Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/WEXs_7mi3mpWOcUG8wP1gKvlFMA.roa
File: WEXs_7mi3mpWOcUG8wP1gKvlFMA.roa (raw, json)
Hash identifier: +bGwwC+VYAEY8cjrkr182bmVAbIXzAvAjxcOXwPk5RM=
Subject key identifier: 58:45:EC:FF:B9:A2:DE:6A:56:39:C5:06:F3:03:F5:80:AB:E5:14:C0
Certificate issuer: /CN=1678b49f9ae25f1e127534b1915044ac7d0d9e73
Certificate serial: 01961DFFE5D801294566500E536F27864E71
Authority key identifier: 16:78:B4:9F:9A:E2:5F:1E:12:75:34:B1:91:50:44:AC:7D:0D:9E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/WEXs_7mi3mpWOcUG8wP1gKvlFMA.roa
Signing time: Thu 10 Apr 2025 04:40:31 +0000
ROA not before: Thu 10 Apr 2025 04:40:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48095
IP address blocks: 147.78.52.0/23 maxlen: 23
147.78.54.0/23 maxlen: 23
185.226.80.0/22 maxlen: 22
193.37.52.0/23 maxlen: 23
193.37.54.0/23 maxlen: 23
193.38.240.0/23 maxlen: 23
193.38.242.0/23 maxlen: 23
194.26.176.0/22 maxlen: 22
194.55.80.0/22 maxlen: 22
194.93.36.0/23 maxlen: 23
194.93.38.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1d:ff:e5:d8:01:29:45:66:50:0e:53:6f:27:86:4e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1678b49f9ae25f1e127534b1915044ac7d0d9e73
Validity
Not Before: Apr 10 04:40:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5845ecffb9a2de6a5639c506f303f580abe514c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a4:91:d8:b3:25:6f:67:54:d4:93:05:4f:48:
0d:6a:5e:0f:0a:41:68:8e:32:a9:81:b7:2c:da:d0:
30:f5:97:df:f9:72:11:67:fa:ca:83:2f:a4:4a:d2:
fd:3b:9f:47:e2:bc:16:8b:56:22:72:e7:71:bd:d2:
ee:eb:68:45:64:f1:92:85:b0:c7:0b:f0:b8:42:e7:
88:80:3d:96:64:2c:af:cf:69:80:c6:bc:f8:17:3a:
87:20:04:a6:91:ca:76:50:c1:40:b8:46:be:40:0d:
4c:e9:32:5a:d8:34:f4:9e:7c:b7:74:3a:b5:d1:88:
cc:a8:fb:9b:01:3c:1e:8c:2b:86:27:34:79:f3:d3:
50:0e:a1:cf:e9:e4:1f:b8:2b:74:7a:52:3e:84:89:
14:a7:15:41:89:a9:e9:b0:90:cb:51:54:ba:bf:f6:
f1:fc:8d:29:51:10:99:9e:ca:fc:1b:b6:2f:b3:d2:
80:d8:d9:1f:b2:c5:f1:c0:ad:c6:0e:66:e8:2b:d4:
79:55:fb:23:86:76:6a:34:de:00:1a:3f:33:15:d4:
8c:43:9d:66:eb:18:a1:c9:2a:c9:7c:e2:13:e2:1a:
97:da:d5:94:cd:51:16:38:11:83:b6:d0:28:69:9f:
a9:cc:b8:97:a6:52:e0:0e:48:bc:3f:9f:83:b2:ba:
95:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:45:EC:FF:B9:A2:DE:6A:56:39:C5:06:F3:03:F5:80:AB:E5:14:C0
X509v3 Authority Key Identifier:
keyid:16:78:B4:9F:9A:E2:5F:1E:12:75:34:B1:91:50:44:AC:7D:0D:9E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fni0n5riXx4SdTSxkVBErH0NnnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/WEXs_7mi3mpWOcUG8wP1gKvlFMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0f71f3-7e13-4713-b232-7454a19d32d1/1/Fni0n5riXx4SdTSxkVBErH0NnnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.52.0/22
185.226.80.0/22
193.37.52.0/22
193.38.240.0/22
194.26.176.0/22
194.55.80.0/22
194.93.36.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:67:6d:a6:15:f8:20:6e:b5:84:9f:2f:e5:65:3f:76:0e:7d:
c3:8a:89:b6:84:31:ff:cb:de:bb:8e:7d:1a:7e:8f:1a:ba:59:
99:b8:9f:e7:8f:f0:61:70:11:5a:c8:d7:fc:2c:a2:58:d9:44:
d6:36:ed:7a:77:da:4b:fc:c6:2d:67:89:2f:1e:ae:b6:fa:08:
66:39:de:2c:12:2e:30:22:24:67:b4:1f:74:28:5b:55:c5:bd:
b2:20:21:70:2e:80:41:c8:f6:14:8a:b3:86:19:24:7f:d3:45:
e9:83:9a:2c:46:cd:ec:82:db:f2:40:8d:e0:f9:1b:8b:36:7e:
be:3d:6c:23:be:7c:56:43:4d:f5:53:d7:5e:f8:64:07:c7:27:
6d:4d:52:37:e9:85:02:cd:be:6a:ee:f2:17:d0:ea:be:fb:93:
f2:f5:96:07:61:5a:b5:ab:f6:3e:88:89:40:da:02:db:af:00:
a6:9a:96:13:d7:c6:f5:88:3d:cc:65:09:94:89:ad:39:b3:a6:
00:49:57:b1:98:4c:a6:c7:4d:22:41:33:76:52:60:37:4e:9c:
cb:b5:35:2c:96:16:9d:3c:e0:80:f4:81:c8:72:46:35:75:fa:
85:9e:4f:82:78:82:47:32:39:5d:94:5a:eb:a7:94:e2:a4:ec:
7e:31:0f:2c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZYd/+XYASlFZlAOU28nhk5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NzhiNDlmOWFlMjVmMWUxMjc1MzRiMTkxNTA0NGFjN2Qw
ZDllNzMwHhcNMjUwNDEwMDQ0MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQ1ZWNmZmI5YTJkZTZhNTYzOWM1MDZmMzAzZjU4MGFiZTUxNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qSR2LMlb2dU1JMFT0gNal4PCkFo
jjKpgbcs2tAw9Zff+XIRZ/rKgy+kStL9O59H4rwWi1YicudxvdLu62hFZPGShbDH
C/C4QueIgD2WZCyvz2mAxrz4FzqHIASmkcp2UMFAuEa+QA1M6TJa2DT0nny3dDq1
0YjMqPubATwejCuGJzR589NQDqHP6eQfuCt0elI+hIkUpxVBianpsJDLUVS6v/bx
/I0pURCZnsr8G7Yvs9KA2NkfssXxwK3GDmboK9R5VfsjhnZqNN4AGj8zFdSMQ51m
6xihySrJfOIT4hqX2tWUzVEWOBGDttAoaZ+pzLiXplLgDki8P5+DsrqVoQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFhF7P+5ot5qVjnFBvMD9YCr5RTAMB8GA1UdIwQY
MBaAFBZ4tJ+a4l8eEnU0sZFQRKx9DZ5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5pMG41cmlYeDRTZFRTeGtWQkVySDBObm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZjcxZjMtN2UxMy00NzEzLWIyMzIt
NzQ1NGExOWQzMmQxLzEvV0VYc183bWkzbXBXT2NVRzh3UDFnS3ZsRk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZjcxZjMtN2UxMy00NzEzLWIyMzItNzQ1NGExOWQzMmQx
LzEvRm5pMG41cmlYeDRTZFRTeGtWQkVySDBObm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCk040AwQC
ueJQAwQCwSU0AwQCwSbwAwQCwhqwAwQCwjdQAwQCwl0kMA0GCSqGSIb3DQEBCwUA
A4IBAQB/Z22mFfggbrWEny/lZT92Dn3Diom2hDH/y967jn0afo8aulmZuJ/nj/Bh
cBFayNf8LKJY2UTWNu16d9pL/MYtZ4kvHq62+ghmOd4sEi4wIiRntB90KFtVxb2y
ICFwLoBByPYUirOGGSR/00Xpg5osRs3sgtvyQI3g+RuLNn6+PWwjvnxWQ031U9de
+GQHxydtTVI36YUCzb5q7vIX0Oq++5Py9ZYHYVq1q/Y+iIlA2gLbrwCmmpYT18b1
iD3MZQmUia05s6YASVexmEymx00iQTN2UmA3TpzLtTUslhadPOCA9IHIckY1dfqF
nk+CeIJHMjldlFrrp5TipOx+MQ8s
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:17 2025 by rpki-client on console.sobornost.net