Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/Wh1jH5vANwZcwldoZxeJx9Ms8Tw.roa
File: Wh1jH5vANwZcwldoZxeJx9Ms8Tw.roa (raw, json)
Hash identifier: /m2D3y0N+aO5CYT+TsC7FYKiJpOsP+DSU+ozinhXmV8=
Subject key identifier: 5A:1D:63:1F:9B:C0:37:06:5C:C2:57:68:67:17:89:C7:D3:2C:F1:3C
Certificate issuer: /CN=dc2c2fef9c8caf8f2f08211ef02c3d0ad3474917
Certificate serial: 019428274EC4A0235F8C75B9356468A5DD46
Authority key identifier: DC:2C:2F:EF:9C:8C:AF:8F:2F:08:21:1E:F0:2C:3D:0A:D3:47:49:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/Wh1jH5vANwZcwldoZxeJx9Ms8Tw.roa
Signing time: Thu 02 Jan 2025 17:54:11 +0000
ROA not before: Thu 02 Jan 2025 17:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56496
IP address blocks: 89.19.52.0/22 maxlen: 22
89.19.52.0/23 maxlen: 23
89.19.52.0/24 maxlen: 24
89.19.53.0/24 maxlen: 24
89.19.54.0/23 maxlen: 23
89.19.54.0/24 maxlen: 24
89.19.55.0/24 maxlen: 24
91.224.210.0/23 maxlen: 23
91.224.210.0/24 maxlen: 24
91.224.211.0/24 maxlen: 24
2a0d:bac0::/29 maxlen: 29
2a0d:bac0::/32 maxlen: 32
2a0d:bac1::/32 maxlen: 32
2a0d:bac2::/32 maxlen: 32
2a0d:bac3::/32 maxlen: 32
2a0d:bac4::/32 maxlen: 32
2a0d:bac5::/32 maxlen: 32
2a0d:bac6::/32 maxlen: 32
2a0d:bac7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:4e:c4:a0:23:5f:8c:75:b9:35:64:68:a5:dd:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc2c2fef9c8caf8f2f08211ef02c3d0ad3474917
Validity
Not Before: Jan 2 17:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a1d631f9bc037065cc25768671789c7d32cf13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:22:44:ff:4c:1a:f3:d0:74:5f:08:9a:a8:32:
39:58:0b:ef:cc:93:df:35:1c:ef:87:31:b3:ba:4a:
3a:00:cc:fe:35:55:64:cc:95:71:43:93:b5:b0:d5:
de:49:69:e8:a4:b7:f4:fc:58:86:ab:fe:d7:98:54:
5e:a4:2e:b1:a2:25:d5:db:49:b2:15:75:0b:ce:19:
9c:1e:ba:7b:86:32:e9:5b:c2:a6:05:24:31:d7:67:
c0:8a:f6:30:07:06:98:34:e7:fb:dd:71:d0:49:95:
27:39:a8:41:67:71:d4:c7:8f:ef:e1:66:71:54:0a:
b9:87:ce:f8:c4:99:44:65:ad:4d:d7:18:15:29:31:
58:f2:5b:c9:d4:4b:74:3d:e7:96:14:31:99:80:27:
ed:7d:23:93:a2:0c:93:51:1f:5a:89:8a:3f:87:f1:
0a:db:75:c8:92:19:82:36:e3:2b:9e:a5:a8:8f:de:
05:44:ce:e2:db:36:bf:6e:37:39:fe:36:ec:a2:7c:
a2:20:ad:2b:34:63:19:87:c9:dd:7f:7e:96:d1:a9:
18:d0:85:32:ee:43:4f:ac:9a:a6:30:23:cf:9e:2c:
a4:a1:79:9f:72:09:67:30:60:ce:8e:92:5f:db:b4:
23:ca:4a:e3:f0:ca:ac:da:2a:cd:50:a2:90:67:a3:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1D:63:1F:9B:C0:37:06:5C:C2:57:68:67:17:89:C7:D3:2C:F1:3C
X509v3 Authority Key Identifier:
keyid:DC:2C:2F:EF:9C:8C:AF:8F:2F:08:21:1E:F0:2C:3D:0A:D3:47:49:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/Wh1jH5vANwZcwldoZxeJx9Ms8Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/3Cwv75yMr48vCCEe8Cw9CtNHSRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.52.0/22
91.224.210.0/23
IPv6:
2a0d:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
b9:12:8e:d4:f2:91:dd:98:e3:82:e3:62:ab:19:59:34:ee:fa:
dc:f2:07:ad:76:64:0e:84:c7:72:41:92:2f:e9:89:6d:76:af:
32:67:a6:9a:ab:64:0c:94:30:e9:23:96:9c:71:d1:7e:d4:f7:
04:4c:75:89:18:fc:40:a6:f8:ba:26:33:d6:23:54:a9:e8:7f:
39:e7:93:02:83:35:37:a1:f5:52:57:26:ed:fe:9a:84:78:72:
9f:52:9c:81:86:8f:70:90:db:8c:c9:24:ab:c9:33:db:05:6f:
d0:7e:47:f9:66:ab:b4:1e:04:9b:05:60:d9:37:50:cf:72:a6:
d4:c7:fe:08:28:74:06:e5:e1:6a:07:95:93:83:e5:35:79:45:
73:a0:e5:ef:36:01:22:26:21:a0:7a:db:cb:77:f3:76:e0:0a:
8f:90:d6:94:1c:04:4d:67:5c:0c:ff:c0:62:0f:68:d4:a6:62:
24:05:56:97:9c:27:74:a8:35:13:c2:17:b2:a8:73:34:29:69:
e1:3c:dc:70:aa:99:48:e2:4d:8e:18:ad:55:16:70:62:02:de:
8c:d8:24:4a:3b:76:5d:ac:d2:3c:db:5d:b7:7b:a4:22:04:d6:
4f:f4:f7:54:fa:2f:35:3a:1d:81:f3:6b:a7:77:bd:39:33:08:
d5:4e:56:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoJ07EoCNfjHW5NWRopd1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmMyZmVmOWM4Y2FmOGYyZjA4MjExZWYwMmMzZDBhZDM0
NzQ5MTcwHhcNMjUwMTAyMTc1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFkNjMxZjliYzAzNzA2NWNjMjU3Njg2NzE3ODljN2QzMmNmMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSJE/0wa89B0XwiaqDI5WAvvzJPf
NRzvhzGzuko6AMz+NVVkzJVxQ5O1sNXeSWnopLf0/FiGq/7XmFRepC6xoiXV20my
FXULzhmcHrp7hjLpW8KmBSQx12fAivYwBwaYNOf73XHQSZUnOahBZ3HUx4/v4WZx
VAq5h874xJlEZa1N1xgVKTFY8lvJ1Et0PeeWFDGZgCftfSOTogyTUR9aiYo/h/EK
23XIkhmCNuMrnqWoj94FRM7i2za/bjc5/jbsonyiIK0rNGMZh8ndf36W0akY0IUy
7kNPrJqmMCPPniykoXmfcglnMGDOjpJf27Qjykrj8Mqs2irNUKKQZ6M7cwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFodYx+bwDcGXMJXaGcXicfTLPE8MB8GA1UdIwQY
MBaAFNwsL++cjK+PLwghHvAsPQrTR0kXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0N3djc1eU1yNDh2Q0NFZThDdzlDdE5IU1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wODUzMWItYmQ2Ni00ZmNlLWE1Njkt
ODY0NGM1ODE0YzlhLzEvV2gxakg1dkFOd1pjd2xkb1p4ZUp4OU1zOFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wODUzMWItYmQ2Ni00ZmNlLWE1NjktODY0NGM1ODE0Yzlh
LzEvM0N3djc1eU1yNDh2Q0NFZThDdzlDdE5IU1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWRM0AwQB
W+DSMA0EAgACMAcDBQMqDbrAMA0GCSqGSIb3DQEBCwUAA4IBAQC5Eo7U8pHdmOOC
42KrGVk07vrc8getdmQOhMdyQZIv6Yltdq8yZ6aaq2QMlDDpI5accdF+1PcETHWJ
GPxApvi6JjPWI1Sp6H8555MCgzU3ofVSVybt/pqEeHKfUpyBho9wkNuMySSryTPb
BW/Qfkf5Zqu0HgSbBWDZN1DPcqbUx/4IKHQG5eFqB5WTg+U1eUVzoOXvNgEiJiGg
etvLd/N24AqPkNaUHARNZ1wM/8BiD2jUpmIkBVaXnCd0qDUTwheyqHM0KWnhPNxw
qplI4k2OGK1VFnBiAt6M2CRKO3ZdrNI82123e6QiBNZP9PdU+i81Oh2B82und705
MwjVTlY2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:01 2025 by rpki-client on console.sobornost.net