Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/WlFkHZf-mGa6meWaQmN57qSrEtA.roa
File: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (raw, json)
Hash identifier: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=
Subject key identifier: 5A:51:64:1D:97:FE:98:66:BA:99:E5:9A:42:63:79:EE:A4:AB:12:D0
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 019421B19695387C1C929A80571E803E4A3D
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/WlFkHZf-mGa6meWaQmN57qSrEtA.roa
Signing time: Wed 01 Jan 2025 11:47:53 +0000
ROA not before: Wed 01 Jan 2025 11:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8508
IP address blocks: 91.220.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:96:95:38:7c:1c:92:9a:80:57:1e:80:3e:4a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Jan 1 11:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a51641d97fe9866ba99e59a426379eea4ab12d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e7:e0:a8:a7:0e:fe:11:9f:ce:2f:87:22:f4:
9a:75:5b:83:7e:fd:67:92:b2:66:0a:8d:26:e0:5f:
3f:70:a6:5d:10:23:ce:c7:1b:dd:39:92:aa:3e:27:
5b:6f:d7:47:b3:a2:e3:ba:4f:a2:d4:f9:6c:f6:6a:
ee:0e:9b:23:5c:69:dd:3c:d8:9d:27:4d:71:2d:16:
8a:2f:94:88:37:2e:24:2c:cb:0a:5b:34:c9:f5:f7:
c3:63:25:cf:94:70:cf:e4:14:62:0c:0f:a3:a2:15:
1c:6a:03:14:c3:16:64:1b:c3:20:95:16:ad:6c:7e:
ff:e2:32:09:e2:28:ee:99:e1:49:65:64:ca:ae:2a:
43:76:58:89:4d:eb:9d:83:b4:f9:bf:66:f4:7c:50:
9d:69:9c:90:fd:1a:13:d7:87:55:f7:b4:b7:d1:68:
a2:f2:a8:9b:ac:4b:42:1b:c3:e5:58:28:45:09:b3:
ce:45:b6:c4:aa:31:21:47:34:32:15:b4:23:e3:aa:
b0:a8:23:0c:a7:c8:1f:3c:c3:5f:34:7a:5e:d4:68:
23:29:d9:19:9f:14:02:89:ac:43:5b:b3:19:3e:c1:
a3:82:eb:28:5d:3b:a4:cf:a4:82:31:a5:1f:5e:c7:
44:07:e9:33:b0:33:5d:18:bc:47:35:df:57:29:69:
ab:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:51:64:1D:97:FE:98:66:BA:99:E5:9A:42:63:79:EE:A4:AB:12:D0
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/WlFkHZf-mGa6meWaQmN57qSrEtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.103.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:66:d2:82:51:f5:db:6b:16:8c:39:a6:55:5b:c9:bd:9e:96:
18:38:b8:0a:de:b8:c2:19:80:7d:77:c9:95:1c:37:12:c7:fc:
23:71:03:09:d7:cd:c2:c5:e1:dd:e3:2a:66:11:d2:5c:f6:7e:
1b:b6:95:be:a9:dd:4f:e8:10:06:1d:34:10:3b:ab:35:84:73:
78:4e:c4:b7:41:37:db:60:b6:f4:86:2c:0f:57:a1:f4:3a:df:
15:f7:7b:fa:98:5b:68:90:a7:b7:8f:29:e8:19:9c:d7:26:54:
d5:49:81:a3:1c:e8:b2:36:75:79:b7:0f:d0:99:f4:2e:cb:d3:
59:5a:c6:f3:97:47:67:95:e1:ac:19:d7:15:3a:bf:16:99:2e:
4b:d8:fc:77:26:da:48:db:7f:40:5e:ba:6d:f4:2a:85:26:6c:
0e:50:8b:23:58:3c:cd:b4:36:b4:36:96:2c:99:0e:0e:76:2e:
a3:54:86:51:9b:09:70:5d:5f:92:74:aa:52:27:d4:2e:a1:80:
0d:13:e5:5c:e8:31:19:4c:00:21:ef:5b:c1:42:dd:be:fe:34:
6d:a7:e1:a2:99:09:05:84:84:da:18:88:33:3c:70:7e:60:8d:
3a:8d:05:49:cd:55:dd:58:bf:f2:22:d6:f0:44:2f:2d:e8:b8:
7c:b0:02:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsZaVOHwckpqAVx6APko9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjUwMTAxMTE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTUxNjQxZDk3ZmU5ODY2YmE5OWU1OWE0MjYzNzllZWE0YWIxMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+fgqKcO/hGfzi+HIvSadVuDfv1n
krJmCo0m4F8/cKZdECPOxxvdOZKqPidbb9dHs6Ljuk+i1Pls9mruDpsjXGndPNid
J01xLRaKL5SINy4kLMsKWzTJ9ffDYyXPlHDP5BRiDA+johUcagMUwxZkG8MglRat
bH7/4jIJ4ijumeFJZWTKripDdliJTeudg7T5v2b0fFCdaZyQ/RoT14dV97S30Wii
8qibrEtCG8PlWChFCbPORbbEqjEhRzQyFbQj46qwqCMMp8gfPMNfNHpe1GgjKdkZ
nxQCiaxDW7MZPsGjgusoXTukz6SCMaUfXsdEB+kzsDNdGLxHNd9XKWmrmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpRZB2X/phmupnlmkJjee6kqxLQMB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvV2xGa0haZi1tR2E2bWVXYVFtTjU3cVNyRXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xnMA0G
CSqGSIb3DQEBCwUAA4IBAQBbZtKCUfXbaxaMOaZVW8m9npYYOLgK3rjCGYB9d8mV
HDcSx/wjcQMJ183CxeHd4ypmEdJc9n4btpW+qd1P6BAGHTQQO6s1hHN4TsS3QTfb
YLb0hiwPV6H0Ot8V93v6mFtokKe3jynoGZzXJlTVSYGjHOiyNnV5tw/QmfQuy9NZ
Wsbzl0dnleGsGdcVOr8WmS5L2Px3JtpI239AXrpt9CqFJmwOUIsjWDzNtDa0NpYs
mQ4Odi6jVIZRmwlwXV+SdKpSJ9QuoYANE+Vc6DEZTAAh71vBQt2+/jRtp+GimQkF
hITaGIgzPHB+YI06jQVJzVXdWL/yItbwRC8t6Lh8sAK/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:19 2025 by rpki-client