Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/IKRq77ZFuEgabQnvRx4V9wbCOX8.roa
File: IKRq77ZFuEgabQnvRx4V9wbCOX8.roa (raw, json)
Hash identifier: 9PSNNh0inUBnzCD/8bD2qlsN0ThDJRBQ+/05a2G7+Mg=
Subject key identifier: 20:A4:6A:EF:B6:45:B8:48:1A:6D:09:EF:47:1E:15:F7:06:C2:39:7F
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA5BE5C15E39FD4E2245DF3B7E0117
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/IKRq77ZFuEgabQnvRx4V9wbCOX8.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209836
IP address blocks: 87.107.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5b:e5:c1:5e:39:fd:4e:22:45:df:3b:7e:01:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20a46aefb645b8481a6d09ef471e15f706c2397f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3e:f7:fa:d1:57:f0:2c:cc:fa:5e:aa:86:5f:
6a:45:dd:6e:0b:5a:d5:12:bf:b8:42:be:ce:79:cb:
aa:76:92:15:09:1b:28:69:9d:cc:0c:3c:b6:c3:a9:
1a:2c:03:ec:15:24:f8:f1:3a:85:be:0d:38:fd:27:
2b:a4:59:11:5c:be:9c:4a:67:40:a3:b2:e0:7a:a9:
40:c4:b8:0d:23:5d:a9:1e:59:96:19:b3:38:c0:f5:
60:a0:a3:46:c9:22:de:8f:90:0c:d1:20:f5:31:d6:
54:fc:9e:13:5e:7b:3a:a3:5b:26:fc:d0:00:8d:37:
d4:54:45:cd:ed:37:69:17:ec:50:f9:8b:8d:16:9f:
98:19:aa:d9:76:01:86:ac:07:93:2f:81:f3:3f:8c:
22:52:3f:d6:ad:84:77:87:af:58:bd:b5:fa:aa:07:
f7:ba:54:93:50:9d:43:5d:e2:5f:90:2c:9e:e2:f2:
bd:89:fc:2b:52:47:68:ed:0a:9e:0d:85:d2:74:b7:
c3:e2:45:e1:29:71:27:7f:2a:ba:0c:71:2a:c0:50:
d6:28:9a:6f:04:14:68:a0:37:9d:0d:e7:be:88:05:
7c:ef:fb:1b:ff:84:15:d1:4d:a2:d8:f8:0b:0b:8e:
e9:a9:6f:09:ca:bf:9a:b3:70:49:0a:98:94:ec:be:
33:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A4:6A:EF:B6:45:B8:48:1A:6D:09:EF:47:1E:15:F7:06:C2:39:7F
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/IKRq77ZFuEgabQnvRx4V9wbCOX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.160.0/22
Signature Algorithm: sha256WithRSAEncryption
04:41:c8:02:bd:bf:ee:13:df:bb:29:0f:a1:c4:81:d3:b7:97:
4d:9c:e3:ef:2f:3f:5c:b2:a1:0f:26:3d:cd:6b:5d:b2:53:63:
98:0f:4c:00:f5:f0:6f:1e:ae:a9:fe:25:76:33:35:03:14:9c:
54:87:02:bf:2e:3a:7f:23:16:71:68:34:ef:08:e6:2c:73:1b:
87:ec:4a:b0:0f:d3:e5:c9:3b:b1:ea:4c:4b:38:9f:e9:93:96:
66:af:6e:fe:46:12:e2:04:51:48:1a:bb:5e:03:7a:5e:28:84:
6c:cf:5b:94:b9:a7:48:d1:d8:b0:df:5c:92:e8:66:3d:66:31:
1b:a2:7a:28:1e:c1:3c:c4:69:4d:4c:c3:54:44:37:59:e2:5d:
52:0b:12:4d:4f:40:2a:55:34:db:1d:06:5c:50:59:1e:5d:61:
7e:70:6e:c3:df:9a:98:44:90:9a:1b:56:72:07:59:eb:3e:89:
28:30:73:20:a1:52:8f:dc:b0:c5:51:fe:7c:72:fb:3f:17:c5:
52:fc:df:fd:94:f1:54:9c:33:cc:16:4f:20:6d:8e:d8:4e:41:
cd:db:4e:9c:fa:43:ba:38:07:c4:95:80:3b:6d:cc:bf:6e:56:
1b:ae:e1:2e:15:d2:fa:cd:f9:31:b1:82:64:f7:66:39:c8:7e:
8f:b6:0c:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lvlwV45/U4iRd87fgEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGE0NmFlZmI2NDViODQ4MWE2ZDA5ZWY0NzFlMTVmNzA2YzIzOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD73+tFX8CzM+l6qhl9qRd1uC1rV
Er+4Qr7OecuqdpIVCRsoaZ3MDDy2w6kaLAPsFST48TqFvg04/ScrpFkRXL6cSmdA
o7LgeqlAxLgNI12pHlmWGbM4wPVgoKNGySLej5AM0SD1MdZU/J4TXns6o1sm/NAA
jTfUVEXN7TdpF+xQ+YuNFp+YGarZdgGGrAeTL4HzP4wiUj/WrYR3h69YvbX6qgf3
ulSTUJ1DXeJfkCye4vK9ifwrUkdo7QqeDYXSdLfD4kXhKXEnfyq6DHEqwFDWKJpv
BBRooDedDee+iAV87/sb/4QV0U2i2PgLC47pqW8Jyr+as3BJCpiU7L4zewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCkau+2RbhIGm0J70ceFfcGwjl/MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvSUtScTc3WkZ1RWdhYlFudlJ4NFY5d2JDT1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCV2ugMA0G
CSqGSIb3DQEBCwUAA4IBAQAEQcgCvb/uE9+7KQ+hxIHTt5dNnOPvLz9csqEPJj3N
a12yU2OYD0wA9fBvHq6p/iV2MzUDFJxUhwK/Ljp/IxZxaDTvCOYscxuH7EqwD9Pl
yTux6kxLOJ/pk5Zmr27+RhLiBFFIGrteA3peKIRsz1uUuadI0diw31yS6GY9ZjEb
onooHsE8xGlNTMNURDdZ4l1SCxJNT0AqVTTbHQZcUFkeXWF+cG7D35qYRJCaG1Zy
B1nrPokoMHMgoVKP3LDFUf58cvs/F8VS/N/9lPFUnDPMFk8gbY7YTkHN206c+kO6
OAfElYA7bcy/blYbruEuFdL6zfkxsYJk92Y5yH6PtgwW
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:45:07 2025 by rpki-client