Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ghc4MPH3vTiYP5rga0h6BtqPh6A.roa
File: ghc4MPH3vTiYP5rga0h6BtqPh6A.roa (raw, json)
Hash identifier: +n/mGZaNW3qMvM/6+1HZZ0mUd3q3k/RCYwms9UGlFSw=
Subject key identifier: 82:17:38:30:F1:F7:BD:38:98:3F:9A:E0:6B:48:7A:06:DA:8F:87:A0
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 019427B48DED35D31F8A497870998DF51454
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ghc4MPH3vTiYP5rga0h6BtqPh6A.roa
Signing time: Thu 02 Jan 2025 15:48:51 +0000
ROA not before: Thu 02 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42154
IP address blocks: 77.87.76.0/24 maxlen: 24
77.87.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:8d:ed:35:d3:1f:8a:49:78:70:99:8d:f5:14:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Jan 2 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82173830f1f7bd38983f9ae06b487a06da8f87a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:3f:b7:4f:e1:70:e0:bf:3e:6a:5a:19:4d:
f3:b2:e4:b9:53:31:65:00:c4:33:2d:4d:21:2e:53:
c0:d7:81:5f:0e:cf:ea:c5:9c:5c:76:dd:61:21:29:
a9:fe:0c:57:5f:ce:c2:6a:40:af:1a:04:a3:e6:91:
c1:8d:b5:26:52:f3:ed:51:7e:0f:21:95:f8:6b:6c:
0f:ff:29:6b:02:d2:0b:35:b6:cd:d6:12:06:e7:ae:
3c:79:f8:1f:83:3f:54:64:02:61:e0:8c:87:c2:ff:
ed:d9:8d:78:41:25:79:43:4f:7b:49:79:40:37:92:
56:d7:d8:b4:df:1e:18:90:11:36:18:42:fc:24:b1:
3d:9f:df:b7:b4:dc:cc:bb:1e:91:98:7c:b0:1b:00:
c0:39:e1:42:f7:46:6f:ce:62:fc:6f:5e:99:02:98:
fa:de:0e:49:a8:07:18:a6:7c:c0:e5:22:06:b5:1b:
6c:0f:04:06:f2:9a:a2:19:62:e6:0d:ca:e7:2e:df:
a3:0a:8f:99:fc:1b:15:48:eb:32:f0:55:09:f5:40:
c5:43:23:89:b1:56:e9:02:96:b6:e7:b0:0f:b0:65:
5a:85:97:76:49:15:41:a5:0a:ab:83:23:af:3a:b0:
fa:0b:36:ff:df:12:4f:e1:3e:0a:98:4c:1b:d2:65:
9f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:17:38:30:F1:F7:BD:38:98:3F:9A:E0:6B:48:7A:06:DA:8F:87:A0
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ghc4MPH3vTiYP5rga0h6BtqPh6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.76.0/24
77.87.79.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c8:66:bc:3a:d8:ca:c2:e7:9d:f5:2e:c1:d0:bd:97:47:5c:
7f:2f:55:2f:de:0a:3e:dd:36:47:96:e1:8e:99:1b:aa:cb:3f:
23:8b:86:3f:a3:c2:21:68:89:3e:ce:af:1d:31:64:d7:75:95:
01:a7:db:ff:18:fa:85:fb:8a:51:64:42:90:7c:2e:5e:41:29:
f4:4f:58:9e:d7:a1:c5:ee:47:5d:f6:e7:0a:7d:0d:97:cb:5e:
23:4c:bb:f2:69:6d:5a:f2:c2:58:cd:88:9d:33:bd:88:14:54:
a0:54:74:15:f1:07:b3:b6:85:82:21:91:c7:80:c0:90:3e:31:
7a:48:23:42:17:b2:52:eb:28:f9:bf:b2:e7:bc:66:38:a7:4c:
4a:31:2d:9a:a5:4a:7f:3f:ea:96:36:0e:d3:94:c0:c2:51:01:
8e:95:a1:c6:40:ca:cf:76:ec:b3:c0:1f:ed:14:0b:86:5f:18:
6a:91:44:e0:68:a2:24:c8:1c:6e:f7:98:a8:86:86:6f:ca:07:
a9:db:ae:50:95:e2:f4:b7:14:eb:0d:49:0a:08:e0:8a:73:c0:
4b:66:3c:c1:53:e7:8c:cb:45:77:30:ef:7b:da:fa:e7:9a:d3:
93:a4:b5:cb:2e:52:a6:d0:72:8b:7a:07:cb:0d:7d:fd:3e:bf:
94:87:b2:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntI3tNdMfikl4cJmN9RRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjUwMTAyMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE3MzgzMGYxZjdiZDM4OTgzZjlhZTA2YjQ4N2EwNmRhOGY4N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrs/t0/hcOC/PmpaGU3zsuS5UzFl
AMQzLU0hLlPA14FfDs/qxZxcdt1hISmp/gxXX87CakCvGgSj5pHBjbUmUvPtUX4P
IZX4a2wP/ylrAtILNbbN1hIG5648efgfgz9UZAJh4IyHwv/t2Y14QSV5Q097SXlA
N5JW19i03x4YkBE2GEL8JLE9n9+3tNzMux6RmHywGwDAOeFC90ZvzmL8b16ZApj6
3g5JqAcYpnzA5SIGtRtsDwQG8pqiGWLmDcrnLt+jCo+Z/BsVSOsy8FUJ9UDFQyOJ
sVbpApa257APsGVahZd2SRVBpQqrgyOvOrD6Czb/3xJP4T4KmEwb0mWfSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIIXODDx9704mD+a4GtIegbaj4egMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvZ2hjNE1QSDN2VGlZUDVyZ2EwaDZCdHFQaDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVdMAwQA
TVdPMA0GCSqGSIb3DQEBCwUAA4IBAQBdyGa8OtjKwued9S7B0L2XR1x/L1Uv3go+
3TZHluGOmRuqyz8ji4Y/o8IhaIk+zq8dMWTXdZUBp9v/GPqF+4pRZEKQfC5eQSn0
T1ie16HF7kdd9ucKfQ2Xy14jTLvyaW1a8sJYzYidM72IFFSgVHQV8QeztoWCIZHH
gMCQPjF6SCNCF7JS6yj5v7LnvGY4p0xKMS2apUp/P+qWNg7TlMDCUQGOlaHGQMrP
duyzwB/tFAuGXxhqkUTgaKIkyBxu95iohoZvygep265QleL0txTrDUkKCOCKc8BL
ZjzBU+eMy0V3MO972vrnmtOTpLXLLlKm0HKLegfLDX39Pr+Uh7Ip
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:52:21 2025 by rpki-client