Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/h8NM3QNMAy3JQUb-72WEZdGpGjA.roa
File: h8NM3QNMAy3JQUb-72WEZdGpGjA.roa (raw, json)
Hash identifier: Lxvl2etM6iQ3TxJnQc+Uy0mpsnRIUxQq3ad2YMjelB0=
Subject key identifier: 87:C3:4C:DD:03:4C:03:2D:C9:41:46:FE:EF:65:84:65:D1:A9:1A:30
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 019427B48E984A35E76BF8910F7855697142
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/h8NM3QNMAy3JQUb-72WEZdGpGjA.roa
Signing time: Thu 02 Jan 2025 15:48:51 +0000
ROA not before: Thu 02 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43171
IP address blocks: 77.87.77.0/24 maxlen: 24
91.189.32.0/21 maxlen: 21
195.22.126.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:8e:98:4a:35:e7:6b:f8:91:0f:78:55:69:71:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Jan 2 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87c34cdd034c032dc94146feef658465d1a91a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b9:b8:de:a2:b9:a4:7c:d4:bc:c0:0b:78:20:
7b:60:3f:2c:9c:5d:dd:b3:b8:60:0d:c2:32:76:a9:
98:ca:aa:87:f1:5e:68:9b:71:da:9f:c2:ac:65:51:
03:e3:1d:e3:29:79:de:c1:1c:a6:e7:e4:35:89:b3:
7e:c6:22:b3:39:8d:4c:bb:49:df:0a:bd:4b:c4:57:
b5:ab:e4:9d:c4:0e:67:96:79:d4:aa:97:63:3c:15:
3a:8c:5e:fd:56:2d:e8:13:c2:e8:8d:e6:8e:ce:aa:
a6:c9:49:9c:c6:10:e5:e7:ec:0f:10:c6:68:d7:94:
a9:c3:39:bc:e6:6f:45:01:ad:2e:a4:b2:58:30:0f:
39:91:15:b8:a2:fb:2c:2f:9f:75:a8:0b:e2:9a:98:
c7:b7:b3:be:36:ef:5e:fe:f7:a0:b8:f5:a6:aa:89:
c2:d0:fc:9d:af:9e:3f:b9:20:63:33:53:e0:0d:b9:
98:8a:d8:ec:56:c4:c1:b6:28:d9:8c:a2:ed:48:1f:
c4:5c:a8:3e:96:50:cb:b1:1a:de:06:97:cf:b9:52:
3f:bd:02:ee:b7:fe:b9:2e:c4:c5:59:27:62:9c:52:
1f:bb:7b:d0:4a:fe:2f:37:ec:f6:b5:a3:eb:0a:1d:
04:d9:5d:bd:a1:78:01:97:7b:8c:3c:e9:77:b2:33:
57:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C3:4C:DD:03:4C:03:2D:C9:41:46:FE:EF:65:84:65:D1:A9:1A:30
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/h8NM3QNMAy3JQUb-72WEZdGpGjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.77.0/24
91.189.32.0/21
195.22.126.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:64:39:d3:69:fa:45:48:42:62:88:12:39:fc:09:c6:7f:28:
dd:5b:0d:12:51:9f:e5:b0:16:64:e3:21:ff:7e:f3:61:2b:f8:
5d:d5:07:d5:dd:1f:ad:e2:d6:67:7d:1a:d6:74:10:c4:c4:69:
02:85:cb:96:18:0e:b6:1e:57:06:34:ca:e4:dd:1a:bb:39:b8:
85:ed:fd:0a:1e:c2:7a:20:51:c1:fd:a6:3e:87:73:11:30:26:
a4:ff:bc:1d:eb:ab:c2:fd:57:c9:e8:81:ce:64:f0:10:4d:3b:
cb:02:0a:d3:6e:02:80:e9:96:ee:2d:48:2e:d9:75:ce:70:96:
2e:11:d1:2d:aa:8e:9f:15:8a:4b:ba:2e:ec:6f:b2:b3:bb:b4:
87:6d:cb:12:0e:8a:6d:65:76:d1:ee:93:1b:8a:62:7a:b5:b0:
5f:e7:8e:d9:c0:dd:0b:9c:22:1a:28:25:94:88:3d:ca:1f:71:
66:85:3f:aa:16:a7:9c:21:4a:37:77:2a:d9:4c:cc:8f:72:c8:
49:24:29:41:a4:dc:2b:07:8d:d5:4a:43:2a:70:b5:e1:2c:3f:
22:14:b7:5c:51:83:47:6a:5b:63:4d:87:13:b0:d1:4e:1c:1b:
6e:af:7c:f0:ff:d7:7b:de:a3:54:e4:1e:8e:bc:b1:2c:53:42:
88:1d:80:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntI6YSjXna/iRD3hVaXFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjUwMTAyMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MzNGNkZDAzNGMwMzJkYzk0MTQ2ZmVlZjY1ODQ2NWQxYTkxYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Lm43qK5pHzUvMALeCB7YD8snF3d
s7hgDcIydqmYyqqH8V5om3Han8KsZVED4x3jKXnewRym5+Q1ibN+xiKzOY1Mu0nf
Cr1LxFe1q+SdxA5nlnnUqpdjPBU6jF79Vi3oE8LojeaOzqqmyUmcxhDl5+wPEMZo
15Spwzm85m9FAa0upLJYMA85kRW4ovssL591qAvimpjHt7O+Nu9e/veguPWmqonC
0Pydr54/uSBjM1PgDbmYitjsVsTBtijZjKLtSB/EXKg+llDLsRreBpfPuVI/vQLu
t/65LsTFWSdinFIfu3vQSv4vN+z2taPrCh0E2V29oXgBl3uMPOl3sjNXNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfDTN0DTAMtyUFG/u9lhGXRqRowMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvaDhOTTNRTk1BeTNKUVViLTcyV0VaZEdwR2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVdNAwQD
W70gAwQBwxZ+MA0GCSqGSIb3DQEBCwUAA4IBAQAqZDnTafpFSEJiiBI5/AnGfyjd
Ww0SUZ/lsBZk4yH/fvNhK/hd1QfV3R+t4tZnfRrWdBDExGkChcuWGA62HlcGNMrk
3Rq7ObiF7f0KHsJ6IFHB/aY+h3MRMCak/7wd66vC/VfJ6IHOZPAQTTvLAgrTbgKA
6ZbuLUgu2XXOcJYuEdEtqo6fFYpLui7sb7Kzu7SHbcsSDoptZXbR7pMbimJ6tbBf
547ZwN0LnCIaKCWUiD3KH3FmhT+qFqecIUo3dyrZTMyPcshJJClBpNwrB43VSkMq
cLXhLD8iFLdcUYNHaltjTYcTsNFOHBtur3zw/9d73qNU5B6OvLEsU0KIHYA5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:28 2025 by rpki-client on console.sobornost.net