Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/W0D9WIXmr4DG_xEj-xUZT82-dxQ.roa
File: W0D9WIXmr4DG_xEj-xUZT82-dxQ.roa (raw, json)
Hash identifier: fBvWuzB9wp05SoO5x+Vb/EneDFqD/kJHT0KgvrAsF24=
Subject key identifier: 5B:40:FD:58:85:E6:AF:80:C6:FF:11:23:FB:15:19:4F:CD:BE:77:14
Certificate issuer: /CN=8b054485ee62c6f1939613cba20669eef4504f79
Certificate serial: 01946F02917FA72FECF25913680A1C20A633
Authority key identifier: 8B:05:44:85:EE:62:C6:F1:93:96:13:CB:A2:06:69:EE:F4:50:4F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwVEhe5ixvGTlhPLogZp7vRQT3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/W0D9WIXmr4DG_xEj-xUZT82-dxQ.roa
Signing time: Thu 16 Jan 2025 12:07:06 +0000
ROA not before: Thu 16 Jan 2025 12:07:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59908
IP address blocks: 141.170.208.0/21 maxlen: 24
141.170.214.0/24 maxlen: 24
185.67.112.0/24 maxlen: 24
185.67.114.0/24 maxlen: 24
185.67.115.0/24 maxlen: 24
193.164.226.0/23 maxlen: 24
2001:678:930::/48 maxlen: 96
2a00:a3a0::/32 maxlen: 96
2a03:2460::/32 maxlen: 96
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:02:91:7f:a7:2f:ec:f2:59:13:68:0a:1c:20:a6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b054485ee62c6f1939613cba20669eef4504f79
Validity
Not Before: Jan 16 12:07:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b40fd5885e6af80c6ff1123fb15194fcdbe7714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:34:ad:73:10:0a:3e:9d:b8:00:17:b3:e3:
43:35:f4:c4:f1:b1:66:3f:30:2d:32:b8:02:6d:ad:
ab:b9:46:12:93:64:13:32:f5:ea:7f:4b:69:9f:14:
b2:d3:72:f5:f4:2f:b5:3d:fb:96:04:1d:df:56:f8:
d2:7b:8f:6e:ab:3d:3a:c4:e4:ab:cc:d7:c2:50:16:
26:17:c6:ae:1e:64:02:e3:c6:58:e9:e9:a0:e2:13:
51:33:22:4f:57:a1:43:ae:98:19:76:27:25:44:8c:
88:e2:a1:4d:3b:ce:df:c1:76:9d:61:af:2e:18:01:
83:30:46:91:ba:3b:7b:f0:2b:0d:a3:ed:dc:eb:a0:
b9:6b:ac:5e:4c:9c:7e:ce:7d:f2:1a:c7:2e:a9:12:
49:b7:c0:41:2f:e8:04:e5:e1:49:23:d3:b9:14:4b:
32:b1:b8:33:6f:a2:57:f8:94:1c:f6:fd:88:c5:e2:
31:43:38:70:3b:a5:f5:8a:25:30:d1:5d:57:e0:7c:
ff:51:f9:41:87:a4:44:e5:55:14:f5:65:03:31:d7:
f1:ef:e2:9f:f5:f1:70:d2:15:0d:9d:53:0a:4c:55:
4b:1a:41:5c:1a:76:14:2c:98:b4:6c:21:b9:66:3f:
01:8f:3f:d0:9d:a0:c4:81:36:68:fb:52:85:cd:cf:
9f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:40:FD:58:85:E6:AF:80:C6:FF:11:23:FB:15:19:4F:CD:BE:77:14
X509v3 Authority Key Identifier:
keyid:8B:05:44:85:EE:62:C6:F1:93:96:13:CB:A2:06:69:EE:F4:50:4F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwVEhe5ixvGTlhPLogZp7vRQT3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/W0D9WIXmr4DG_xEj-xUZT82-dxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/iwVEhe5ixvGTlhPLogZp7vRQT3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.170.208.0/21
185.67.112.0/24
185.67.114.0/23
193.164.226.0/23
IPv6:
2001:678:930::/48
2a00:a3a0::/32
2a03:2460::/32
Signature Algorithm: sha256WithRSAEncryption
1e:c8:1e:b6:53:00:17:1d:24:92:24:87:47:74:c0:c9:24:52:
8d:31:99:1f:33:f7:28:bd:46:28:5d:8f:0e:e4:cf:d6:78:1d:
96:25:22:0f:3a:80:a0:81:f7:c0:45:6c:ec:88:2c:29:1e:a2:
3d:0c:0d:e4:22:d6:41:38:0c:36:6c:8b:7a:74:43:61:b9:be:
00:31:a9:18:2e:c7:40:2b:a0:45:7b:58:f5:06:7b:f4:0f:98:
92:b3:47:5a:0c:2e:60:ac:19:29:d3:c3:b3:2e:7a:27:76:21:
05:3f:41:af:e9:6e:58:c6:9e:c9:0a:ba:73:84:bd:25:25:44:
33:15:15:02:ac:fc:91:b2:4c:0e:c9:44:ce:76:db:ab:1f:9e:
a2:71:de:25:aa:a8:53:b8:31:70:c2:9b:1e:c5:a7:55:e6:60:
9f:07:47:7e:45:0d:b7:18:40:b6:ee:f1:c0:cb:57:70:e0:09:
d4:2b:b3:70:27:40:17:13:ae:47:1c:28:d8:05:7f:8b:47:a1:
78:83:bc:22:c3:95:50:09:58:b3:61:0f:13:5a:c2:cc:75:75:
de:32:74:1a:56:c1:f3:b9:9a:fc:f1:72:6b:9b:94:19:d7:0e:
d4:c7:2e:29:d6:69:69:2e:65:4b:78:87:ea:13:db:e7:75:e9:
68:04:9b:60
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZRvApF/py/s8lkTaAocIKYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDU0NDg1ZWU2MmM2ZjE5Mzk2MTNjYmEyMDY2OWVlZjQ1
MDRmNzkwHhcNMjUwMTE2MTIwNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQwZmQ1ODg1ZTZhZjgwYzZmZjExMjNmYjE1MTk0ZmNkYmU3NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnQ0rXMQCj6duAAXs+NDNfTE8bFm
PzAtMrgCba2ruUYSk2QTMvXqf0tpnxSy03L19C+1PfuWBB3fVvjSe49uqz06xOSr
zNfCUBYmF8auHmQC48ZY6emg4hNRMyJPV6FDrpgZdiclRIyI4qFNO87fwXadYa8u
GAGDMEaRujt78CsNo+3c66C5a6xeTJx+zn3yGscuqRJJt8BBL+gE5eFJI9O5FEsy
sbgzb6JX+JQc9v2IxeIxQzhwO6X1iiUw0V1X4Hz/UflBh6RE5VUU9WUDMdfx7+Kf
9fFw0hUNnVMKTFVLGkFcGnYULJi0bCG5Zj8Bjz/QnaDEgTZo+1KFzc+f7wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFtA/ViF5q+Axv8RI/sVGU/NvncUMB8GA1UdIwQY
MBaAFIsFRIXuYsbxk5YTy6IGae70UE95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdWRWhlNWl4dkdUbGhQTG9nWnA3dlJRVDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NzljMDktZjQ5YS00YjM4LWE3Nzgt
NmJjMzkwOTk1Y2FiLzEvVzBEOVdJWG1yNERHX3hFai14VVpUODItZHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NzljMDktZjQ5YS00YjM4LWE3NzgtNmJjMzkwOTk1Y2Fi
LzEvaXdWRWhlNWl4dkdUbGhQTG9nWnA3dlJRVDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAeBAIAATAYAwQDjarQAwQA
uUNwAwQBuUNyAwQBwaTiMB0EAgACMBcDBwAgAQZ4CTADBQAqAKOgAwUAKgMkYDAN
BgkqhkiG9w0BAQsFAAOCAQEAHsgetlMAFx0kkiSHR3TAySRSjTGZHzP3KL1GKF2P
DuTP1ngdliUiDzqAoIH3wEVs7IgsKR6iPQwN5CLWQTgMNmyLenRDYbm+ADGpGC7H
QCugRXtY9QZ79A+YkrNHWgwuYKwZKdPDsy56J3YhBT9Br+luWMaeyQq6c4S9JSVE
MxUVAqz8kbJMDslEznbbqx+eonHeJaqoU7gxcMKbHsWnVeZgnwdHfkUNtxhAtu7x
wMtXcOAJ1CuzcCdAFxOuRxwo2AV/i0eheIO8IsOVUAlYs2EPE1rCzHV13jJ0GlbB
87ma/PFya5uUGdcO1McuKdZpaS5lS3iH6hPb53XpaASbYA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net