Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/oMWup55nUaojGXh2IYtrkxVaIxk.roa
File: oMWup55nUaojGXh2IYtrkxVaIxk.roa (raw, json)
Hash identifier: IgvfZQFj2syunyqqYTcXoGNSKYWlXxrN3iDEjFeptJ0=
Subject key identifier: A0:C5:AE:A7:9E:67:51:AA:23:19:78:76:21:8B:6B:93:15:5A:23:19
Certificate issuer: /CN=c20e65caddbecd48d2f87787993113842bdfce5d
Certificate serial: 019423D755BC2F7C753EED59600C59D03800
Authority key identifier: C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/oMWup55nUaojGXh2IYtrkxVaIxk.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197726
IP address blocks: 91.231.84.0/23 maxlen: 23
91.231.86.0/23 maxlen: 23
195.64.154.0/23 maxlen: 23
195.88.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:55:bc:2f:7c:75:3e:ed:59:60:0c:59:d0:38:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c20e65caddbecd48d2f87787993113842bdfce5d
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0c5aea79e6751aa23197876218b6b93155a2319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:19:67:69:b0:6f:a0:9b:15:c7:dc:b2:c5:ba:
7c:40:85:9b:3e:ca:e8:9a:d4:29:25:e2:c4:c1:25:
83:2c:39:6d:49:00:4e:b8:38:61:7b:68:bc:5a:8a:
55:a2:b4:fc:36:6a:d3:fa:02:66:88:cd:89:5d:8c:
39:85:37:5b:73:66:7b:a5:39:1e:88:71:f3:82:83:
fa:43:ab:1d:e1:fd:be:fd:b0:6d:eb:9e:2d:b8:ab:
32:7e:c7:37:d0:f2:d8:89:21:ad:fd:85:9c:2d:a3:
70:fb:e1:c8:67:04:4d:34:01:82:f5:45:8d:72:80:
03:14:1a:72:2b:47:c5:3c:16:27:77:14:88:2c:b1:
7d:b0:7f:02:b6:bf:e8:c8:93:4b:19:e1:b1:9e:b7:
6a:d0:c9:2c:30:73:29:ae:a5:dd:24:58:76:f5:b6:
cc:e3:90:85:74:70:dc:c8:ce:41:a0:6e:3b:7c:b9:
b0:5f:55:fb:84:c4:c4:32:c9:f5:ce:a5:66:c5:58:
d8:75:6d:26:99:d4:69:9f:93:ca:ff:e5:ec:db:5e:
62:9f:6e:74:92:be:c7:54:58:21:33:02:03:b7:0f:
b4:cc:ae:12:38:97:41:9b:b0:8f:77:3e:b1:87:63:
99:70:44:a2:fe:3d:f1:0b:45:36:09:91:bf:87:7f:
42:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C5:AE:A7:9E:67:51:AA:23:19:78:76:21:8B:6B:93:15:5A:23:19
X509v3 Authority Key Identifier:
keyid:C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/oMWup55nUaojGXh2IYtrkxVaIxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.84.0/22
195.64.154.0/23
195.88.243.0/24
Signature Algorithm: sha256WithRSAEncryption
53:61:3d:1d:d7:c3:a5:34:10:04:38:ff:1b:2e:7b:27:f7:c9:
45:29:5b:2d:e9:d0:bc:8a:cb:40:8d:62:70:f7:08:c4:31:b7:
98:13:06:40:91:7e:4e:53:d6:0d:08:e7:9f:b5:e1:f4:1f:aa:
22:24:66:f8:57:39:d0:6e:29:2d:e7:14:bc:d9:8d:82:ee:8e:
52:6c:6a:c2:31:57:93:5e:64:b3:ea:6b:24:d0:e1:48:9c:ef:
f8:0d:b1:3f:1c:d2:47:a3:45:c1:65:ec:bf:9a:29:35:52:b0:
46:4a:98:20:70:cf:72:93:62:9a:e7:4e:78:b9:51:8a:04:95:
5e:01:6d:d8:7d:21:46:3e:a5:c2:f3:25:08:ea:a3:10:33:59:
5c:0e:da:be:90:f7:d4:1a:e1:f0:bc:ae:2f:b9:f7:c2:5f:ed:
54:18:19:d1:a5:2c:a3:a6:1a:ee:0e:18:74:a4:5d:1b:86:e4:
14:8e:90:03:33:fd:05:c7:68:c3:81:71:69:2b:b5:a5:91:e7:
25:04:37:32:88:40:2c:e7:b7:65:86:95:96:e8:32:0f:35:48:
6d:2c:ea:ca:5f:bb:e5:db:5c:5c:ea:9a:c9:4c:7d:f0:12:37:
e2:10:1c:f3:b6:9b:1d:3c:34:58:ba:0d:9e:39:59:b6:40:db:
2e:f7:0d:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj11W8L3x1Pu1ZYAxZ0DgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMGU2NWNhZGRiZWNkNDhkMmY4Nzc4Nzk5MzExMzg0MmJk
ZmNlNWQwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM1YWVhNzllNjc1MWFhMjMxOTc4NzYyMThiNmI5MzE1NWEyMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+xlnabBvoJsVx9yyxbp8QIWbPsro
mtQpJeLEwSWDLDltSQBOuDhhe2i8WopVorT8NmrT+gJmiM2JXYw5hTdbc2Z7pTke
iHHzgoP6Q6sd4f2+/bBt654tuKsyfsc30PLYiSGt/YWcLaNw++HIZwRNNAGC9UWN
coADFBpyK0fFPBYndxSILLF9sH8Ctr/oyJNLGeGxnrdq0MksMHMprqXdJFh29bbM
45CFdHDcyM5BoG47fLmwX1X7hMTEMsn1zqVmxVjYdW0mmdRpn5PK/+Xs215in250
kr7HVFghMwIDtw+0zK4SOJdBm7CPdz6xh2OZcESi/j3xC0U2CZG/h39CGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKDFrqeeZ1GqIxl4diGLa5MVWiMZMB8GA1UdIwQY
MBaAFMIOZcrdvs1I0vh3h5kxE4Qr385dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2It
N2VmYWE0YTc0Zjk3LzEvb01XdXA1NW5VYW9qR1hoMklZdHJreFZhSXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2ItN2VmYWE0YTc0Zjk3
LzEvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+dUAwQB
w0CaAwQAw1jzMA0GCSqGSIb3DQEBCwUAA4IBAQBTYT0d18OlNBAEOP8bLnsn98lF
KVst6dC8istAjWJw9wjEMbeYEwZAkX5OU9YNCOefteH0H6oiJGb4VznQbikt5xS8
2Y2C7o5SbGrCMVeTXmSz6msk0OFInO/4DbE/HNJHo0XBZey/mik1UrBGSpggcM9y
k2Ka5054uVGKBJVeAW3YfSFGPqXC8yUI6qMQM1lcDtq+kPfUGuHwvK4vuffCX+1U
GBnRpSyjphruDhh0pF0bhuQUjpADM/0Fx2jDgXFpK7WlkeclBDcyiEAs57dlhpWW
6DIPNUhtLOrKX7vl21xc6prJTH3wEjfiEBzztpsdPDRYug2eOVm2QNsu9w1Y
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:37:00 2025 by rpki-client