Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/s_IDwpCguVwOyzDwQX_xogqZpjE.roa
File: s_IDwpCguVwOyzDwQX_xogqZpjE.roa (raw, json)
Hash identifier: VqPOtI83eAX4fTYTIL+664GPFU5dU+iLO0iVsNeQGz0=
Subject key identifier: B3:F2:03:C2:90:A0:B9:5C:0E:CB:30:F0:41:7F:F1:A2:0A:99:A6:31
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 01856FCBA19412AD431580951C86E3640C2A
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/s_IDwpCguVwOyzDwQX_xogqZpjE.roa
Signing time: Mon 02 Jan 2023 00:04:54 +0000
ROA not before: Mon 02 Jan 2023 00:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21321
IP address blocks: 185.139.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:a1:94:12:ad:43:15:80:95:1c:86:e3:64:0c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Jan 2 00:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3f203c290a0b95c0ecb30f0417ff1a20a99a631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:df:db:16:cc:78:d0:fb:d7:6f:86:c2:3c:83:
51:96:9d:15:1c:20:97:38:d7:0c:06:a8:01:83:4b:
95:1f:4c:a9:0f:c6:9d:4b:58:78:0a:a9:3c:3f:dc:
4e:ec:94:52:ed:8f:50:b4:b7:c1:50:05:3c:1b:5c:
d5:b1:a2:12:8c:c4:81:11:eb:9f:28:a9:0e:4d:e7:
e3:87:c3:d8:f3:c7:60:94:d9:9e:62:76:7e:45:c2:
b1:ef:ea:01:67:80:f4:11:f7:71:27:81:46:ff:ca:
a5:ef:38:e7:bf:40:99:51:88:42:48:5b:36:2d:ec:
ea:6c:0a:8e:f3:0b:88:b9:d4:72:4c:82:a2:ba:20:
94:38:63:0a:69:23:cb:fe:c5:da:82:b1:c3:d1:cd:
59:e1:4e:a0:3a:3e:7a:86:38:d6:e6:44:27:53:58:
9f:9c:70:83:d6:34:64:cc:25:c1:95:11:5b:3d:28:
ed:57:29:ad:79:a0:25:bd:65:19:fe:41:76:23:8e:
5e:cf:7b:38:77:be:82:02:b7:f4:53:03:24:80:5d:
c7:ad:58:93:03:4f:9b:56:80:a4:ae:61:6d:b7:9c:
fc:ab:14:2f:dd:b7:2e:61:59:99:f0:b2:ed:11:fa:
5d:bc:10:71:4b:64:75:fc:65:c2:d2:a4:9d:1c:cc:
12:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F2:03:C2:90:A0:B9:5C:0E:CB:30:F0:41:7F:F1:A2:0A:99:A6:31
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/s_IDwpCguVwOyzDwQX_xogqZpjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:25:22:b6:6e:85:e4:38:97:8b:f4:36:4b:33:66:0e:58:0d:
90:82:cf:7d:78:aa:63:39:74:d2:19:ba:3d:c9:c9:68:5a:7f:
7e:7b:b4:5a:0b:3b:be:0d:46:b3:a8:19:2a:45:46:d5:9c:e9:
96:f5:b9:6a:50:c6:67:5f:ae:0d:05:fe:36:43:55:af:10:f5:
f7:4a:e7:e6:c2:68:c9:a7:46:b0:e1:48:bc:28:45:4c:2c:9d:
b0:19:3a:d9:f3:92:9d:de:38:ea:cc:f2:77:f1:6b:9e:e2:e4:
d2:3d:72:98:18:7a:7a:d3:b8:db:b0:0b:3b:1f:4a:0f:4d:d8:
d6:cb:c1:ab:3d:a7:f4:30:45:98:b9:8f:c9:e2:f6:f5:e9:09:
41:16:64:a7:6d:33:94:6d:5d:6d:ca:b9:e4:f4:67:d8:4b:1a:
cf:71:15:08:57:5b:16:42:a4:89:02:4d:77:e8:e9:70:f8:2c:
bf:b4:cb:a5:68:83:f3:71:c1:c4:7d:75:00:53:52:cc:14:7a:
0b:24:73:48:44:8d:fc:d5:a9:1d:d7:da:60:28:93:17:cc:c9:
b2:da:65:04:f4:f4:3c:8a:03:de:e3:93:6d:1e:a8:bf:ab:38:
16:7e:f2:3e:f6:90:bb:52:42:eb:ab:cf:f0:28:30:d8:97:1f:
14:49:58:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy6GUEq1DFYCVHIbjZAwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMwMTAyMDAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YyMDNjMjkwYTBiOTVjMGVjYjMwZjA0MTdmZjFhMjBhOTlhNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd/bFsx40PvXb4bCPINRlp0VHCCX
ONcMBqgBg0uVH0ypD8adS1h4Cqk8P9xO7JRS7Y9QtLfBUAU8G1zVsaISjMSBEeuf
KKkOTefjh8PY88dglNmeYnZ+RcKx7+oBZ4D0EfdxJ4FG/8ql7zjnv0CZUYhCSFs2
LezqbAqO8wuIudRyTIKiuiCUOGMKaSPL/sXagrHD0c1Z4U6gOj56hjjW5kQnU1if
nHCD1jRkzCXBlRFbPSjtVymteaAlvWUZ/kF2I45ez3s4d76CArf0UwMkgF3HrViT
A0+bVoCkrmFtt5z8qxQv3bcuYVmZ8LLtEfpdvBBxS2R1/GXC0qSdHMwSZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPyA8KQoLlcDssw8EF/8aIKmaYxMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvc19JRHdwQ2d1VndPeXpEd1FYX3hvZ3FacGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYsYMA0G
CSqGSIb3DQEBCwUAA4IBAQCyJSK2boXkOJeL9DZLM2YOWA2Qgs99eKpjOXTSGbo9
ycloWn9+e7RaCzu+DUazqBkqRUbVnOmW9blqUMZnX64NBf42Q1WvEPX3SufmwmjJ
p0aw4Ui8KEVMLJ2wGTrZ85Kd3jjqzPJ38Wue4uTSPXKYGHp607jbsAs7H0oPTdjW
y8GrPaf0MEWYuY/J4vb16QlBFmSnbTOUbV1tyrnk9GfYSxrPcRUIV1sWQqSJAk13
6Olw+Cy/tMulaIPzccHEfXUAU1LMFHoLJHNIRI381akd19pgKJMXzMmy2mUE9PQ8
igPe45NtHqi/qzgWfvI+9pC7UkLrq8/wKDDYlx8USVjd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:11 2025 by rpki-client