Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/wfK_n7QooRi-jUcERY_L0zgscb4.roa
File: wfK_n7QooRi-jUcERY_L0zgscb4.roa (raw, json)
Hash identifier: NUCnGjvhhPqrFtaLdWxKr8SxcFYqxG5Ww+LW471Ud+k=
Subject key identifier: C1:F2:BF:9F:B4:28:A1:18:BE:8D:47:04:45:8F:CB:D3:38:2C:71:BE
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01948A37E5DD6AC6015151BDB7732B0AE072
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/wfK_n7QooRi-jUcERY_L0zgscb4.roa
Signing time: Tue 21 Jan 2025 18:55:06 +0000
ROA not before: Tue 21 Jan 2025 18:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8a:37:e5:dd:6a:c6:01:51:51:bd:b7:73:2b:0a:e0:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 21 18:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1f2bf9fb428a118be8d4704458fcbd3382c71be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:29:09:00:4a:75:ed:9d:c8:5d:4b:61:d9:a1:
27:7e:38:81:b6:e4:0a:39:9f:35:5e:ad:fb:e1:59:
ea:0b:7a:1d:a5:28:28:25:a1:7e:01:1c:4e:9d:b7:
55:30:c1:24:de:c5:43:f0:55:fd:86:bc:65:49:f2:
fa:f0:5e:31:1a:90:b6:b4:bd:29:cb:5c:fe:ed:e5:
22:29:bc:3e:5b:ad:de:76:59:5c:9e:71:98:85:cf:
86:81:6d:0a:22:bf:ea:65:24:07:34:23:80:f1:a5:
cd:6b:fe:04:e6:df:ca:2e:db:e5:a5:88:a7:aa:69:
2c:9e:d0:4a:16:e2:40:fd:40:89:4f:9c:e8:96:0b:
6a:e8:b7:ee:84:c1:78:7c:d8:7e:f6:5f:c7:46:b1:
f8:9a:fa:47:89:ff:2c:49:33:d4:6d:94:9d:84:f1:
ea:81:57:04:75:50:b2:d1:8b:1f:dd:cb:5a:6a:66:
c7:ca:64:29:1b:2b:e3:28:07:ff:5a:54:d5:fc:82:
05:e2:31:30:bb:b1:06:32:73:ab:50:06:0b:93:0a:
03:50:ed:32:d0:5f:eb:04:1b:ad:1b:c7:4b:8f:c4:
51:00:b1:71:21:68:d2:9f:2c:01:f5:01:4e:c2:de:
02:53:1a:39:34:22:50:1f:36:1b:9f:53:e2:be:3c:
81:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F2:BF:9F:B4:28:A1:18:BE:8D:47:04:45:8F:CB:D3:38:2C:71:BE
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/wfK_n7QooRi-jUcERY_L0zgscb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.43.46.0/24
89.44.209.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
53:04:f5:f6:30:e8:2c:7a:e6:70:ff:e4:7c:90:6f:d0:76:50:
d8:0a:5f:dc:b9:9e:26:b4:e7:50:de:e6:51:5a:b1:35:8e:4f:
d4:b2:f0:38:f6:51:ca:54:31:ab:bf:83:13:57:89:9c:45:3f:
cf:18:fe:e6:3b:79:df:f6:00:eb:cb:d1:f3:67:77:9e:2d:f1:
1c:74:ba:ad:5b:02:18:0c:13:17:60:a6:db:89:68:88:33:cf:
70:d5:90:6a:cc:37:45:69:20:93:df:2d:85:f9:9d:4f:3f:20:
01:11:36:da:05:5c:62:44:1b:2e:e2:78:37:6a:4c:d9:2e:66:
dd:3c:55:37:7f:c6:03:d3:71:c9:f7:8c:e2:ee:e2:9a:ef:0d:
2d:99:0d:91:02:b3:ac:72:ee:dd:10:0e:f5:5f:2f:35:f0:76:
ae:bd:3f:8e:59:96:d6:5b:6d:58:3e:82:e6:70:fe:65:46:ed:
2e:75:fb:fb:d9:1f:97:9e:e8:65:33:b0:7f:5b:51:e6:17:84:
65:77:70:ad:ac:b0:bc:89:5a:a7:6e:17:7b:f4:c9:7a:f8:c5:
62:b7:70:1b:bf:d6:e1:10:f2:db:2d:28:c3:0d:16:83:d0:0d:
e3:27:8e:38:f4:c9:d5:76:ef:99:10:15:22:3d:fd:90:ce:d3:
9a:16:f3:23
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZSKN+XdasYBUVG9t3MrCuByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwMTIxMTg1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYyYmY5ZmI0MjhhMTE4YmU4ZDQ3MDQ0NThmY2JkMzM4MmM3MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSkJAEp17Z3IXUth2aEnfjiBtuQK
OZ81Xq374VnqC3odpSgoJaF+ARxOnbdVMMEk3sVD8FX9hrxlSfL68F4xGpC2tL0p
y1z+7eUiKbw+W63edllcnnGYhc+GgW0KIr/qZSQHNCOA8aXNa/4E5t/KLtvlpYin
qmksntBKFuJA/UCJT5zolgtq6LfuhMF4fNh+9l/HRrH4mvpHif8sSTPUbZSdhPHq
gVcEdVCy0Ysf3ctaambHymQpGyvjKAf/WlTV/IIF4jEwu7EGMnOrUAYLkwoDUO0y
0F/rBButG8dLj8RRALFxIWjSnywB9QFOwt4CUxo5NCJQHzYbn1PivjyBvQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFMHyv5+0KKEYvo1HBEWPy9M4LHG+MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvd2ZLX243UW9vUmktalVjRVJZX0wwemdzY2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYAQCAAEwWgMEAFXMfQME
AFXMfwMEAFZqaAMEAFkhowMEA1kiCAMEAFkliAMEAFkrLgMEAFks0QMEAF1xngME
AF1yNwMEAF1yYwMEAF1yqwMEALzVEgMEAbzXSAMEALzwDjAPBAIAAjAJAwcAKgW2
gAABMA0GCSqGSIb3DQEBCwUAA4IBAQBTBPX2MOgseuZw/+R8kG/QdlDYCl/cuZ4m
tOdQ3uZRWrE1jk/UsvA49lHKVDGrv4MTV4mcRT/PGP7mO3nf9gDry9HzZ3eeLfEc
dLqtWwIYDBMXYKbbiWiIM89w1ZBqzDdFaSCT3y2F+Z1PPyABETbaBVxiRBsu4ng3
akzZLmbdPFU3f8YD03HJ94zi7uKa7w0tmQ2RArOscu7dEA71Xy818HauvT+OWZbW
W21YPoLmcP5lRu0udfv72R+XnuhlM7B/W1HmF4Rld3CtrLC8iVqnbhd79Ml6+MVi
t3Abv9bhEPLbLSjDDRaD0A3jJ4449MnVdu+ZEBUiPf2QztOaFvMj
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:50 2025 by rpki-client