Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/Wz8gpxFEqCzA2qAsOF9aMTaoyYY.roa
File: Wz8gpxFEqCzA2qAsOF9aMTaoyYY.roa (raw, json)
Hash identifier: 8Yp0I8zuDn5gEhy8EguTTzeHbg2UtzMf6sSJEuTPZH4=
Subject key identifier: 5B:3F:20:A7:11:44:A8:2C:C0:DA:A0:2C:38:5F:5A:31:36:A8:C9:86
Certificate issuer: /CN=86963d003134ccda56fedfeb278f7a768a7f402f
Certificate serial: 019422FC31E132F1AF58C715EB52BEC18D64
Authority key identifier: 86:96:3D:00:31:34:CC:DA:56:FE:DF:EB:27:8F:7A:76:8A:7F:40:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/Wz8gpxFEqCzA2qAsOF9aMTaoyYY.roa
Signing time: Wed 01 Jan 2025 17:49:00 +0000
ROA not before: Wed 01 Jan 2025 17:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48257
IP address blocks: 185.187.188.0/22 maxlen: 24
195.138.232.0/21 maxlen: 24
217.71.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:31:e1:32:f1:af:58:c7:15:eb:52:be:c1:8d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86963d003134ccda56fedfeb278f7a768a7f402f
Validity
Not Before: Jan 1 17:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b3f20a71144a82cc0daa02c385f5a3136a8c986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:67:f5:61:1a:81:1b:61:f3:93:93:aa:a0:4c:
66:62:75:54:1f:a8:e3:2c:a7:4e:82:2b:6c:df:34:
ee:27:82:94:00:be:84:66:05:48:57:89:69:00:1e:
61:a6:53:ae:ab:51:10:03:6e:2e:e9:6d:0a:98:c0:
b8:15:97:c3:a8:ab:85:c5:3e:7c:1a:b6:c5:43:4b:
d8:c0:9d:34:ee:b3:bd:9f:ff:ac:26:32:64:66:50:
c9:ea:fb:c8:31:71:6d:80:aa:2b:74:5c:2a:75:8f:
24:fa:71:c0:2a:ef:34:78:98:d7:8b:05:a5:e6:a7:
fb:e4:dc:52:f6:91:f6:7a:3f:a8:6c:15:9b:18:bd:
f5:97:6f:63:04:89:f9:a0:11:8d:2f:6f:7e:29:36:
81:4a:c9:9a:b2:f6:06:2c:d7:a4:8e:e9:b6:08:82:
c9:9b:a5:6e:2e:6e:9d:53:27:a9:e2:0f:e9:31:87:
cd:d1:21:94:ad:ba:4e:51:52:8a:94:32:3b:ed:13:
07:c5:e9:34:81:03:57:39:43:38:07:4d:e7:9a:c1:
e7:c0:36:c0:0f:39:c7:1b:83:89:8d:76:d1:cc:78:
44:4b:49:88:db:85:36:b5:82:bd:85:f3:c7:23:ab:
d8:2f:28:fe:35:b4:88:e0:b0:51:85:ed:d2:e8:57:
57:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3F:20:A7:11:44:A8:2C:C0:DA:A0:2C:38:5F:5A:31:36:A8:C9:86
X509v3 Authority Key Identifier:
keyid:86:96:3D:00:31:34:CC:DA:56:FE:DF:EB:27:8F:7A:76:8A:7F:40:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/Wz8gpxFEqCzA2qAsOF9aMTaoyYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/hpY9ADE0zNpW_t_rJ496dop_QC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.188.0/22
195.138.232.0/21
217.71.224.0/20
Signature Algorithm: sha256WithRSAEncryption
54:84:a6:a6:c9:8e:6f:a0:b5:7c:63:28:16:fc:2a:6c:f0:ff:
d7:5d:a7:33:f6:3f:d0:a6:ec:91:0f:16:12:09:c0:17:69:ef:
f1:9d:db:19:34:bf:2b:3b:3e:72:b2:8e:11:7f:0c:95:b3:b8:
37:17:49:e5:a6:9f:39:16:03:f4:d2:ce:03:de:d2:56:21:eb:
2b:bb:ad:c1:06:3e:13:a5:73:cd:c1:20:9a:c8:80:51:12:ce:
b3:fb:4b:7e:25:f2:e3:62:42:b4:5f:c9:d5:4c:f3:a7:12:63:
37:89:17:bb:f3:59:88:dd:c3:24:82:e9:9f:7e:cb:fc:3d:f6:
b6:d7:eb:fc:d5:72:8f:11:92:77:05:ff:74:92:b4:09:e0:35:
31:5c:e0:50:6d:df:b3:b4:e3:24:8a:e9:fc:43:77:8b:d4:65:
d8:4d:8f:95:27:2b:7f:d1:f0:c9:c0:6a:f8:a5:fb:4b:0b:e5:
6c:6b:25:57:16:9c:8a:51:12:34:52:24:d4:3c:29:5e:7a:42:
5a:1e:85:1b:9c:90:99:b9:7c:c9:14:16:77:e6:53:52:88:54:
80:be:34:99:e6:99:fa:07:40:21:50:34:a0:64:5c:c9:70:4c:
70:04:a3:15:d7:85:64:1b:7b:e4:9a:da:8d:ee:6c:d4:ae:be:
4f:e0:8c:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/DHhMvGvWMcV61K+wY1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTYzZDAwMzEzNGNjZGE1NmZlZGZlYjI3OGY3YTc2OGE3
ZjQwMmYwHhcNMjUwMTAxMTc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNmMjBhNzExNDRhODJjYzBkYWEwMmMzODVmNWEzMTM2YThjOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWf1YRqBG2Hzk5OqoExmYnVUH6jj
LKdOgits3zTuJ4KUAL6EZgVIV4lpAB5hplOuq1EQA24u6W0KmMC4FZfDqKuFxT58
GrbFQ0vYwJ007rO9n/+sJjJkZlDJ6vvIMXFtgKordFwqdY8k+nHAKu80eJjXiwWl
5qf75NxS9pH2ej+obBWbGL31l29jBIn5oBGNL29+KTaBSsmasvYGLNekjum2CILJ
m6VuLm6dUyep4g/pMYfN0SGUrbpOUVKKlDI77RMHxek0gQNXOUM4B03nmsHnwDbA
DznHG4OJjXbRzHhES0mI24U2tYK9hfPHI6vYLyj+NbSI4LBRhe3S6FdX8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFs/IKcRRKgswNqgLDhfWjE2qMmGMB8GA1UdIwQY
MBaAFIaWPQAxNMzaVv7f6yePenaKf0AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBZOUFERTB6TnBXX3Rfcko0OTZkb3BfUUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yYzA5NzEtYWVlZi00MTdlLThiNTQt
MTIxZDJjYmIyMWQ2LzEvV3o4Z3B4RkVxQ3pBMnFBc09GOWFNVGFveVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yYzA5NzEtYWVlZi00MTdlLThiNTQtMTIxZDJjYmIyMWQ2
LzEvaHBZOUFERTB6TnBXX3Rfcko0OTZkb3BfUUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCubu8AwQD
w4roAwQE2UfgMA0GCSqGSIb3DQEBCwUAA4IBAQBUhKamyY5voLV8YygW/Cps8P/X
Xacz9j/QpuyRDxYSCcAXae/xndsZNL8rOz5yso4RfwyVs7g3F0nlpp85FgP00s4D
3tJWIesru63BBj4TpXPNwSCayIBREs6z+0t+JfLjYkK0X8nVTPOnEmM3iRe781mI
3cMkgumffsv8Pfa21+v81XKPEZJ3Bf90krQJ4DUxXOBQbd+ztOMkiun8Q3eL1GXY
TY+VJyt/0fDJwGr4pftLC+VsayVXFpyKURI0UiTUPCleekJaHoUbnJCZuXzJFBZ3
5lNSiFSAvjSZ5pn6B0AhUDSgZFzJcExwBKMV14VkG3vkmtqN7mzUrr5P4IzT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:50 2025 by rpki-client on console.sobornost.net