Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/AJ_AO_dUFGtaNOJf-R2jT-KypPc.roa
File: AJ_AO_dUFGtaNOJf-R2jT-KypPc.roa (raw, json)
Hash identifier: CTLC7BEk13fH9Lb2483EWwJXR9UMoaKhXmzsu2g/OAc=
Subject key identifier: 00:9F:C0:3B:F7:54:14:6B:5A:34:E2:5F:F9:1D:A3:4F:E2:B2:A4:F7
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 0194957AE40625B97459889EB5FFA128FD3F
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/AJ_AO_dUFGtaNOJf-R2jT-KypPc.roa
Signing time: Thu 23 Jan 2025 23:24:06 +0000
ROA not before: Thu 23 Jan 2025 23:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201642
IP address blocks: 77.111.64.0/22 maxlen: 22
121.127.36.0/24 maxlen: 24
194.164.0.0/23 maxlen: 23
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:95:7a:e4:06:25:b9:74:59:88:9e:b5:ff:a1:28:fd:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Jan 23 23:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=009fc03bf754146b5a34e25ff91da34fe2b2a4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:8e:bb:0d:27:ec:a7:77:33:a8:d1:1a:6d:
92:95:99:55:ae:0b:a1:10:c2:30:92:24:90:a7:59:
6f:c2:ee:0e:db:69:f3:1e:f1:6d:e7:e0:61:17:8a:
6b:37:04:63:49:e6:d5:4c:c3:86:c5:5e:21:ec:53:
29:db:b8:a8:c6:a0:e0:64:1e:16:d8:c8:e4:22:d1:
48:11:89:83:80:c1:9f:31:d3:db:c9:ea:9c:8d:6d:
f1:ec:3d:bd:1d:d8:75:ab:35:25:49:4a:23:5a:f7:
f1:a0:7a:ee:70:16:3b:61:79:83:5d:b5:1e:e7:ca:
ef:3c:de:3f:91:c1:b0:a0:ef:7a:77:83:00:0b:22:
5a:31:34:95:19:48:06:01:87:e9:b8:d9:78:15:5a:
6b:9c:ed:d8:aa:c7:ba:b9:7c:a6:ff:e7:2a:53:fd:
fe:56:8d:b5:ee:01:f1:7a:8a:a9:33:c9:a8:27:cc:
00:a9:47:c2:04:08:78:58:59:d2:8c:3d:3d:0f:0e:
af:20:c1:62:16:81:51:35:74:26:53:39:49:a5:a9:
25:54:69:e5:bf:d4:96:48:92:f9:85:8a:32:41:02:
92:86:dd:47:4b:54:a5:d0:ab:c4:e4:d2:ea:71:9f:
ee:4c:eb:b6:29:83:ab:fa:29:e8:89:f3:fe:dd:a9:
0c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9F:C0:3B:F7:54:14:6B:5A:34:E2:5F:F9:1D:A3:4F:E2:B2:A4:F7
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/AJ_AO_dUFGtaNOJf-R2jT-KypPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.64.0/22
121.127.36.0/24
194.164.0.0/23
IPv6:
2a14:3200:2a14::/48
Signature Algorithm: sha256WithRSAEncryption
72:0b:49:e8:9c:c0:ff:c6:a8:91:4d:20:f7:c7:4b:3f:53:96:
4d:7f:fb:bb:3a:03:bb:21:25:16:71:69:57:da:fb:dc:fa:22:
79:00:30:16:41:c1:fa:51:e2:b1:38:d7:68:9f:90:8c:3b:72:
3e:e6:d5:cd:d3:dc:46:bc:e6:a6:97:82:32:be:43:72:f2:91:
b1:26:df:fa:c8:99:0a:67:f8:f9:cf:78:6f:cd:2a:af:c0:fd:
07:35:5e:ef:ad:dc:a1:95:e3:51:fe:d5:ee:6d:5a:6b:70:33:
82:85:1b:e7:f6:53:9d:5a:85:08:ab:45:f2:ed:04:c3:63:d8:
30:7d:12:8b:b8:2c:d3:29:b8:8b:7a:02:eb:e4:3a:35:24:cb:
f6:ca:cc:88:64:e4:bf:2f:a9:18:1b:ae:a3:90:4e:5b:57:7b:
c6:84:48:e6:76:17:6f:6f:40:9b:83:d1:e3:fc:13:b8:b5:37:
f6:d9:8d:5c:21:a8:e1:2c:f2:8c:e5:b6:0a:c1:17:69:b2:0b:
65:8a:0e:7e:80:d4:fb:f7:e1:3d:3e:56:8d:5c:fa:9c:3d:36:
6d:ab:6c:74:09:78:81:ae:64:fd:5d:e2:56:3b:e6:d8:85:5a:
95:4e:84:9d:b3:a9:b5:b1:15:d8:af:d6:17:9d:dc:fd:8c:6f:
bb:ae:31:66
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZSVeuQGJbl0WYietf+hKP0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjUwMTIzMjMyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDlmYzAzYmY3NTQxNDZiNWEzNGUyNWZmOTFkYTM0ZmUyYjJhNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufaOuw0n7Kd3M6jRGm2SlZlVrguh
EMIwkiSQp1lvwu4O22nzHvFt5+BhF4prNwRjSebVTMOGxV4h7FMp27ioxqDgZB4W
2MjkItFIEYmDgMGfMdPbyeqcjW3x7D29Hdh1qzUlSUojWvfxoHrucBY7YXmDXbUe
58rvPN4/kcGwoO96d4MACyJaMTSVGUgGAYfpuNl4FVprnO3Yqse6uXym/+cqU/3+
Vo217gHxeoqpM8moJ8wAqUfCBAh4WFnSjD09Dw6vIMFiFoFRNXQmUzlJpaklVGnl
v9SWSJL5hYoyQQKSht1HS1Sl0KvE5NLqcZ/uTOu2KYOr+inoifP+3akMqwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFACfwDv3VBRrWjTiX/kdo0/isqT3MB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvQUpfQU9fZFVGR3RhTk9KZi1SMmpULUt5cFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCTW9AAwQA
eX8kAwQBwqQAMA8EAgACMAkDBwAqFDIAKhQwDQYJKoZIhvcNAQELBQADggEBAHIL
SeicwP/GqJFNIPfHSz9Tlk1/+7s6A7shJRZxaVfa+9z6InkAMBZBwfpR4rE412if
kIw7cj7m1c3T3Ea85qaXgjK+Q3LykbEm3/rImQpn+PnPeG/NKq/A/Qc1Xu+t3KGV
41H+1e5tWmtwM4KFG+f2U51ahQirRfLtBMNj2DB9Eou4LNMpuIt6AuvkOjUky/bK
zIhk5L8vqRgbrqOQTltXe8aESOZ2F29vQJuD0eP8E7i1N/bZjVwhqOEs8ozltgrB
F2myC2WKDn6A1Pv34T0+Vo1c+pw9Nm2rbHQJeIGuZP1d4lY75tiFWpVOhJ2zqbWx
Fdiv1hed3P2Mb7uuMWY=
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:02:42 2025 by rpki-client on console.sobornost.net