Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/Wpa4hmGqaI75gZiUQXOgoxJKZrQ.roa
File: Wpa4hmGqaI75gZiUQXOgoxJKZrQ.roa (raw, json)
Hash identifier: u7n3bJbHGTqr0/m/Ag4/bTGdmq3uszY3dE70PEf9ZhI=
Subject key identifier: 5A:96:B8:86:61:AA:68:8E:F9:81:98:94:41:73:A0:A3:12:4A:66:B4
Certificate issuer: /CN=04d9bc828a566b06af4d765dfb5da5bc1d76c725
Certificate serial: 018CC56EC1E5BBDF054BC0DD875DF24DFBB3
Authority key identifier: 04:D9:BC:82:8A:56:6B:06:AF:4D:76:5D:FB:5D:A5:BC:1D:76:C7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNm8gopWawavTXZd-12lvB12xyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/Wpa4hmGqaI75gZiUQXOgoxJKZrQ.roa
Signing time: Mon 01 Jan 2024 14:30:19 +0000
ROA not before: Mon 01 Jan 2024 14:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31742
IP address blocks: 91.241.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c1:e5:bb:df:05:4b:c0:dd:87:5d:f2:4d:fb:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d9bc828a566b06af4d765dfb5da5bc1d76c725
Validity
Not Before: Jan 1 14:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a96b88661aa688ef98198944173a0a3124a66b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:48:aa:03:33:7a:00:12:c1:80:31:4d:33:
6e:6d:49:82:bd:02:e7:34:ea:da:94:bc:ba:c8:2e:
7b:d3:73:1f:bc:4e:c3:a8:b1:d5:eb:10:51:7e:43:
d1:e3:84:0d:4c:7d:86:4e:39:ba:3b:06:6f:8e:b9:
69:f4:2b:2c:6c:4c:69:92:5d:76:be:f2:11:c6:96:
bb:a5:b5:04:c3:6e:26:06:eb:8e:7e:f9:8e:44:89:
f9:ff:5a:cf:46:0a:0f:9d:63:f0:45:6d:02:76:34:
3f:d9:93:e5:4a:1e:c1:bb:2a:b2:03:b5:77:d8:14:
7b:45:b9:d9:2f:c5:9c:00:9c:35:67:5e:4c:8b:cd:
c3:9d:00:32:6b:3d:e8:dd:9b:b3:f6:2f:0e:ad:1a:
92:f0:fc:b6:0b:3b:b5:91:de:5b:2c:83:09:7c:2a:
6b:39:40:9d:cc:74:99:50:c7:1c:77:47:95:39:47:
5f:3b:e2:2c:78:12:a0:c9:ed:1c:af:84:06:fa:1c:
e4:fa:5d:cd:90:41:39:c8:86:9a:2e:9d:f1:9b:bf:
97:e1:7c:14:11:32:14:f1:65:37:e1:46:41:92:f7:
f3:de:06:9e:26:ba:11:f4:44:91:ea:d8:bc:43:68:
fb:66:34:38:03:4e:ee:47:88:e2:f7:51:56:ae:d3:
2f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:96:B8:86:61:AA:68:8E:F9:81:98:94:41:73:A0:A3:12:4A:66:B4
X509v3 Authority Key Identifier:
keyid:04:D9:BC:82:8A:56:6B:06:AF:4D:76:5D:FB:5D:A5:BC:1D:76:C7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNm8gopWawavTXZd-12lvB12xyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/Wpa4hmGqaI75gZiUQXOgoxJKZrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/BNm8gopWawavTXZd-12lvB12xyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e7:55:47:bb:db:cf:ac:94:f2:ae:82:9e:62:20:9e:87:d2:
90:47:5e:a6:a2:2d:94:c4:00:5d:36:82:59:36:15:04:fd:bb:
87:bd:1d:b1:94:78:2b:5d:03:57:67:06:7c:13:68:ea:db:b8:
97:e7:32:c4:a0:cd:5a:8d:c7:99:ea:a5:30:0f:1a:35:f2:a0:
2d:c2:1e:9a:18:20:b3:4a:cf:94:a3:c9:37:22:c4:d6:17:38:
24:b1:4b:0d:07:53:cb:f4:45:00:a4:b9:98:c5:e5:24:d7:db:
8a:b9:b3:df:4f:d8:20:ad:16:e4:de:6a:35:fb:fd:5e:5f:d5:
72:4b:ed:29:40:d9:c0:6f:c7:a9:50:9f:3a:95:b1:cb:17:c0:
79:08:a6:49:9b:a4:e9:da:46:b0:3c:c9:1d:11:f5:1c:1a:95:
66:a6:47:de:36:10:70:48:33:d4:0a:29:c8:8b:cd:c2:c7:fb:
cb:4b:b0:78:c1:ad:8b:78:d1:9e:4f:70:a7:05:92:07:7f:b5:
79:73:4b:f7:31:cf:86:a2:02:4d:3b:95:fb:ed:90:b5:1b:04:
80:92:d5:af:e4:66:80:cc:26:77:2a:ab:60:a8:f3:fd:c0:03:
c7:84:3f:be:78:bd:03:16:9f:b5:bb:f3:61:99:e5:fc:af:73:
76:e0:da:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbsHlu98FS8Ddh13yTfuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDliYzgyOGE1NjZiMDZhZjRkNzY1ZGZiNWRhNWJjMWQ3
NmM3MjUwHhcNMjQwMTAxMTQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk2Yjg4NjYxYWE2ODhlZjk4MTk4OTQ0MTczYTBhMzEyNGE2NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszZIqgMzegASwYAxTTNubUmCvQLn
NOralLy6yC5703MfvE7DqLHV6xBRfkPR44QNTH2GTjm6OwZvjrlp9CssbExpkl12
vvIRxpa7pbUEw24mBuuOfvmORIn5/1rPRgoPnWPwRW0CdjQ/2ZPlSh7BuyqyA7V3
2BR7RbnZL8WcAJw1Z15Mi83DnQAyaz3o3Zuz9i8OrRqS8Py2Czu1kd5bLIMJfCpr
OUCdzHSZUMccd0eVOUdfO+IseBKgye0cr4QG+hzk+l3NkEE5yIaaLp3xm7+X4XwU
ETIU8WU34UZBkvfz3gaeJroR9ESR6ti8Q2j7ZjQ4A07uR4ji91FWrtMv0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqWuIZhqmiO+YGYlEFzoKMSSma0MB8GA1UdIwQY
MBaAFATZvIKKVmsGr012XftdpbwddsclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5tOGdvcFdhd2F2VFhaZC0xMmx2QjEyeHlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83MjQzNWItN2U3ZS00NDdiLWFjMjQt
OTgyYzQyOWQ0MTU2LzEvV3BhNGhtR3FhSTc1Z1ppVVFYT2dveEpLWnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83MjQzNWItN2U3ZS00NDdiLWFjMjQtOTgyYzQyOWQ0MTU2
LzEvQk5tOGdvcFdhd2F2VFhaZC0xMmx2QjEyeHlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/FOMA0G
CSqGSIb3DQEBCwUAA4IBAQAr51VHu9vPrJTyroKeYiCeh9KQR16moi2UxABdNoJZ
NhUE/buHvR2xlHgrXQNXZwZ8E2jq27iX5zLEoM1ajceZ6qUwDxo18qAtwh6aGCCz
Ss+Uo8k3IsTWFzgksUsNB1PL9EUApLmYxeUk19uKubPfT9ggrRbk3mo1+/1eX9Vy
S+0pQNnAb8epUJ86lbHLF8B5CKZJm6Tp2kawPMkdEfUcGpVmpkfeNhBwSDPUCinI
i83Cx/vLS7B4wa2LeNGeT3CnBZIHf7V5c0v3Mc+GogJNO5X77ZC1GwSAktWv5GaA
zCZ3KqtgqPP9wAPHhD++eL0DFp+1u/NhmeX8r3N24Npo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:53 2025 by rpki-client