Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Wj9UBZ8lyGpizZyCVs5Soop7w2k.roa
File: Wj9UBZ8lyGpizZyCVs5Soop7w2k.roa (raw, json)
Hash identifier: nghObD8IVMMvgf7Cs34GYm/ZtGFtMr/E9cOGO8F0TDk=
Subject key identifier: 5A:3F:54:05:9F:25:C8:6A:62:CD:9C:82:56:CE:52:A2:8A:7B:C3:69
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01942748538761FAA394D67D3D34BDC48E9B
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Wj9UBZ8lyGpizZyCVs5Soop7w2k.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12660
IP address blocks: 94.184.128.0/21 maxlen: 21
94.184.128.0/22 maxlen: 22
94.184.132.0/22 maxlen: 22
194.225.32.0/20 maxlen: 24
194.225.40.0/21 maxlen: 21
194.225.40.0/24 maxlen: 24
194.225.44.0/22 maxlen: 22
194.225.80.0/21 maxlen: 21
194.225.80.0/22 maxlen: 22
194.225.84.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:53:87:61:fa:a3:94:d6:7d:3d:34:bd:c4:8e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a3f54059f25c86a62cd9c8256ce52a28a7bc369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5a:f0:6c:7f:45:90:59:e8:fc:65:4f:62:df:
51:c0:e5:7c:40:8b:24:3e:a1:16:f9:0d:f7:38:d9:
03:46:1e:4a:70:c1:c5:bf:14:04:7c:fa:d6:fd:d5:
81:ba:96:80:26:e5:d9:78:f6:a7:f1:c7:35:d8:99:
b8:a3:48:8c:8c:a6:f6:08:a4:0e:6b:31:9c:8e:ef:
85:98:26:01:d0:c9:8d:57:bf:5c:bf:f7:23:06:64:
82:6f:55:4c:a0:01:aa:78:c1:52:66:28:53:ec:76:
62:bf:8a:72:ce:6c:42:01:9d:6e:61:16:d0:5d:5f:
8e:2f:5c:03:be:1b:ee:9a:18:11:ff:18:8c:19:09:
4d:37:87:4c:3c:5e:10:f5:c8:dc:10:3c:d2:3c:7f:
24:3c:f0:69:76:b4:ad:f2:30:21:c3:ae:a8:c7:72:
db:cc:04:02:77:a4:77:25:90:4a:8c:d1:d8:2f:7d:
71:3b:af:24:f7:8b:1e:4d:f8:b1:bd:58:38:e3:11:
78:2b:42:5d:8a:9e:1f:44:0c:ef:b5:b1:41:f0:56:
0f:17:55:d6:ce:11:23:b2:76:47:ee:b3:fe:89:f3:
1f:03:f9:03:a6:5f:09:c9:23:0d:95:3c:21:08:b9:
48:75:1c:7a:05:78:3a:a6:40:2b:9d:d1:32:7c:da:
77:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:3F:54:05:9F:25:C8:6A:62:CD:9C:82:56:CE:52:A2:8A:7B:C3:69
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/Wj9UBZ8lyGpizZyCVs5Soop7w2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.32.0/20
194.225.80.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:27:0d:c5:d5:fc:18:08:75:5b:bc:14:d0:76:3e:2a:00:92:
4b:8b:e2:91:18:25:d0:8d:df:dd:77:27:a1:4d:24:ba:32:63:
73:47:da:43:e6:07:d7:be:b6:ef:f1:7c:e1:31:06:38:df:bd:
60:97:8f:6e:21:81:a6:7c:1e:d4:4f:f2:00:08:a1:96:dd:4c:
2b:ed:88:2e:57:ac:92:18:0b:37:5d:30:5c:e0:a2:0b:b1:53:
33:07:29:9a:19:4c:6a:e2:90:0d:26:6e:f9:f3:e6:73:f0:14:
fd:6b:f1:da:9a:3b:f3:a0:4b:b8:65:15:8e:79:8f:85:0f:39:
7c:f6:2f:18:57:6a:c4:cc:b5:12:d6:e2:b5:eb:c0:62:f7:11:
ef:03:c6:2f:70:29:fb:23:92:b6:fb:79:c3:32:24:86:ad:5f:
71:bb:44:70:18:ff:d9:da:c3:64:2f:b9:99:68:c2:55:9f:46:
da:0c:6e:5a:71:61:64:24:dc:6b:51:4d:20:6e:1b:ba:f9:8b:
82:b2:fa:82:be:e5:d4:b5:bb:a1:c4:47:5f:31:bd:c5:56:a3:
ab:18:2d:ab:9a:52:3d:ea:e0:f2:d8:7a:16:16:9d:3a:4d:ab:
e7:e9:07:d6:ef:40:04:9c:5b:c9:45:83:9f:1d:65:2c:c8:af:
fc:41:90:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSFOHYfqjlNZ9PTS9xI6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTNmNTQwNTlmMjVjODZhNjJjZDljODI1NmNlNTJhMjhhN2JjMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1rwbH9FkFno/GVPYt9RwOV8QIsk
PqEW+Q33ONkDRh5KcMHFvxQEfPrW/dWBupaAJuXZePan8cc12Jm4o0iMjKb2CKQO
azGcju+FmCYB0MmNV79cv/cjBmSCb1VMoAGqeMFSZihT7HZiv4pyzmxCAZ1uYRbQ
XV+OL1wDvhvumhgR/xiMGQlNN4dMPF4Q9cjcEDzSPH8kPPBpdrSt8jAhw66ox3Lb
zAQCd6R3JZBKjNHYL31xO68k94seTfixvVg44xF4K0Jdip4fRAzvtbFB8FYPF1XW
zhEjsnZH7rP+ifMfA/kDpl8JySMNlTwhCLlIdRx6BXg6pkArndEyfNp3CwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFo/VAWfJchqYs2cglbOUqKKe8NpMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvV2o5VUJaOGx5R3Bpelp5Q1ZzNVNvb3A3dzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXriAAwQE
wuEgAwQDwuFQMA0GCSqGSIb3DQEBCwUAA4IBAQCKJw3F1fwYCHVbvBTQdj4qAJJL
i+KRGCXQjd/ddyehTSS6MmNzR9pD5gfXvrbv8XzhMQY4371gl49uIYGmfB7UT/IA
CKGW3Uwr7YguV6ySGAs3XTBc4KILsVMzBymaGUxq4pANJm758+Zz8BT9a/Hamjvz
oEu4ZRWOeY+FDzl89i8YV2rEzLUS1uK168Bi9xHvA8YvcCn7I5K2+3nDMiSGrV9x
u0RwGP/Z2sNkL7mZaMJVn0baDG5acWFkJNxrUU0gbhu6+YuCsvqCvuXUtbuhxEdf
Mb3FVqOrGC2rmlI96uDy2HoWFp06Tavn6QfW70AEnFvJRYOfHWUsyK/8QZBX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:12 2025 by rpki-client on console.sobornost.net