d2:2c:2d:0a:00:0d:f8:d6:b3:74:
d8:70:52:60:bb:b7:db:eb:e1:bd:db:27:d5:8c:f3:
3f:e2:7e:60:4e:cc:9b:d1:6e:b8:5e:32:28:e1:7d:
74:5c:d3:f9:3d:87:8a:f5:60:7f:30:d6:cc:99:05:
a5:fa:bd:fe:be:00:88:e4:17:98:ab:b4:ce:2c:fb:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3A:97:31:8B:69:B0:66:C8:C0:12:DF:20:5A:4D:9B:6B:C6:D2:CF
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/0TqXMYtpsGbIwBLfIFpNm2vG0s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.64.0/22
194.164.0.0/23
IPv6:
2a14:3200:2a14::/48
Signature Algorithm: sha256WithRSAEncryption
06:fd:df:85:a4:1b:c0:7d:94:42:0d:24:31:41:74:bf:d6:09:
28:43:16:16:99:0d:10:0d:00:41:03:db:45:f9:fd:e9:a6:66:
66:a0:a2:1c:87:c0:ba:c5:58:af:bc:6b:67:7e:23:bb:ec:39:
cf:ec:5a:3b:c4:41:11:e3:e8:b2:29:7a:6e:27:26:df:35:91:
a2:ba:95:8e:3a:25:cf:ec:6b:fa:6a:40:24:b6:1b:99:f3:1e:
fa:f0:58:d8:ec:c1:e8:10:fe:c2:02:e4:d7:1d:d5:aa:be:b7:
5a:67:4b:dd:ae:75:07:04:c6:a1:43:ca:50:a6:f1:37:f5:6b:
af:94:20:bc:4b:2c:da:d2:83:0c:d6:bf:01:ea:b2:e9:83:c7:
a1:45:a2:26:df:42:e1:a8:03:3d:cb:e2:3a:0e:d0:d0:2c:dd:
8f:56:c7:18:b6:96:14:14:29:d3:23:65:e7:1e:cf:52:40:87:
a5:5d:67:df:02:40:a7:02:ac:58:ba:70:7f:39:b6:c6:d5:92:
08:7d:2e:09:07:33:e2:bb:99:ca:fd:4b:b7:fa:f5:25:1b:24:
c8:01:87:d6:58:1c:e4:6a:13:2b:31:df:5a:23:67:0a:ef:bf:
2f:50:61:d5:2b:4c:6d:6f:55:1f:22:50:8f:09:f2:9d:7c:48:
02:a3:0a:63
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZXrXpuSpoSrVDVY2+pZTWxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjUwMzMxMDg0MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNhOTczMThiNjliMDY2YzhjMDEyZGYyMDVhNGQ5YjZiYzZkMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSa+SQ1SC4Xx8i9yE0R2l0/brZMA
HfL6vjuRxPfnkWHPHivmuc9QhUj+KEX3SkwkG8cdX5h7XHqDqjxkIySCRM5kCXzu
WPTVzfXo7H0ZB/HzNlewygYWdnm6G9tcRelLx2ATOnicgHZgugeINPsK0YpmsXEz
w8JHUX6t1eiYkgquuWUW477kLb4MiB3sfR4rZIzKrSRbzx3A4bcztVu/BIWGzNSe
gJorqKDxaoW/laTzSijWmGHuEdIsLQoADfjWs3TYcFJgu7fb6+G92yfVjPM/4n5g
Tsyb0W64XjIo4X10XNP5PYeK9WB/MNbMmQWl+r3+vgCI5BeYq7TOLPvPMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNE6lzGLabBmyMAS3yBaTZtrxtLPMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvMFRxWE1ZdHBzR2JJd0JMZklGcE5tMnZHMHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCTW9AAwQB
wqQAMA8EAgACMAkDBwAqFDIAKhQwDQYJKoZIhvcNAQELBQADggEBAAb934WkG8B9
lEINJDFBdL/WCShDFhaZDRANAEED20X5/emmZmagohyHwLrFWK+8a2d+I7vsOc/s
WjvEQRHj6LIpem4nJt81kaK6lY46Jc/sa/pqQCS2G5nzHvrwWNjswegQ/sIC5Ncd
1aq+t1pnS92udQcExqFDylCm8Tf1a6+UILxLLNrSgwzWvwHqsumDx6FFoibfQuGo
Az3L4joO0NAs3Y9Wxxi2lhQUKdMjZecez1JAh6VdZ98CQKcCrFi6cH85tsbVkgh9
LgkHM+K7mcr9S7f69SUbJMgBh9ZYHORqEysx31ojZwrvvy9QYdUrTG1vVR8iUI8J
8p18SAKjCmM=
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:47:05 2025 by rpki-client on console.sobornost.net