Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa
File: wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa (raw, json)
Hash identifier: QMvHM8N7K9OdWcNx9rJFFp+Z7jXiktM21WFlvU4ZxMM=
Subject key identifier: C2:ED:CB:FC:0D:DD:59:22:94:79:A5:38:95:B2:C7:E6:D4:05:1A:1B
Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69
Certificate serial: 019425FDC2A977C8C87C21B5FE2D72393A80
Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa
Signing time: Thu 02 Jan 2025 07:49:34 +0000
ROA not before: Thu 02 Jan 2025 07:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28941
IP address blocks: 185.103.112.0/22 maxlen: 24
185.199.24.0/22 maxlen: 24
185.204.132.0/22 maxlen: 24
2a0a:9440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c2:a9:77:c8:c8:7c:21:b5:fe:2d:72:39:3a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69
Validity
Not Before: Jan 2 07:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2edcbfc0ddd59229479a53895b2c7e6d4051a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:dd:85:15:38:89:78:08:13:03:7b:5c:d0:
b5:31:17:51:cc:e8:6c:3c:0a:eb:fa:71:25:33:97:
e5:27:94:1e:1b:9c:e8:6a:02:f0:7e:c3:76:9c:04:
e4:25:00:75:e9:58:1c:3b:be:6e:1d:17:27:76:4b:
e7:55:85:b3:fe:47:e9:c3:13:a6:8a:ad:a2:a6:d9:
17:86:55:5a:e6:a0:1f:e4:56:0f:87:d6:a8:75:85:
af:f3:70:f6:56:8c:62:81:b8:3e:bf:6a:5d:46:85:
20:18:d7:47:fa:fc:e0:b4:f7:ae:68:df:ec:2c:49:
cd:e6:bf:f2:07:f7:fb:a3:c3:6d:32:89:24:6c:4e:
99:20:4d:a7:39:72:18:a5:41:c2:e9:54:f2:60:5c:
50:25:94:b3:9e:e1:e0:15:10:a3:e4:d2:e7:f1:11:
f0:ec:7c:f9:c5:fb:a9:9b:36:cd:f5:51:4b:d4:90:
6d:05:b7:6f:f7:33:96:0c:80:ea:0c:41:7e:b5:00:
3b:99:42:76:b8:26:2f:9c:91:61:9e:81:95:25:a4:
d9:78:34:07:d4:3a:82:8d:12:39:f6:2e:61:8f:d1:
64:5e:47:29:a3:f6:60:de:2d:42:7a:1a:9d:d6:90:
40:0d:6a:08:e2:b7:e2:5b:aa:44:70:8a:99:17:d7:
7f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:ED:CB:FC:0D:DD:59:22:94:79:A5:38:95:B2:C7:E6:D4:05:1A:1B
X509v3 Authority Key Identifier:
keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/wu3L_A3dWSKUeaU4lbLH5tQFGhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.112.0/22
185.199.24.0/22
185.204.132.0/22
IPv6:
2a0a:9440::/29
Signature Algorithm: sha256WithRSAEncryption
71:f3:e8:5d:14:10:3d:7e:0d:bd:e3:13:0b:88:66:5c:04:74:
28:53:3c:79:d2:97:34:28:52:41:55:68:8c:7c:b1:7d:3b:7c:
49:2e:f9:fa:f6:f9:a4:d2:02:f5:91:10:6f:69:5f:11:3b:a2:
12:18:ad:f0:e3:49:c1:31:d4:71:bc:0f:cf:1c:30:40:31:09:
af:07:1a:70:ba:ca:d7:91:31:57:ed:bd:a6:7e:a8:57:b4:6c:
22:5b:ca:b4:c0:cc:f5:73:93:00:0d:8b:44:b5:69:f0:2e:88:
87:d5:56:31:14:d6:37:19:69:92:04:25:61:dd:3a:2f:e7:7c:
f2:58:5c:19:0c:45:51:ff:bb:51:06:20:e4:75:7b:87:e8:0b:
81:26:5d:10:e6:d4:bf:4d:6f:dc:ba:05:71:d5:86:27:2e:4d:
b8:dc:78:56:90:f0:00:de:ab:c8:e5:ca:28:ad:57:22:d9:86:
9e:87:d2:33:b5:17:9e:84:f2:c0:e5:55:db:c8:0f:49:b3:b5:
f6:a8:f1:e1:c6:0e:66:37:13:af:7a:87:2a:48:65:75:e4:01:
50:02:4c:7c:45:c9:c7:08:2e:67:8c:2a:f6:de:8a:4c:e2:37:
7b:2b:5c:42:99:da:5f:04:a2:f2:8b:37:6e:99:91:43:67:b3:
78:9d:02:46
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQl/cKpd8jIfCG1/i1yOTqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi
YzVlNjkwHhcNMjUwMTAyMDc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmVkY2JmYzBkZGQ1OTIyOTQ3OWE1Mzg5NWIyYzdlNmQ0MDUxYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBndhRU4iXgIEwN7XNC1MRdRzOhs
PArr+nElM5flJ5QeG5zoagLwfsN2nATkJQB16VgcO75uHRcndkvnVYWz/kfpwxOm
iq2iptkXhlVa5qAf5FYPh9aodYWv83D2Voxigbg+v2pdRoUgGNdH+vzgtPeuaN/s
LEnN5r/yB/f7o8NtMokkbE6ZIE2nOXIYpUHC6VTyYFxQJZSznuHgFRCj5NLn8RHw
7Hz5xfupmzbN9VFL1JBtBbdv9zOWDIDqDEF+tQA7mUJ2uCYvnJFhnoGVJaTZeDQH
1DqCjRI59i5hj9FkXkcpo/Zg3i1Cehqd1pBADWoI4rfiW6pEcIqZF9d/QQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMLty/wN3VkilHmlOJWyx+bUBRobMB8GA1UdIwQY
MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt
MDRlNGU0ZGM1ZmJhLzEvd3UzTF9BM2RXU0tVZWFVNGxiTEg1dFFGR2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh
LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWdwAwQC
uccYAwQCucyEMA0EAgACMAcDBQMqCpRAMA0GCSqGSIb3DQEBCwUAA4IBAQBx8+hd
FBA9fg294xMLiGZcBHQoUzx50pc0KFJBVWiMfLF9O3xJLvn69vmk0gL1kRBvaV8R
O6ISGK3w40nBMdRxvA/PHDBAMQmvBxpwusrXkTFX7b2mfqhXtGwiW8q0wMz1c5MA
DYtEtWnwLoiH1VYxFNY3GWmSBCVh3Tov53zyWFwZDEVR/7tRBiDkdXuH6AuBJl0Q
5tS/TW/cugVx1YYnLk243HhWkPAA3qvI5coorVci2Yaeh9IztReehPLA5VXbyA9J
s7X2qPHhxg5mNxOveocqSGV15AFQAkx8RcnHCC5njCr23opM4jd7K1xCmdpfBKLy
izdumZFDZ7N4nQJG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:54 2025 by rpki-client on console.sobornost.net