Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/waLFBc0ihNyoOHU31H5Op08pdHE.roa
File: waLFBc0ihNyoOHU31H5Op08pdHE.roa (raw, json)
Hash identifier: fZaUpr/1EfcrkJXjskWEQlrIHvdR8FsoG786ArRvi9Y=
Subject key identifier: C1:A2:C5:05:CD:22:84:DC:A8:38:75:37:D4:7E:4E:A7:4F:29:74:71
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6D01C628A395F3F2B2F1CDC34050
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/waLFBc0ihNyoOHU31H5Op08pdHE.roa
Signing time: Thu 02 Jan 2025 09:50:27 +0000
ROA not before: Thu 02 Jan 2025 09:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34168
IP address blocks: 84.53.192.0/18 maxlen: 18
2a02:960::/32 maxlen: 32
2a02:960:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6d:01:c6:28:a3:95:f3:f2:b2:f1:cd:c3:40:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1a2c505cd2284dca8387537d47e4ea74f297471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:db:d2:77:9d:c0:5d:c3:cc:01:26:d0:e6:
d8:80:6c:51:44:3e:67:04:cd:7a:67:b0:27:68:cc:
34:2e:f0:de:70:db:34:97:9e:fc:7d:79:76:fb:82:
13:d8:04:48:dd:c7:9e:ca:df:66:cd:29:48:71:a0:
db:74:10:f1:a0:7d:1a:f9:ba:e3:2e:ab:cd:e7:e5:
d8:d3:bc:8c:21:45:95:9c:d6:0f:4b:ad:70:31:73:
4b:01:c0:1e:b4:27:9d:3c:e9:45:61:25:e6:99:4b:
ad:90:f6:12:6c:1e:d2:af:e3:1f:6b:45:6f:61:2f:
99:e6:a9:6c:44:6a:81:4a:2a:56:d0:33:8c:c6:b1:
10:b0:db:bb:62:c5:36:f0:d9:47:32:ba:e7:35:d4:
e5:47:d5:52:ca:56:ea:6b:7e:ab:10:b5:a9:12:24:
15:24:aa:ac:59:ab:fc:54:d9:5f:c8:b8:4c:74:a3:
85:38:e3:f0:46:ff:d7:be:9b:9a:22:b5:5f:62:94:
3c:63:4c:26:41:44:1f:da:c4:8e:eb:2b:76:50:6e:
c0:e7:3c:17:dd:7a:45:e7:ed:4e:95:9e:a8:0c:e5:
da:13:19:a9:58:c8:d5:80:a5:6b:fd:e7:fc:ae:fa:
eb:f9:d6:5c:63:da:fa:e3:8a:0e:51:cc:a0:3b:0e:
93:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A2:C5:05:CD:22:84:DC:A8:38:75:37:D4:7E:4E:A7:4F:29:74:71
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/waLFBc0ihNyoOHU31H5Op08pdHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.53.192.0/18
IPv6:
2a02:960::/32
Signature Algorithm: sha256WithRSAEncryption
76:a0:db:a4:6c:91:5e:a5:c5:8a:c6:43:7f:92:9a:80:53:55:
d0:95:43:22:67:3f:bc:de:66:ee:1b:b3:de:de:c2:b9:a1:77:
a1:ea:df:31:45:8c:c0:5b:72:50:27:5d:73:35:17:ef:55:8b:
01:bc:0f:93:b3:27:bb:98:7a:15:ab:a0:51:0d:3f:96:ce:e3:
fa:e4:fe:f3:58:b1:fe:dc:dd:18:b4:87:92:73:ef:2a:ae:70:
e0:03:d3:1c:b2:b5:a8:83:8e:3c:d2:c9:e0:39:c6:5d:86:ce:
ef:e9:92:12:a5:a5:33:11:2c:3c:ac:7d:98:4a:93:23:3c:af:
c8:e4:e8:c5:b2:e8:f2:93:ae:61:7b:e5:fb:a6:72:5b:7f:a5:
6b:f3:58:6b:bb:05:f7:4d:41:84:76:90:a4:9d:11:2c:01:84:
5b:80:51:f9:99:61:96:38:28:79:d7:e6:f1:3a:d5:f2:c6:31:
1b:7a:c2:f1:5c:98:0d:bb:6c:28:0f:b3:01:7e:40:7f:2f:cc:
0b:8c:1f:aa:19:92:a1:a1:bd:9f:7c:64:41:85:85:94:50:cb:
46:44:7f:18:9d:b0:49:36:b5:aa:54:9e:57:98:30:e3:d2:6a:
e1:5c:e3:23:58:97:7c:d3:82:e0:44:0b:cd:26:2e:bb:c8:aa:
76:a7:c5:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbG0BxiijlfPysvHNw0BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWEyYzUwNWNkMjI4NGRjYTgzODc1MzdkNDdlNGVhNzRmMjk3NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2rb0nedwF3DzAEm0ObYgGxRRD5n
BM16Z7AnaMw0LvDecNs0l578fXl2+4IT2ARI3ceeyt9mzSlIcaDbdBDxoH0a+brj
LqvN5+XY07yMIUWVnNYPS61wMXNLAcAetCedPOlFYSXmmUutkPYSbB7Sr+Mfa0Vv
YS+Z5qlsRGqBSipW0DOMxrEQsNu7YsU28NlHMrrnNdTlR9VSylbqa36rELWpEiQV
JKqsWav8VNlfyLhMdKOFOOPwRv/XvpuaIrVfYpQ8Y0wmQUQf2sSO6yt2UG7A5zwX
3XpF5+1OlZ6oDOXaExmpWMjVgKVr/ef8rvrr+dZcY9r644oOUcygOw6TVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMGixQXNIoTcqDh1N9R+TqdPKXRxMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvd2FMRkJjMGloTnlvT0hVMzFINU9wMDhwZEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGVDXAMA0E
AgACMAcDBQAqAglgMA0GCSqGSIb3DQEBCwUAA4IBAQB2oNukbJFepcWKxkN/kpqA
U1XQlUMiZz+83mbuG7Pe3sK5oXeh6t8xRYzAW3JQJ11zNRfvVYsBvA+Tsye7mHoV
q6BRDT+WzuP65P7zWLH+3N0YtIeSc+8qrnDgA9McsrWog4480sngOcZdhs7v6ZIS
paUzESw8rH2YSpMjPK/I5OjFsujyk65he+X7pnJbf6Vr81hruwX3TUGEdpCknREs
AYRbgFH5mWGWOCh51+bxOtXyxjEbesLxXJgNu2woD7MBfkB/L8wLjB+qGZKhob2f
fGRBhYWUUMtGRH8YnbBJNrWqVJ5XmDDj0mrhXOMjWJd804LgRAvNJi67yKp2p8Vy
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net