Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/wWNRdFWkzsrzPRdYPLpt7t1EH44.roa
File: wWNRdFWkzsrzPRdYPLpt7t1EH44.roa (raw, json)
Hash identifier: jdk5fXDfmvLAmCXB7Op/+o6QmlltLAtxqbK6vg83GwE=
Subject key identifier: C1:63:51:74:55:A4:CE:CA:F3:3D:17:58:3C:BA:6D:EE:DD:44:1F:8E
Certificate issuer: /CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Certificate serial: 019427473EDDC5A8AAC280BC9EA535FC1771
Authority key identifier: A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/wWNRdFWkzsrzPRdYPLpt7t1EH44.roa
Signing time: Thu 02 Jan 2025 13:49:28 +0000
ROA not before: Thu 02 Jan 2025 13:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39122
IP address blocks: 185.17.238.0/23 maxlen: 23
2a03:dd41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:3e:dd:c5:a8:aa:c2:80:bc:9e:a5:35:fc:17:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Validity
Not Before: Jan 2 13:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c163517455a4cecaf33d17583cba6deedd441f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bf:24:51:1c:70:cd:da:ea:cc:33:3d:75:2f:
fd:9e:d5:66:c8:24:45:8a:33:17:02:a2:1f:9a:0e:
78:1e:5f:3f:3c:cf:c0:c9:0c:5d:cc:71:43:50:0d:
da:6c:fa:58:e2:47:08:eb:0e:db:c3:36:3c:1d:b6:
c5:b8:bd:f8:8a:55:6b:58:d9:29:10:84:e8:4e:73:
ec:23:5e:4b:dc:68:27:40:b9:5c:9e:f3:f6:69:b5:
b9:7d:bf:45:e5:4e:d5:eb:e4:01:03:cf:b6:48:a2:
e9:b5:95:46:60:be:f1:b9:14:d7:db:3b:fa:7a:3c:
0a:08:99:ac:27:ce:a1:fe:b2:df:d7:cf:3c:74:9a:
f6:42:92:a3:8d:ad:73:9c:0b:ce:62:c3:31:2e:28:
5f:1b:68:c8:6c:b0:11:99:9e:9e:94:e4:81:8e:c6:
c3:cd:06:99:3e:7b:db:54:1b:df:3a:1a:98:01:6c:
af:f4:93:d6:c3:57:43:47:b0:77:72:61:04:89:cd:
f7:cf:89:46:64:ca:b4:67:b0:d4:f0:0a:dd:20:48:
47:cb:e0:ce:2b:16:da:96:44:5f:2f:de:97:74:e4:
8d:e2:03:99:9d:12:53:c0:4f:d4:34:6e:ff:2e:a8:
20:5a:5c:20:8d:88:d3:f5:d8:ca:b5:fa:45:66:33:
ea:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:63:51:74:55:A4:CE:CA:F3:3D:17:58:3C:BA:6D:EE:DD:44:1F:8E
X509v3 Authority Key Identifier:
keyid:A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/wWNRdFWkzsrzPRdYPLpt7t1EH44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.238.0/23
IPv6:
2a03:dd41::/32
Signature Algorithm: sha256WithRSAEncryption
49:e1:00:8c:32:12:25:f2:c3:6c:73:cd:6e:9e:58:ab:08:2e:
2e:4b:a6:8a:4d:e2:15:45:30:35:ac:5d:d4:9b:a8:a5:ae:93:
4b:39:02:66:d7:37:01:45:db:0e:e4:16:71:f2:67:c0:b9:6a:
5b:0a:b4:16:d1:4e:f0:ad:41:c4:4b:50:11:c0:01:9e:58:2b:
59:9d:6e:fa:a9:43:01:ab:24:c6:d2:2c:47:0e:ba:01:a1:2c:
05:83:0b:75:73:ae:5d:ba:7b:39:ba:7a:29:f5:1b:00:3d:9a:
c5:38:d0:fa:ef:4d:e4:f3:fa:ec:c2:18:04:89:a8:95:35:d2:
cb:45:9d:27:a9:38:d0:4b:e6:ec:72:b5:79:ea:94:0c:3c:88:
c3:26:29:24:a0:26:e2:50:66:05:32:44:03:03:fd:9b:1e:56:
7c:28:b1:0b:de:54:16:4c:fe:5b:11:5d:f5:bf:36:0f:16:e2:
4a:0c:b4:5e:e1:91:ad:85:27:7f:6c:78:3f:91:df:53:1b:a4:
e0:96:bc:f5:f6:b7:69:e5:00:65:48:e6:07:9f:7d:68:e6:b8:
95:e8:8c:39:53:23:dc:2c:c1:b3:1f:d7:39:ae:1c:54:51:2c:
27:ad:ca:e4:6d:dd:a9:87:86:c4:c6:38:c5:c9:66:57:74:ee:
eb:99:59:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnRz7dxaiqwoC8nqU1/BdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDlhY2E4NWRjNjZjODNjZTU1ZWNkYzA0NWM5NjA3NWNh
N2RlYmMwHhcNMjUwMTAyMTM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTYzNTE3NDU1YTRjZWNhZjMzZDE3NTgzY2JhNmRlZWRkNDQxZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL8kURxwzdrqzDM9dS/9ntVmyCRF
ijMXAqIfmg54Hl8/PM/AyQxdzHFDUA3abPpY4kcI6w7bwzY8HbbFuL34ilVrWNkp
EIToTnPsI15L3GgnQLlcnvP2abW5fb9F5U7V6+QBA8+2SKLptZVGYL7xuRTX2zv6
ejwKCJmsJ86h/rLf1888dJr2QpKjja1znAvOYsMxLihfG2jIbLARmZ6elOSBjsbD
zQaZPnvbVBvfOhqYAWyv9JPWw1dDR7B3cmEEic33z4lGZMq0Z7DU8ArdIEhHy+DO
KxbalkRfL96XdOSN4gOZnRJTwE/UNG7/LqggWlwgjYjT9djKtfpFZjPqmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMFjUXRVpM7K8z0XWDy6be7dRB+OMB8GA1UdIwQY
MBaAFKdJrKhdxmyDzlXs3ARclgdcp968MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2Mt
NGM5ZjQzZjg3OGFiLzEvd1dOUmRGV2t6c3J6UFJkWVBMcHQ3dDFFSDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2MtNGM5ZjQzZjg3OGFi
LzEvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuRHuMA0E
AgACMAcDBQAqA91BMA0GCSqGSIb3DQEBCwUAA4IBAQBJ4QCMMhIl8sNsc81unlir
CC4uS6aKTeIVRTA1rF3Um6ilrpNLOQJm1zcBRdsO5BZx8mfAuWpbCrQW0U7wrUHE
S1ARwAGeWCtZnW76qUMBqyTG0ixHDroBoSwFgwt1c65duns5unop9RsAPZrFOND6
703k8/rswhgEiaiVNdLLRZ0nqTjQS+bscrV56pQMPIjDJikkoCbiUGYFMkQDA/2b
HlZ8KLEL3lQWTP5bEV31vzYPFuJKDLRe4ZGthSd/bHg/kd9TG6Tglrz19rdp5QBl
SOYHn31o5riV6Iw5UyPcLMGzH9c5rhxUUSwnrcrkbd2ph4bExjjFyWZXdO7rmVlJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:27 2025 by rpki-client