Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/WTl9wt0Rp1_SP8V72BWndXzvVXk.roa
File: WTl9wt0Rp1_SP8V72BWndXzvVXk.roa (raw, json)
Hash identifier: BI9xuqlMchALIUZfnOAm1MAIdvbV4MZUCOFrf3rfZgA=
Subject key identifier: 59:39:7D:C2:DD:11:A7:5F:D2:3F:C5:7B:D8:15:A7:75:7C:EF:55:79
Certificate issuer: /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Certificate serial: 019425220E5BCDBF58416C59EF89EB5ABA65
Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/WTl9wt0Rp1_SP8V72BWndXzvVXk.roa
Signing time: Thu 02 Jan 2025 03:49:36 +0000
ROA not before: Thu 02 Jan 2025 03:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62095
IP address blocks: 31.169.73.0/24 maxlen: 24
185.11.248.0/24 maxlen: 24
185.11.249.0/24 maxlen: 24
185.11.250.0/24 maxlen: 24
185.11.251.0/24 maxlen: 24
2a02:ed40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0e:5b:cd:bf:58:41:6c:59:ef:89:eb:5a:ba:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Validity
Not Before: Jan 2 03:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59397dc2dd11a75fd23fc57bd815a7757cef5579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:66:82:8f:a7:fb:a5:a1:90:6f:f4:a3:57:a7:
d2:b6:b5:35:42:8c:2a:ff:a7:8f:22:9e:52:4b:f2:
dd:f9:ac:f3:ad:26:a8:f8:9a:c2:40:7b:e3:66:19:
af:19:7d:71:96:75:05:7d:3d:fb:e9:4e:a0:87:37:
4a:39:14:b4:9d:f7:d1:97:da:f5:ff:ed:f3:c7:bf:
78:27:28:a3:d8:ac:b1:e1:97:61:19:10:f8:c2:da:
d2:db:bf:72:47:5f:e6:ff:9d:c6:8b:69:23:46:eb:
6c:b7:70:f0:44:a5:ec:77:29:19:05:d3:12:17:95:
e5:48:b8:98:cd:78:9a:19:82:f8:20:6b:51:87:58:
ad:06:0f:3d:7d:2d:46:cd:85:ab:21:da:e3:a8:7f:
cf:34:3a:32:d0:08:50:3a:2b:33:e8:ad:c5:e3:0a:
f5:7d:05:ec:5b:6d:53:cb:6d:cf:7e:2c:5c:60:ea:
d3:02:36:cf:c3:62:09:8d:d6:be:3c:69:a0:e1:dd:
5f:4f:78:5d:91:64:61:6e:64:e2:35:0d:fa:d8:fe:
f0:0f:fd:5a:75:4d:23:92:01:00:d9:2c:04:fb:76:
1c:3f:d9:10:4e:b6:02:14:38:8b:1e:c4:49:16:0e:
31:e2:f6:f1:7a:53:94:23:46:d8:95:d5:92:06:5b:
ea:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:39:7D:C2:DD:11:A7:5F:D2:3F:C5:7B:D8:15:A7:75:7C:EF:55:79
X509v3 Authority Key Identifier:
keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/WTl9wt0Rp1_SP8V72BWndXzvVXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.73.0/24
185.11.248.0/22
IPv6:
2a02:ed40::/48
Signature Algorithm: sha256WithRSAEncryption
b0:d6:67:05:5a:fc:ba:d7:75:f9:3a:a0:7e:6a:2b:fc:8e:21:
6f:6d:40:de:71:68:2f:1c:c4:df:d4:1f:23:d0:10:6e:a7:b9:
72:8e:12:62:b0:7c:8a:9d:94:02:37:70:2a:2e:8c:e1:11:8d:
c5:50:a7:6f:5e:de:80:04:4c:b8:6d:36:30:fb:2f:6c:62:04:
a3:b0:6d:f1:9d:89:22:18:e2:bc:7b:e0:d5:19:7a:4f:74:64:
8a:89:e9:d8:45:95:93:19:c4:39:b9:a4:f1:73:56:1b:72:50:
8e:89:1b:45:8f:66:18:27:51:b5:7e:d6:09:bb:5d:5e:da:3f:
2b:fa:82:ee:be:de:28:ed:73:cc:2e:5b:55:55:7b:e0:d6:34:
d4:79:45:4e:6e:ed:af:c0:71:2a:a2:30:98:e5:3a:49:ae:33:
68:32:40:8c:b8:b9:2a:be:55:70:d2:3c:af:f2:14:8f:04:e8:
d1:f7:46:5a:f1:87:72:4b:bf:c9:46:ea:26:da:ee:97:fe:df:
f6:83:63:b4:a1:13:0c:15:6f:62:77:75:7c:af:1e:07:bf:e3:
be:c9:c6:1a:2f:fc:40:c4:93:dd:26:0c:d0:ec:f5:c6:9a:2b:
71:d3:08:4c:7a:78:e5:34:11:39:2a:6c:5d:44:ef:5e:21:a3:
6f:10:60:62
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIg5bzb9YQWxZ74nrWrplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl
MjRhZjkwHhcNMjUwMTAyMDM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTM5N2RjMmRkMTFhNzVmZDIzZmM1N2JkODE1YTc3NTdjZWY1NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WaCj6f7paGQb/SjV6fStrU1Qowq
/6ePIp5SS/Ld+azzrSao+JrCQHvjZhmvGX1xlnUFfT376U6ghzdKORS0nffRl9r1
/+3zx794Jyij2Kyx4ZdhGRD4wtrS279yR1/m/53Gi2kjRutst3DwRKXsdykZBdMS
F5XlSLiYzXiaGYL4IGtRh1itBg89fS1GzYWrIdrjqH/PNDoy0AhQOisz6K3F4wr1
fQXsW21Ty23PfixcYOrTAjbPw2IJjda+PGmg4d1fT3hdkWRhbmTiNQ362P7wD/1a
dU0jkgEA2SwE+3YcP9kQTrYCFDiLHsRJFg4x4vbxelOUI0bYldWSBlvqgQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFk5fcLdEadf0j/Fe9gVp3V871V5MB8GA1UdIwQY
MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt
OTUzMWQyNGUwNjEwLzEvV1RsOXd0MFJwMV9TUDhWNzJCV25kWHp2VlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw
LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAH6lJAwQC
uQv4MA8EAgACMAkDBwAqAu1AAAAwDQYJKoZIhvcNAQELBQADggEBALDWZwVa/LrX
dfk6oH5qK/yOIW9tQN5xaC8cxN/UHyPQEG6nuXKOEmKwfIqdlAI3cCoujOERjcVQ
p29e3oAETLhtNjD7L2xiBKOwbfGdiSIY4rx74NUZek90ZIqJ6dhFlZMZxDm5pPFz
VhtyUI6JG0WPZhgnUbV+1gm7XV7aPyv6gu6+3ijtc8wuW1VVe+DWNNR5RU5u7a/A
cSqiMJjlOkmuM2gyQIy4uSq+VXDSPK/yFI8E6NH3Rlrxh3JLv8lG6iba7pf+3/aD
Y7ShEwwVb2J3dXyvHge/477Jxhov/EDEk90mDNDs9caaK3HTCEx6eOU0ETkqbF1E
714ho28QYGI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:13 2025 by rpki-client on console.sobornost.net