Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/rfaYifv6vP09LUDZyJgmXgNuRBY.roa
File: rfaYifv6vP09LUDZyJgmXgNuRBY.roa (raw, json)
Hash identifier: 3YnmTkreSCvZ8bmkdTX5JVA41X7rmqWV9kGtu5UglLY=
Subject key identifier: AD:F6:98:89:FB:FA:BC:FD:3D:2D:40:D9:C8:98:26:5E:03:6E:44:16
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 0194228D6B847943335CEF91C58B07CA81C9
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/rfaYifv6vP09LUDZyJgmXgNuRBY.roa
Signing time: Wed 01 Jan 2025 15:48:00 +0000
ROA not before: Wed 01 Jan 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39679
IP address blocks: 77.221.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:6b:84:79:43:33:5c:ef:91:c5:8b:07:ca:81:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adf69889fbfabcfd3d2d40d9c898265e036e4416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:4a:16:11:84:fa:36:a3:b5:3d:c2:0b:65:
de:64:82:75:e9:c7:1a:29:c2:1b:5a:d1:de:73:7d:
66:f5:54:67:1c:0e:a6:c1:9d:13:35:7d:4f:5e:db:
dd:c9:70:ac:b7:e4:f9:1f:1c:19:00:79:13:51:bf:
71:09:d9:f7:dd:4d:9f:b7:d7:a1:26:c7:a3:fe:11:
ee:c9:82:99:ea:ab:00:40:f8:81:a6:57:ba:f1:e8:
a5:da:f0:1f:d0:fc:9e:22:5a:27:d5:81:c6:34:25:
3a:7e:22:12:bc:9d:b4:09:99:29:09:2d:3f:43:93:
d7:3b:20:c1:80:14:20:6a:76:0e:b0:04:fe:d5:82:
99:b3:49:81:7f:fa:75:0c:60:e7:87:2e:01:c1:27:
ae:85:27:03:a4:65:e2:87:2a:91:88:7a:dc:8e:fc:
32:e8:37:ed:ad:02:2d:86:e4:7b:5d:be:1c:d4:1d:
e5:3b:ad:f3:b2:73:cb:d1:d3:0b:6f:01:51:d6:f6:
3c:91:df:60:2e:ef:e3:3e:58:c8:71:bf:20:4a:19:
1e:d8:2e:a1:79:14:42:5e:d3:bd:47:30:62:9d:e6:
3a:a8:59:14:85:eb:7e:6a:30:59:0f:ed:f7:93:2c:
d0:c1:df:9d:9c:5b:07:75:ab:ba:b4:7b:cd:d8:20:
33:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F6:98:89:FB:FA:BC:FD:3D:2D:40:D9:C8:98:26:5E:03:6E:44:16
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/rfaYifv6vP09LUDZyJgmXgNuRBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.49.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d9:cc:20:06:48:79:42:a4:db:b1:6d:25:a2:e1:27:6b:0e:
5b:ca:92:d1:a6:f0:8b:1c:3c:91:d1:ae:66:a4:ea:8a:9b:e9:
d0:fd:b6:23:42:db:57:b3:c0:f7:44:7f:f0:37:79:f7:54:0f:
7c:0c:be:b4:6c:5c:8b:ea:4b:21:d7:bc:6e:04:8a:17:7e:00:
b8:90:76:a6:12:2b:39:ba:4d:bd:c2:88:bd:6f:9c:d8:5c:0f:
16:db:3c:11:d5:eb:e9:ed:eb:b8:4a:94:59:43:f9:3a:cc:15:
a1:ee:05:7d:00:ce:ac:5b:e2:25:77:20:4c:0e:40:ab:6c:a3:
3f:4a:d9:9f:aa:8b:07:3b:e5:29:3c:f8:53:f6:2a:07:6d:a1:
27:63:df:cf:05:73:41:6e:34:98:e8:96:99:c2:af:d4:40:3a:
65:ed:12:ef:c7:69:49:bf:99:ee:a3:3a:54:8d:6a:d4:86:7e:
9e:f3:a0:cb:51:4b:a8:c1:8a:4c:33:eb:9c:04:4c:be:39:ff:
9a:4b:29:11:3b:94:79:ef:fd:76:f5:14:b0:bb:af:3f:93:b3:
cc:8a:3a:3b:a7:53:cb:b5:bc:4b:bb:c6:e7:43:f2:5b:13:aa:
ad:9b:6e:a3:1f:b4:80:00:62:7d:25:cb:e0:5d:43:98:f7:96:
1e:60:eb:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijWuEeUMzXO+RxYsHyoHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjUwMTAxMTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGY2OTg4OWZiZmFiY2ZkM2QyZDQwZDljODk4MjY1ZTAzNmU0NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmRKFhGE+jajtT3CC2XeZIJ16cca
KcIbWtHec31m9VRnHA6mwZ0TNX1PXtvdyXCst+T5HxwZAHkTUb9xCdn33U2ft9eh
Jsej/hHuyYKZ6qsAQPiBple68eil2vAf0PyeIlon1YHGNCU6fiISvJ20CZkpCS0/
Q5PXOyDBgBQganYOsAT+1YKZs0mBf/p1DGDnhy4BwSeuhScDpGXihyqRiHrcjvwy
6DftrQIthuR7Xb4c1B3lO63zsnPL0dMLbwFR1vY8kd9gLu/jPljIcb8gShke2C6h
eRRCXtO9RzBineY6qFkUhet+ajBZD+33kyzQwd+dnFsHdau6tHvN2CAzXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK32mIn7+rz9PS1A2ciYJl4DbkQWMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvcmZhWWlmdjZ2UDA5TFVEWnlKZ21YZ051UkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATd0xMA0G
CSqGSIb3DQEBCwUAA4IBAQBn2cwgBkh5QqTbsW0louEnaw5bypLRpvCLHDyR0a5m
pOqKm+nQ/bYjQttXs8D3RH/wN3n3VA98DL60bFyL6ksh17xuBIoXfgC4kHamEis5
uk29woi9b5zYXA8W2zwR1evp7eu4SpRZQ/k6zBWh7gV9AM6sW+IldyBMDkCrbKM/
StmfqosHO+UpPPhT9ioHbaEnY9/PBXNBbjSY6JaZwq/UQDpl7RLvx2lJv5nuozpU
jWrUhn6e86DLUUuowYpMM+ucBEy+Of+aSykRO5R57/129RSwu68/k7PMijo7p1PL
tbxLu8bnQ/JbE6qtm26jH7SAAGJ9JcvgXUOY95YeYOsf
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:22 2025 by rpki-client on console.sobornost.net