Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/Wf9uP77TaY5c04oTfA41-VKsryI.roa
File: Wf9uP77TaY5c04oTfA41-VKsryI.roa (raw, json)
Hash identifier: W9opM0RUf/eIKwPN+ONOorimfOXiRirDJEiAp+6VpI4=
Subject key identifier: 59:FF:6E:3F:BE:D3:69:8E:5C:D3:8A:13:7C:0E:35:F9:52:AC:AF:22
Certificate issuer: /CN=62c4300ec34d6c8df50b18196e6fca58b1393126
Certificate serial: 01843748369A18D11DD4B940529A0AEA5870
Authority key identifier: 62:C4:30:0E:C3:4D:6C:8D:F5:0B:18:19:6E:6F:CA:58:B1:39:31:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YsQwDsNNbI31CxgZbm_KWLE5MSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/Wf9uP77TaY5c04oTfA41-VKsryI.roa
Signing time: Wed 02 Nov 2022 07:39:50 +0000
ROA not before: Wed 02 Nov 2022 07:39:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20454
IP address blocks: 85.208.138.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:48:36:9a:18:d1:1d:d4:b9:40:52:9a:0a:ea:58:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62c4300ec34d6c8df50b18196e6fca58b1393126
Validity
Not Before: Nov 2 07:39:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59ff6e3fbed3698e5cd38a137c0e35f952acaf22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f7:cb:02:c6:fa:45:6a:bc:47:26:d4:a6:11:
b8:bd:9c:92:ed:8f:3e:bf:99:5a:58:df:2a:b6:c3:
2a:a4:43:73:05:61:b0:e6:47:41:aa:63:cd:f3:f5:
b9:3e:18:41:ad:a8:66:f8:d7:44:c1:cb:c0:53:8a:
52:e1:7d:c1:aa:c3:d4:0f:c2:2d:19:ef:47:26:98:
e8:f9:19:f3:c4:8e:49:49:ca:92:9e:da:7f:e8:54:
d6:90:22:f0:d2:69:c6:81:6c:f3:33:52:bf:c2:07:
44:ce:fb:0d:f5:ad:9c:20:71:3c:ed:e5:ef:be:fe:
a1:46:dc:7c:6e:e8:76:43:21:e6:3c:2b:96:77:2f:
6e:26:4e:39:ce:93:92:46:ff:f8:8f:fd:b6:af:93:
4a:de:66:e8:98:ae:75:a2:13:2d:61:28:c1:9c:75:
b7:dc:62:dc:62:89:37:d6:b1:1b:ec:f2:df:c9:81:
b9:38:04:3f:65:55:ce:d3:62:67:9f:5a:6c:82:30:
a7:e7:7a:7a:7f:89:7d:29:72:21:da:d9:7a:1e:18:
a5:80:1e:0f:f6:43:aa:40:ea:ba:2d:19:5c:69:26:
90:63:fa:27:03:2c:f6:da:28:b9:a9:3c:de:bb:c1:
0d:cb:4a:02:d2:a7:6c:df:81:1c:9e:c3:3f:40:02:
6f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:FF:6E:3F:BE:D3:69:8E:5C:D3:8A:13:7C:0E:35:F9:52:AC:AF:22
X509v3 Authority Key Identifier:
keyid:62:C4:30:0E:C3:4D:6C:8D:F5:0B:18:19:6E:6F:CA:58:B1:39:31:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsQwDsNNbI31CxgZbm_KWLE5MSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/Wf9uP77TaY5c04oTfA41-VKsryI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/YsQwDsNNbI31CxgZbm_KWLE5MSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.138.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:f6:e7:52:58:a7:3f:44:3f:41:dd:84:a5:47:3d:fc:bd:30:
72:58:66:6f:48:0d:50:88:e1:44:15:dd:38:13:c7:c9:cf:77:
68:6b:14:4a:5a:5c:4e:ce:b3:06:c2:3e:2c:7f:2d:ef:ad:23:
6e:df:1d:cd:88:e2:d0:57:b6:9a:f1:a4:dd:6a:7f:29:4c:6d:
13:3c:fc:3c:36:34:1c:b0:95:6a:4f:ca:d1:1e:88:09:ba:c3:
32:6d:f7:82:68:af:66:a1:07:a1:cc:fc:e3:5c:42:f5:dc:f1:
f3:05:44:97:8d:e3:31:80:05:9a:81:97:fc:65:14:80:63:4d:
b3:40:5f:54:05:88:be:8a:ad:bb:1c:e1:81:e3:fe:45:c6:7f:
26:e4:51:28:05:ea:9e:66:39:c1:d5:fc:1b:c6:a4:9f:01:00:
62:28:48:06:5d:02:bd:af:be:87:57:1d:8f:e0:e8:de:b0:91:
da:1e:82:08:e1:fa:33:0f:36:c0:fa:d1:87:23:3b:f9:8f:3c:
78:69:e7:f3:da:4e:57:9c:38:2a:d8:81:b7:07:c1:97:41:f9:
2e:6e:6d:02:bd:14:02:6d:74:d2:30:e3:31:04:b5:e8:51:e4:
74:ed:5c:52:46:cc:f7:0c:01:40:8e:86:fe:33:17:5e:85:75:
cd:e0:0a:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3SDaaGNEd1LlAUpoK6lhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYzQzMDBlYzM0ZDZjOGRmNTBiMTgxOTZlNmZjYTU4YjEz
OTMxMjYwHhcNMjIxMTAyMDczOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZmNmUzZmJlZDM2OThlNWNkMzhhMTM3YzBlMzVmOTUyYWNhZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvfLAsb6RWq8RybUphG4vZyS7Y8+
v5laWN8qtsMqpENzBWGw5kdBqmPN8/W5PhhBrahm+NdEwcvAU4pS4X3BqsPUD8It
Ge9HJpjo+RnzxI5JScqSntp/6FTWkCLw0mnGgWzzM1K/wgdEzvsN9a2cIHE87eXv
vv6hRtx8buh2QyHmPCuWdy9uJk45zpOSRv/4j/22r5NK3mbomK51ohMtYSjBnHW3
3GLcYok31rEb7PLfyYG5OAQ/ZVXO02Jnn1psgjCn53p6f4l9KXIh2tl6HhilgB4P
9kOqQOq6LRlcaSaQY/onAyz22ii5qTzeu8ENy0oC0qds34EcnsM/QAJvlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFn/bj++02mOXNOKE3wONflSrK8iMB8GA1UdIwQY
MBaAFGLEMA7DTWyN9QsYGW5vylixOTEmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXNRd0RzTk5iSTMxQ3hnWmJtX0tXTEU1TVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82OGE4OTUtNjAyMS00ZmZjLWIxM2It
YzY3M2M1MDkzNTY3LzEvV2Y5dVA3N1RhWTVjMDRvVGZBNDEtVktzcnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82OGE4OTUtNjAyMS00ZmZjLWIxM2ItYzY3M2M1MDkzNTY3
LzEvWXNRd0RzTk5iSTMxQ3hnWmJtX0tXTEU1TVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdCKMA0G
CSqGSIb3DQEBCwUAA4IBAQB99udSWKc/RD9B3YSlRz38vTByWGZvSA1QiOFEFd04
E8fJz3doaxRKWlxOzrMGwj4sfy3vrSNu3x3NiOLQV7aa8aTdan8pTG0TPPw8NjQc
sJVqT8rRHogJusMybfeCaK9moQehzPzjXEL13PHzBUSXjeMxgAWagZf8ZRSAY02z
QF9UBYi+iq27HOGB4/5Fxn8m5FEoBeqeZjnB1fwbxqSfAQBiKEgGXQK9r76HVx2P
4OjesJHaHoII4fozDzbA+tGHIzv5jzx4aefz2k5XnDgq2IG3B8GXQfkubm0CvRQC
bXTSMOMxBLXoUeR07VxSRsz3DAFAjob+MxdehXXN4Ary
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:13 2025 by rpki-client