Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/WmkZfnnh3pScwaXiJbTGBXyP1Qc.roa
File: WmkZfnnh3pScwaXiJbTGBXyP1Qc.roa (raw, json)
Hash identifier: I13Tkttq3M8PaWX4zQV9BWk83CokqL9JFr2nEoTqMZE=
Subject key identifier: 5A:69:19:7E:79:E1:DE:94:9C:C1:A5:E2:25:B4:C6:05:7C:8F:D5:07
Certificate issuer: /CN=209da783cdfb3cb6d9bc82c192d6d72abb4a336d
Certificate serial: 0193F39E8ED10C98211C625E8853CED8AA7D
Authority key identifier: 20:9D:A7:83:CD:FB:3C:B6:D9:BC:82:C1:92:D6:D7:2A:BB:4A:33:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/WmkZfnnh3pScwaXiJbTGBXyP1Qc.roa
Signing time: Mon 23 Dec 2024 13:04:34 +0000
ROA not before: Mon 23 Dec 2024 13:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62317
IP address blocks: 185.40.132.0/22 maxlen: 22
185.66.76.0/23 maxlen: 23
185.66.78.0/24 maxlen: 24
185.69.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:9e:8e:d1:0c:98:21:1c:62:5e:88:53:ce:d8:aa:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=209da783cdfb3cb6d9bc82c192d6d72abb4a336d
Validity
Not Before: Dec 23 13:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a69197e79e1de949cc1a5e225b4c6057c8fd507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f1:9f:c3:13:d6:44:4c:0d:a8:92:10:98:85:
1c:b1:5b:71:bf:e6:67:25:ac:39:66:bd:16:c3:99:
72:d1:48:e0:3f:e4:d4:56:be:74:f2:85:21:8a:64:
2a:b8:38:d1:94:98:ee:a1:2f:e5:43:74:36:d2:03:
d5:7e:a6:9f:8b:d0:f7:a3:fd:57:1f:c3:3c:4b:a7:
25:52:f5:7f:75:44:46:a7:b6:8e:a4:1b:63:c0:37:
c6:20:fa:8b:df:7f:90:3e:2f:f7:cf:5b:a4:55:84:
87:a8:1e:94:98:91:3e:22:09:f4:3c:ac:1a:2b:96:
c7:2d:76:61:99:cf:c4:f7:68:79:5e:bd:24:85:c3:
8b:40:74:b9:6d:53:a4:d9:24:bb:27:5a:aa:d6:53:
64:3a:09:04:55:88:79:4a:9e:3d:f3:50:f5:fa:22:
a1:a7:a0:fa:64:10:bc:b2:cb:c3:62:1e:b1:cd:f9:
a7:11:cb:94:41:bb:ef:b8:f7:5b:12:40:a9:f7:52:
f1:dd:c6:8a:83:be:ef:db:d0:cd:3e:d6:74:a4:5e:
14:db:9a:31:8f:63:44:7c:c2:e8:de:14:8b:ae:c3:
70:2e:70:e5:3d:f7:cb:50:a0:61:54:5c:07:a0:b4:
6a:70:7c:ff:22:93:ba:f3:a8:b9:17:c8:63:6e:ea:
08:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:69:19:7E:79:E1:DE:94:9C:C1:A5:E2:25:B4:C6:05:7C:8F:D5:07
X509v3 Authority Key Identifier:
keyid:20:9D:A7:83:CD:FB:3C:B6:D9:BC:82:C1:92:D6:D7:2A:BB:4A:33:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/WmkZfnnh3pScwaXiJbTGBXyP1Qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/IJ2ng837PLbZvILBktbXKrtKM20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.132.0/22
185.66.76.0-185.66.78.255
185.69.200.0/22
Signature Algorithm: sha256WithRSAEncryption
17:b2:9d:20:1f:14:4f:a3:ef:ac:5a:23:f4:47:e2:b1:73:1c:
85:66:65:f3:ad:51:17:54:7a:db:65:6a:9e:39:2b:bf:37:09:
52:9d:d8:83:1d:25:fd:89:47:97:cd:5d:7c:00:d5:a3:ba:ff:
25:66:2a:cc:bb:10:aa:0d:86:26:87:c6:fb:54:66:b9:d5:71:
08:fb:37:50:28:74:4f:3b:ca:9c:33:45:a9:d2:08:00:66:2b:
10:5e:f4:74:44:02:e2:de:42:ac:ff:7c:0a:87:67:7b:fe:e3:
f9:7e:28:a5:b5:75:f9:9d:3c:76:50:2e:5e:aa:ee:f4:98:eb:
78:f9:40:30:da:e1:7f:b6:b1:d6:4e:1c:e3:91:80:f4:27:1e:
b0:cd:0a:b7:b1:83:e2:d7:10:92:46:89:2a:d6:d3:9e:56:7e:
ad:fd:ca:52:2d:a4:e6:87:ad:34:94:9d:b6:db:37:be:d7:3d:
7f:5f:2a:f1:09:29:ba:ad:57:6a:bc:4d:9b:46:10:e8:55:9a:
4e:20:9d:d6:db:67:d5:42:75:8b:e3:af:7f:31:0d:ca:c5:e0:
f6:d2:86:87:22:4f:0d:b4:b5:96:b0:b5:13:48:97:34:18:db:
0c:a8:fb:32:f2:15:ca:7a:6c:d8:99:6b:3e:d4:a3:3d:87:f6:
31:35:7d:a1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZPzno7RDJghHGJeiFPO2Kp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOWRhNzgzY2RmYjNjYjZkOWJjODJjMTkyZDZkNzJhYmI0
YTMzNmQwHhcNMjQxMjIzMTMwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY5MTk3ZTc5ZTFkZTk0OWNjMWE1ZTIyNWI0YzYwNTdjOGZkNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vGfwxPWREwNqJIQmIUcsVtxv+Zn
Jaw5Zr0Ww5ly0UjgP+TUVr508oUhimQquDjRlJjuoS/lQ3Q20gPVfqafi9D3o/1X
H8M8S6clUvV/dURGp7aOpBtjwDfGIPqL33+QPi/3z1ukVYSHqB6UmJE+Ign0PKwa
K5bHLXZhmc/E92h5Xr0khcOLQHS5bVOk2SS7J1qq1lNkOgkEVYh5Sp4981D1+iKh
p6D6ZBC8ssvDYh6xzfmnEcuUQbvvuPdbEkCp91Lx3caKg77v29DNPtZ0pF4U25ox
j2NEfMLo3hSLrsNwLnDlPffLUKBhVFwHoLRqcHz/IpO686i5F8hjbuoIdwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFppGX554d6UnMGl4iW0xgV8j9UHMB8GA1UdIwQY
MBaAFCCdp4PN+zy22byCwZLW1yq7SjNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUoybmc4MzdQTGJadklMQmt0YlhLcnRLTTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZDU5YzYtZjA4OS00NTMwLWEwOTct
Mjg0NjFiZTg5NzQwLzEvV21rWmZubmgzcFNjd2FYaUpiVEdCWHlQMVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZDU5YzYtZjA4OS00NTMwLWEwOTctMjg0NjFiZTg5NzQw
LzEvSUoybmc4MzdQTGJadklMQmt0YlhLcnRLTTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuSiEMAwD
BAK5QkwDBAC5Qk4DBAK5RcgwDQYJKoZIhvcNAQELBQADggEBABeynSAfFE+j76xa
I/RH4rFzHIVmZfOtURdUettlap45K783CVKd2IMdJf2JR5fNXXwA1aO6/yVmKsy7
EKoNhiaHxvtUZrnVcQj7N1AodE87ypwzRanSCABmKxBe9HREAuLeQqz/fAqHZ3v+
4/l+KKW1dfmdPHZQLl6q7vSY63j5QDDa4X+2sdZOHOORgPQnHrDNCrexg+LXEJJG
iSrW055Wfq39ylItpOaHrTSUnbbbN77XPX9fKvEJKbqtV2q8TZtGEOhVmk4gndbb
Z9VCdYvjr38xDcrF4PbShociTw20tZawtRNIlzQY2wyo+zLyFcp6bNiZaz7Uoz2H
9jE1faE=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:42 2024 by rpki-client on console.sobornost.net