Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ed334c-d797-425a-93a1-a9cc89d44b25/1/Wky7GIO48q5Am7lt9_maGgpqgJU.roa
File: Wky7GIO48q5Am7lt9_maGgpqgJU.roa (raw, json)
Hash identifier: zVs1sI4WsKaD65jBAnhtkrYGwGsMw1WHVF/3i95RTn0=
Subject key identifier: 5A:4C:BB:18:83:B8:F2:AE:40:9B:B9:6D:F7:F9:9A:1A:0A:6A:80:95
Certificate issuer: /CN=2a7df35d41b4062c10fc118189de47da27096db8
Certificate serial: 01951ACCC72D7C28BCA2A56BC6DFDD46EF86
Authority key identifier: 2A:7D:F3:5D:41:B4:06:2C:10:FC:11:81:89:DE:47:DA:27:09:6D:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kn3zXUG0BiwQ_BGBid5H2icJbbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/ed334c-d797-425a-93a1-a9cc89d44b25/1/Wky7GIO48q5Am7lt9_maGgpqgJU.roa
Signing time: Tue 18 Feb 2025 20:43:02 +0000
ROA not before: Tue 18 Feb 2025 20:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 212.4.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1a:cc:c7:2d:7c:28:bc:a2:a5:6b:c6:df:dd:46:ef:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a7df35d41b4062c10fc118189de47da27096db8
Validity
Not Before: Feb 18 20:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a4cbb1883b8f2ae409bb96df7f99a1a0a6a8095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:06:22:78:32:82:63:5e:87:75:8b:22:59:
88:fd:8e:9a:b9:7d:bd:9c:ab:a4:e4:1c:fa:47:4b:
9b:99:8e:d4:3e:dd:08:17:50:3a:73:28:e3:7c:91:
e1:c7:23:4a:82:e6:5c:41:95:38:57:aa:e7:65:23:
bd:f2:1f:28:8f:d1:9f:ec:f8:89:66:65:42:31:ed:
6a:f0:74:a7:48:92:fd:5a:ab:1f:24:dc:5e:87:b9:
07:67:81:02:5a:48:7e:13:3b:00:6c:2d:88:83:ac:
f8:7c:a6:b1:f5:e3:32:24:31:93:ef:27:11:93:e1:
21:82:38:aa:e7:c3:42:8d:61:c3:c0:57:c9:ee:2f:
09:80:4e:c2:77:3d:01:36:1f:0e:50:72:06:0a:92:
b1:9a:1b:22:1f:ff:75:aa:2b:cc:5f:18:01:2c:a8:
84:7c:c5:2c:5a:21:30:4d:0a:8d:78:74:b1:9b:b4:
c2:14:31:88:7c:76:93:a8:d2:1b:48:2a:89:22:00:
f0:6b:f5:52:be:ac:39:03:0e:5c:cf:22:53:df:86:
df:0f:19:83:91:7f:55:72:0f:b7:47:80:cb:82:fa:
19:cf:4c:6e:c0:a4:d2:96:a1:e3:1c:da:5a:f6:64:
2c:c9:9f:12:a2:b8:a6:fa:47:b0:43:96:fe:e1:23:
2b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4C:BB:18:83:B8:F2:AE:40:9B:B9:6D:F7:F9:9A:1A:0A:6A:80:95
X509v3 Authority Key Identifier:
keyid:2A:7D:F3:5D:41:B4:06:2C:10:FC:11:81:89:DE:47:DA:27:09:6D:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn3zXUG0BiwQ_BGBid5H2icJbbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ed334c-d797-425a-93a1-a9cc89d44b25/1/Wky7GIO48q5Am7lt9_maGgpqgJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ed334c-d797-425a-93a1-a9cc89d44b25/1/Kn3zXUG0BiwQ_BGBid5H2icJbbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.4.27.0/24
Signature Algorithm: sha256WithRSAEncryption
02:9c:9f:e1:21:2b:da:05:b0:69:bb:db:fe:d5:2c:b2:59:64:
6a:7d:cf:c6:33:f1:fe:fb:50:1d:cf:ec:18:c3:60:5e:bd:5b:
b1:4a:85:a3:2b:b8:5c:fb:ab:52:06:10:e5:c3:63:ae:cc:93:
49:39:cb:99:89:70:21:6a:c8:d0:48:1f:91:5a:4b:ec:c7:ab:
57:5d:fb:d4:ff:d8:76:31:29:3e:0a:7f:21:c6:d9:a4:83:9e:
9d:ea:46:cf:90:c7:26:71:79:dd:ce:64:11:a0:47:3a:df:70:
b0:c9:70:26:4f:e7:8a:87:b5:14:f6:08:c7:ec:06:4d:51:f6:
7b:40:41:83:0c:5f:ea:41:6d:b7:27:d7:fd:4a:31:c3:28:51:
bf:47:41:54:a3:37:8c:7c:0d:81:d8:87:dc:c4:a2:64:3c:8e:
07:c6:eb:54:77:b8:62:91:8a:96:75:aa:21:8f:bd:7c:5b:b1:
5a:ed:8e:21:aa:47:00:5e:60:55:f6:e2:e5:04:8b:c6:19:8e:
47:8b:7d:d2:83:b0:77:af:64:77:bd:f1:7b:bf:50:90:f4:60:
25:27:0d:7d:94:f3:c7:b2:6b:0b:8f:e7:dd:6e:50:42:e9:41:
1b:22:f1:19:c4:63:f1:8a:ad:80:3a:a5:2e:c5:ea:d8:13:25:
7e:5e:68:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUazMctfCi8oqVrxt/dRu+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2RmMzVkNDFiNDA2MmMxMGZjMTE4MTg5ZGU0N2RhMjcw
OTZkYjgwHhcNMjUwMjE4MjA0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRjYmIxODgzYjhmMmFlNDA5YmI5NmRmN2Y5OWExYTBhNmE4MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybEGIngygmNeh3WLIlmI/Y6auX29
nKuk5Bz6R0ubmY7UPt0IF1A6cyjjfJHhxyNKguZcQZU4V6rnZSO98h8oj9Gf7PiJ
ZmVCMe1q8HSnSJL9WqsfJNxeh7kHZ4ECWkh+EzsAbC2Ig6z4fKax9eMyJDGT7ycR
k+Ehgjiq58NCjWHDwFfJ7i8JgE7Cdz0BNh8OUHIGCpKxmhsiH/91qivMXxgBLKiE
fMUsWiEwTQqNeHSxm7TCFDGIfHaTqNIbSCqJIgDwa/VSvqw5Aw5czyJT34bfDxmD
kX9Vcg+3R4DLgvoZz0xuwKTSlqHjHNpa9mQsyZ8Sorim+kewQ5b+4SMrowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpMuxiDuPKuQJu5bff5mhoKaoCVMB8GA1UdIwQY
MBaAFCp9811BtAYsEPwRgYneR9onCW24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24zelhVRzBCaXdRX0JHQmlkNUgyaWNKYmJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZDMzNGMtZDc5Ny00MjVhLTkzYTEt
YTljYzg5ZDQ0YjI1LzEvV2t5N0dJTzQ4cTVBbTdsdDlfbWFHZ3BxZ0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZDMzNGMtZDc5Ny00MjVhLTkzYTEtYTljYzg5ZDQ0YjI1
LzEvS24zelhVRzBCaXdRX0JHQmlkNUgyaWNKYmJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AQbMA0G
CSqGSIb3DQEBCwUAA4IBAQACnJ/hISvaBbBpu9v+1SyyWWRqfc/GM/H++1Adz+wY
w2BevVuxSoWjK7hc+6tSBhDlw2OuzJNJOcuZiXAhasjQSB+RWkvsx6tXXfvU/9h2
MSk+Cn8hxtmkg56d6kbPkMcmcXndzmQRoEc633CwyXAmT+eKh7UU9gjH7AZNUfZ7
QEGDDF/qQW23J9f9SjHDKFG/R0FUozeMfA2B2IfcxKJkPI4HxutUd7hikYqWdaoh
j718W7Fa7Y4hqkcAXmBV9uLlBIvGGY5Hi33Sg7B3r2R3vfF7v1CQ9GAlJw19lPPH
smsLj+fdblBC6UEbIvEZxGPxiq2AOqUuxerYEyV+Xmhq
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:44 2025 by rpki-client