Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/OFayo_Q6G404zPfDB6MTE1g5H2k.roa
File: OFayo_Q6G404zPfDB6MTE1g5H2k.roa (raw, json)
Hash identifier: eWbnL95pplhctyh2C77hdeRRP+Y+5PHTJn87GePuTYo=
Subject key identifier: 38:56:B2:A3:F4:3A:1B:8D:38:CC:F7:C3:07:A3:13:13:58:39:1F:69
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 01953C11695974868E23F8C59414860CFD28
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/OFayo_Q6G404zPfDB6MTE1g5H2k.roa
Signing time: Tue 25 Feb 2025 07:45:28 +0000
ROA not before: Tue 25 Feb 2025 07:45:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 77.111.68.0/22 maxlen: 22
77.111.72.0/21 maxlen: 21
77.111.80.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:11:69:59:74:86:8e:23:f8:c5:94:14:86:0c:fd:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Feb 25 07:45:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3856b2a3f43a1b8d38ccf7c307a3131358391f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cc:26:02:1a:2a:b7:fa:18:2b:c9:33:53:a4:
2e:b9:08:fa:0b:08:c0:da:da:35:fe:74:45:55:74:
ac:65:ec:50:13:e7:00:de:b2:31:54:06:26:8e:dd:
e4:b2:52:8a:ea:6d:c9:2c:b6:94:bb:b7:97:8d:ab:
d0:e7:e1:f9:e0:6e:cc:4b:46:c1:59:f0:43:58:c0:
fb:69:f3:9a:12:43:09:76:0a:6d:97:de:96:03:d0:
3d:f9:4a:e4:ba:5e:35:d1:b3:07:16:85:dc:a5:e6:
90:86:0c:f2:22:b5:cf:66:86:8e:73:9f:57:db:a4:
96:2d:5d:58:32:77:37:3b:11:59:28:7d:73:e1:3d:
5b:ca:3b:95:ce:6a:c3:9c:50:24:de:f4:89:5e:8e:
8c:c0:43:9d:e3:4b:30:39:2f:52:ab:b2:3c:33:fb:
e8:21:e4:05:f8:71:27:e5:bf:a8:1b:06:00:8d:ae:
d0:1f:02:cb:f9:f8:33:a8:d3:9a:e7:13:83:56:55:
0a:44:a9:78:08:c1:e4:30:c7:d9:d5:ba:66:97:6d:
29:5d:43:21:f8:e2:fb:66:21:56:c2:20:e7:93:f9:
91:cf:87:50:a5:d1:7e:94:b3:48:17:04:cb:66:2a:
85:fb:22:67:ef:3c:e3:f4:da:c0:a3:92:c8:d2:f1:
5c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:56:B2:A3:F4:3A:1B:8D:38:CC:F7:C3:07:A3:13:13:58:39:1F:69
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/OFayo_Q6G404zPfDB6MTE1g5H2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.68.0-77.111.87.255
Signature Algorithm: sha256WithRSAEncryption
c4:e2:e7:d0:37:2c:e7:89:67:ca:39:17:5e:47:4b:5c:df:fd:
31:ba:69:d3:f5:2a:b3:a3:05:1c:34:da:f7:74:23:a4:c0:b5:
a8:97:76:59:f2:f1:b6:ba:b7:34:09:1e:0d:f8:be:dd:6a:19:
b3:47:cb:c8:86:50:f2:8f:fc:37:11:44:1b:d0:07:22:50:e5:
dd:f1:2d:39:c4:c9:37:e1:7a:7e:ec:8b:35:bf:d6:b6:59:f4:
f3:50:18:2a:8b:d8:a2:f1:09:f0:45:c0:11:d1:cf:19:f1:98:
20:c2:ba:63:44:c1:34:7b:e1:1b:d3:11:4f:69:c9:d4:d8:31:
6a:67:14:dd:7c:9b:4c:38:b9:11:82:fe:71:bf:32:72:54:56:
72:04:11:1f:5c:1f:43:b8:d8:ab:6c:c1:a6:28:b4:21:f3:69:
fa:36:54:60:d4:9c:24:c7:92:da:70:78:99:dd:9c:f1:29:30:
b4:b0:ac:4b:95:f5:f1:e8:65:13:28:10:f5:18:96:91:f9:b3:
d5:20:41:00:55:1b:13:e2:87:1d:4a:da:ab:3d:1e:65:aa:7b:
e1:f1:dc:34:e5:6c:83:ba:e2:e8:fa:cd:dd:37:12:d4:e1:a4:
78:79:b0:37:d5:ee:fd:8b:8e:69:64:93:11:18:09:8a:95:c0:
28:09:6f:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZU8EWlZdIaOI/jFlBSGDP0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjUwMjI1MDc0NTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU2YjJhM2Y0M2ExYjhkMzhjY2Y3YzMwN2EzMTMxMzU4MzkxZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cwmAhoqt/oYK8kzU6QuuQj6CwjA
2to1/nRFVXSsZexQE+cA3rIxVAYmjt3kslKK6m3JLLaUu7eXjavQ5+H54G7MS0bB
WfBDWMD7afOaEkMJdgptl96WA9A9+Urkul410bMHFoXcpeaQhgzyIrXPZoaOc59X
26SWLV1YMnc3OxFZKH1z4T1byjuVzmrDnFAk3vSJXo6MwEOd40swOS9Sq7I8M/vo
IeQF+HEn5b+oGwYAja7QHwLL+fgzqNOa5xODVlUKRKl4CMHkMMfZ1bpml20pXUMh
+OL7ZiFWwiDnk/mRz4dQpdF+lLNIFwTLZiqF+yJn7zzj9NrAo5LI0vFcowIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDhWsqP0OhuNOMz3wwejExNYOR9pMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvT0ZheW9fUTZHNDA0elBmREI2TVRFMWc1SDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJNb0QD
BANNb1AwDQYJKoZIhvcNAQELBQADggEBAMTi59A3LOeJZ8o5F15HS1zf/TG6adP1
KrOjBRw02vd0I6TAtaiXdlny8ba6tzQJHg34vt1qGbNHy8iGUPKP/DcRRBvQByJQ
5d3xLTnEyTfhen7sizW/1rZZ9PNQGCqL2KLxCfBFwBHRzxnxmCDCumNEwTR74RvT
EU9pydTYMWpnFN18m0w4uRGC/nG/MnJUVnIEER9cH0O42KtswaYotCHzafo2VGDU
nCTHktpweJndnPEpMLSwrEuV9fHoZRMoEPUYlpH5s9UgQQBVGxPihx1K2qs9HmWq
e+Hx3DTlbIO64uj6zd03EtThpHh5sDfV7v2LjmlkkxEYCYqVwCgJb4s=
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:02:42 2025 by rpki-client on console.sobornost.net