Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/wcZjktD-ylafAYUQZwppn2FKmAo.roa
File: wcZjktD-ylafAYUQZwppn2FKmAo.roa (raw, json)
Hash identifier: 6FO9tRnnTKaMi5T8L6VAMjnhKIgt7OcDLSl6CIBc5kI=
Subject key identifier: C1:C6:63:92:D0:FE:CA:56:9F:01:85:10:67:0A:69:9F:61:4A:98:0A
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 01941FFA6A8EBF954E32509B50CD0161F11F
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/wcZjktD-ylafAYUQZwppn2FKmAo.roa
Signing time: Wed 01 Jan 2025 03:48:12 +0000
ROA not before: Wed 01 Jan 2025 03:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 31.42.176.0/23 maxlen: 24
37.16.75.0/24 maxlen: 24
91.202.4.0/23 maxlen: 24
2a11:6100::/32 maxlen: 32
2a11:6101::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6a:8e:bf:95:4e:32:50:9b:50:cd:01:61:f1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Jan 1 03:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1c66392d0feca569f018510670a699f614a980a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:c6:37:23:2c:d5:90:93:20:b0:d6:36:68:
4f:ad:c7:15:cb:b3:01:df:dc:6e:10:18:24:a7:77:
b2:37:79:92:99:22:14:9a:1f:f3:08:fa:b4:02:01:
a0:ad:fe:16:72:1b:de:23:2e:d0:a2:94:56:cb:0e:
d6:9f:e8:6f:7c:6c:22:58:4e:6d:bd:c5:88:6a:f2:
ab:9e:c3:81:5c:b2:35:e1:e5:84:05:de:82:44:52:
31:4b:8e:69:ce:31:b9:53:04:3f:be:e9:98:c9:53:
73:8f:c7:3b:53:22:a6:27:8b:c4:ed:c8:30:3d:94:
19:6e:99:79:8c:62:da:d9:da:f2:52:2b:9b:50:0f:
04:e7:c9:a9:39:13:cc:ef:67:cb:29:e1:48:87:8e:
2a:cd:14:69:60:00:9a:e9:e2:86:ae:e4:9c:38:54:
d5:11:ce:ca:fc:4b:b5:95:4b:06:bc:4e:bc:d4:d6:
60:2e:e7:ba:c1:47:7b:c4:58:95:c4:bf:67:ab:62:
62:f1:e4:da:da:2f:0f:d7:4f:3e:4b:01:f9:33:2d:
c2:a8:30:09:57:67:65:14:88:32:c2:ec:b3:ea:f6:
ba:bd:d1:0f:a7:ad:65:08:2a:62:36:ce:a9:67:59:
fd:c0:7e:fb:84:07:31:1d:02:73:56:f7:01:d2:4d:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C6:63:92:D0:FE:CA:56:9F:01:85:10:67:0A:69:9F:61:4A:98:0A
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/wcZjktD-ylafAYUQZwppn2FKmAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.176.0/23
37.16.75.0/24
91.202.4.0/23
IPv6:
2a11:6100::/31
Signature Algorithm: sha256WithRSAEncryption
74:e2:ec:df:c5:7a:7a:3b:10:aa:1c:89:bf:98:42:04:e4:fa:
f5:b2:e0:1a:3d:09:53:f7:0d:24:86:8e:71:fb:5b:fe:da:a8:
52:5d:fa:5e:8a:da:dd:8b:6e:41:53:aa:6f:06:93:76:48:9c:
6b:cc:c6:f1:30:90:ee:e1:00:75:c2:3a:fa:28:9c:22:fd:b7:
7c:fd:2a:1b:cd:a9:44:15:69:45:09:bb:78:36:67:ef:6e:db:
83:7f:fe:d2:4f:a1:ba:02:66:4c:dd:ef:6d:78:7f:95:ed:a6:
7e:ed:10:02:57:4e:b2:f6:dd:5b:db:f6:fb:4a:25:57:2c:ac:
dc:0d:22:0e:ba:76:0c:21:a1:35:87:67:eb:9e:56:f0:ad:14:
22:2a:56:da:06:3f:d0:66:40:26:2e:14:17:6a:68:d8:bb:25:
1f:cc:69:51:81:cb:ec:52:cb:cd:21:8d:89:74:8e:83:65:61:
91:c8:8c:89:d6:a7:e8:74:ea:bc:80:5e:66:64:99:90:3e:b8:
ee:57:9c:6b:9a:c8:e8:fd:09:3e:d4:e9:df:64:04:39:df:69:
ea:67:fa:c2:84:a8:2f:63:74:e6:a2:f4:26:79:9d:03:5d:0c:
ab:3e:e8:ed:f6:3b:11:7c:dd:0d:1f:0d:bf:00:fa:0c:6e:e1:
98:1a:c5:46
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQf+mqOv5VOMlCbUM0BYfEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjUwMTAxMDM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM2NjM5MmQwZmVjYTU2OWYwMTg1MTA2NzBhNjk5ZjYxNGE5ODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb3GNyMs1ZCTILDWNmhPrccVy7MB
39xuEBgkp3eyN3mSmSIUmh/zCPq0AgGgrf4WchveIy7QopRWyw7Wn+hvfGwiWE5t
vcWIavKrnsOBXLI14eWEBd6CRFIxS45pzjG5UwQ/vumYyVNzj8c7UyKmJ4vE7cgw
PZQZbpl5jGLa2dryUiubUA8E58mpORPM72fLKeFIh44qzRRpYACa6eKGruScOFTV
Ec7K/Eu1lUsGvE681NZgLue6wUd7xFiVxL9nq2Ji8eTa2i8P108+SwH5My3CqDAJ
V2dlFIgywuyz6va6vdEPp61lCCpiNs6pZ1n9wH77hAcxHQJzVvcB0k3boQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMHGY5LQ/spWnwGFEGcKaZ9hSpgKMB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvd2Naamt0RC15bGFmQVlVUVp3cHBuMkZLbUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBHyqwAwQA
JRBLAwQBW8oEMA0EAgACMAcDBQEqEWEAMA0GCSqGSIb3DQEBCwUAA4IBAQB04uzf
xXp6OxCqHIm/mEIE5Pr1suAaPQlT9w0kho5x+1v+2qhSXfpeitrdi25BU6pvBpN2
SJxrzMbxMJDu4QB1wjr6KJwi/bd8/SobzalEFWlFCbt4NmfvbtuDf/7ST6G6AmZM
3e9teH+V7aZ+7RACV06y9t1b2/b7SiVXLKzcDSIOunYMIaE1h2frnlbwrRQiKlba
Bj/QZkAmLhQXamjYuyUfzGlRgcvsUsvNIY2JdI6DZWGRyIyJ1qfodOq8gF5mZJmQ
PrjuV5xrmsjo/Qk+1OnfZAQ532nqZ/rChKgvY3TmovQmeZ0DXQyrPujt9jsRfN0N
Hw2/APoMbuGYGsVG
-----END CERTIFICATE-----
Generated at Tue Mar 25 19:01:05 2025 by rpki-client on console.sobornost.net