Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/W3mDa3qMM3UMHKwdjXNmQQYwzCo.roa
File: W3mDa3qMM3UMHKwdjXNmQQYwzCo.roa (raw, json)
Hash identifier: uhcnNrB9w8L6u9yOsZumoNimMZDsDc9Fp+1S6uVCDDA=
Subject key identifier: 5B:79:83:6B:7A:8C:33:75:0C:1C:AC:1D:8D:73:66:41:06:30:CC:2A
Certificate issuer: /CN=35e84c063a2180b23f5f6d3162a75b3092f5c18d
Certificate serial: 01941FFA601CBA65CFD095B819F1ED0C4C03
Authority key identifier: 35:E8:4C:06:3A:21:80:B2:3F:5F:6D:31:62:A7:5B:30:92:F5:C1:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/W3mDa3qMM3UMHKwdjXNmQQYwzCo.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201085
IP address blocks: 157.97.136.0/21 maxlen: 21
185.86.168.0/22 maxlen: 22
2a03:77a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:60:1c:ba:65:cf:d0:95:b8:19:f1:ed:0c:4c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35e84c063a2180b23f5f6d3162a75b3092f5c18d
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b79836b7a8c33750c1cac1d8d7366410630cc2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:c2:92:27:c8:45:5a:95:e6:71:5d:9e:d3:
af:36:36:c3:1e:8b:86:9d:6e:83:7c:5c:51:9b:ee:
d3:b0:ba:e3:12:c8:75:ab:79:2a:b7:62:b4:70:2e:
fc:97:c4:28:84:10:e7:22:9c:70:7e:13:6a:af:9c:
e5:43:c3:97:64:d9:34:4f:75:ba:9f:dc:d6:f6:92:
04:32:8e:82:1a:f9:44:99:a9:99:76:3d:89:9c:85:
96:b4:f5:91:d4:0a:41:5d:4e:d2:87:d8:c0:4d:cc:
cc:b4:6a:a4:c2:4b:bb:e3:23:6a:56:4f:9e:31:b6:
7e:05:e2:d1:61:0c:ce:34:18:3e:11:bd:9e:ba:c9:
60:bb:10:2f:ab:b8:2d:86:54:21:37:fd:e6:aa:a0:
96:67:f6:75:71:3f:6d:6f:20:2c:24:1b:c3:9b:32:
b9:22:37:dd:92:e0:77:46:e3:b2:14:b7:fa:3f:57:
2c:c8:94:bf:fd:85:7c:f0:17:19:4a:64:3f:d9:a0:
25:09:84:83:bd:6b:ed:1b:99:f6:df:84:f8:b5:8f:
73:cc:ff:97:bd:dc:2d:04:fc:67:d3:30:cf:e8:b8:
51:56:b7:d2:a3:16:27:f8:5d:74:46:df:f1:69:a2:
6c:55:97:58:aa:1c:7c:d0:ec:7f:6b:17:82:54:24:
f5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:79:83:6B:7A:8C:33:75:0C:1C:AC:1D:8D:73:66:41:06:30:CC:2A
X509v3 Authority Key Identifier:
keyid:35:E8:4C:06:3A:21:80:B2:3F:5F:6D:31:62:A7:5B:30:92:F5:C1:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/W3mDa3qMM3UMHKwdjXNmQQYwzCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.136.0/21
185.86.168.0/22
IPv6:
2a03:77a0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:b4:06:42:b7:4a:9a:78:98:59:05:49:e1:fe:11:1b:29:da:
77:91:16:a9:c5:fc:63:a8:a6:22:2e:fe:a4:a1:e5:d2:8e:41:
ce:b1:70:77:43:c2:e6:21:e8:7d:13:ad:15:93:3e:bf:87:21:
42:84:5c:a6:71:8e:ab:2f:61:b4:d2:d5:50:11:43:38:9e:37:
73:12:81:14:3b:a3:46:ea:84:b8:72:3e:bb:66:cf:c5:31:43:
8e:c5:7d:b9:68:84:83:32:9b:8a:60:43:90:13:ac:42:77:c3:
34:55:a3:d0:c7:f3:8d:1d:18:64:f4:85:f6:c4:68:aa:ec:dd:
11:e3:10:5a:1a:3b:61:1e:28:19:a4:5f:7a:d9:7b:d9:39:6e:
8d:2f:54:64:8b:25:14:cb:f9:ad:dd:98:c1:0c:ec:1d:b6:ae:
71:e9:37:58:43:b3:81:48:8b:42:38:73:45:35:88:0d:02:8c:
7a:f2:96:d7:67:fa:69:1e:ef:ac:73:97:c7:d4:84:7e:35:4c:
cd:18:af:09:3e:bf:95:8a:1b:8c:1f:f0:a6:a8:78:7d:f0:5a:
20:71:ac:89:55:5f:f9:fe:06:e9:6a:bc:28:2a:ec:64:77:8b:
b1:73:53:d9:26:78:2a:58:bd:97:6f:92:10:00:4c:69:1a:4d:
69:7f:4b:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+mAcumXP0JW4GfHtDEwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTg0YzA2M2EyMTgwYjIzZjVmNmQzMTYyYTc1YjMwOTJm
NWMxOGQwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc5ODM2YjdhOGMzMzc1MGMxY2FjMWQ4ZDczNjY0MTA2MzBjYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6LCkifIRVqV5nFdntOvNjbDHouG
nW6DfFxRm+7TsLrjEsh1q3kqt2K0cC78l8QohBDnIpxwfhNqr5zlQ8OXZNk0T3W6
n9zW9pIEMo6CGvlEmamZdj2JnIWWtPWR1ApBXU7Sh9jATczMtGqkwku74yNqVk+e
MbZ+BeLRYQzONBg+Eb2euslguxAvq7gthlQhN/3mqqCWZ/Z1cT9tbyAsJBvDmzK5
IjfdkuB3RuOyFLf6P1csyJS//YV88BcZSmQ/2aAlCYSDvWvtG5n234T4tY9zzP+X
vdwtBPxn0zDP6LhRVrfSoxYn+F10Rt/xaaJsVZdYqhx80Ox/axeCVCT14wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFt5g2t6jDN1DBysHY1zZkEGMMwqMB8GA1UdIwQY
MBaAFDXoTAY6IYCyP19tMWKnWzCS9cGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82Y2E4NTItZWQ0Yi00MWQxLWE3YjYt
ODRhNzFjYzMyZDQ4LzEvVzNtRGEzcU1NM1VNSEt3ZGpYTm1RUVl3ekNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82Y2E4NTItZWQ0Yi00MWQxLWE3YjYtODRhNzFjYzMyZDQ4
LzEvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnWGIAwQC
uVaoMA0EAgACMAcDBQAqA3egMA0GCSqGSIb3DQEBCwUAA4IBAQBrtAZCt0qaeJhZ
BUnh/hEbKdp3kRapxfxjqKYiLv6koeXSjkHOsXB3Q8LmIeh9E60Vkz6/hyFChFym
cY6rL2G00tVQEUM4njdzEoEUO6NG6oS4cj67Zs/FMUOOxX25aISDMpuKYEOQE6xC
d8M0VaPQx/ONHRhk9IX2xGiq7N0R4xBaGjthHigZpF962XvZOW6NL1RkiyUUy/mt
3ZjBDOwdtq5x6TdYQ7OBSItCOHNFNYgNAox68pbXZ/ppHu+sc5fH1IR+NUzNGK8J
Pr+VihuMH/CmqHh98FogcayJVV/5/gbparwoKuxkd4uxc1PZJngqWL2Xb5IQAExp
Gk1pf0si
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:12 2025 by rpki-client on console.sobornost.net