Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WyKwJoYTEFoNYvZJjn5e2Zx_ZKg.roa
File: WyKwJoYTEFoNYvZJjn5e2Zx_ZKg.roa (raw, json)
Hash identifier: xJ8WdHcNC5tU4S58PzqPpdshXFEq5vuxHEYpQ4ah6+I=
Subject key identifier: 5B:22:B0:26:86:13:10:5A:0D:62:F6:49:8E:7E:5E:D9:9C:7F:64:A8
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183C6690C6D1AA68C04F0896C87357D453D
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WyKwJoYTEFoNYvZJjn5e2Zx_ZKg.roa
Signing time: Tue 11 Oct 2022 09:38:36 +0000
ROA not before: Tue 11 Oct 2022 09:38:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 109.203.172.0/22 maxlen: 24
109.203.168.0/22 maxlen: 24
109.203.176.0/22 maxlen: 24
109.203.180.0/22 maxlen: 24
109.203.184.0/21 maxlen: 24
94.74.152.0/22 maxlen: 24
185.34.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:69:0c:6d:1a:a6:8c:04:f0:89:6c:87:35:7d:45:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 11 09:38:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b22b0268613105a0d62f6498e7e5ed99c7f64a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:65:fc:39:58:cf:86:7d:29:21:15:2b:a9:3b:
7b:1b:68:f2:f7:4f:a7:a5:33:f5:9f:f0:f1:ba:95:
e8:53:15:b8:c1:7f:ab:0c:28:9f:6e:9b:65:26:88:
bf:8f:93:91:bc:7e:53:a2:21:2e:1f:9b:f3:67:3b:
ed:ff:78:6f:7f:17:6b:1f:15:54:f5:90:79:51:6d:
73:da:0f:18:19:2e:6b:21:af:08:2c:3e:d4:b6:47:
4a:65:72:c5:46:25:2c:e5:6f:87:f9:67:78:4b:3c:
99:de:e6:c4:4b:ec:d9:f1:c2:95:42:a1:b8:a5:2b:
95:ff:17:14:7f:da:b4:9c:50:74:9e:ed:42:1e:5f:
50:26:03:72:b1:51:47:00:a0:4a:b5:de:54:f6:b1:
bf:e1:9a:b5:5f:85:bb:ca:8b:d5:43:db:2d:42:2a:
9e:99:3e:db:de:82:38:3a:d0:38:49:06:0b:db:53:
89:a0:f4:77:77:4f:17:d0:62:b6:7e:a8:c8:a1:99:
4e:8e:fc:8a:88:17:67:3b:61:77:85:ca:18:75:68:
72:87:bc:dc:6b:e6:00:83:35:df:58:7e:25:90:d2:
a8:b0:87:98:97:22:6e:11:40:58:2c:a4:2d:f2:b0:
9a:68:88:6b:4e:ff:91:8a:42:14:1d:4a:aa:63:73:
45:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:22:B0:26:86:13:10:5A:0D:62:F6:49:8E:7E:5E:D9:9C:7F:64:A8
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WyKwJoYTEFoNYvZJjn5e2Zx_ZKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.152.0/22
109.203.168.0-109.203.191.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
88:f9:3d:7e:b4:22:c2:7b:4c:04:7c:bc:5a:ad:fa:0d:e2:ae:
cf:a7:71:3b:e3:51:b0:cb:82:73:d3:56:fa:79:c8:6f:7d:8d:
02:a0:66:0b:87:da:59:f5:6f:8d:f4:59:73:65:65:df:8b:0a:
ee:91:ab:de:23:fb:a6:5a:27:ed:5e:c1:b7:81:39:4a:8f:d6:
db:1c:6e:d6:1a:81:03:8e:50:04:99:01:d4:6b:90:8d:2d:59:
ee:3d:da:0d:e4:89:7b:aa:4f:9c:54:0e:e5:7f:ab:b6:28:70:
71:dd:29:75:67:a8:91:ac:d8:69:09:85:f5:4c:92:30:11:27:
cd:55:56:24:78:82:8f:be:de:4e:fe:a1:8c:a4:9c:5f:2e:c3:
4b:43:0c:db:83:60:41:a0:c4:3e:f0:04:6c:65:3f:d5:a4:e8:
9b:33:94:f2:61:1d:eb:37:d0:9f:56:f0:ce:10:cb:6e:1c:8a:
a2:5a:2a:22:bb:0a:c0:62:89:9f:4a:e9:a3:f7:6c:ce:d3:2e:
f2:d5:3e:64:2a:45:9c:1c:ec:b7:5b:33:1c:69:64:54:06:08:
87:f8:e0:29:44:c9:c2:79:e8:18:e5:05:58:4b:e0:0c:74:16:
28:64:28:d6:19:5d:13:42:19:97:ec:a5:b0:29:7b:37:38:ab:
c0:6b:88:48
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYPGaQxtGqaMBPCJbIc1fUU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDExMDkzODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjIyYjAyNjg2MTMxMDVhMGQ2MmY2NDk4ZTdlNWVkOTljN2Y2NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWX8OVjPhn0pIRUrqTt7G2jy90+n
pTP1n/DxupXoUxW4wX+rDCifbptlJoi/j5ORvH5ToiEuH5vzZzvt/3hvfxdrHxVU
9ZB5UW1z2g8YGS5rIa8ILD7UtkdKZXLFRiUs5W+H+Wd4SzyZ3ubES+zZ8cKVQqG4
pSuV/xcUf9q0nFB0nu1CHl9QJgNysVFHAKBKtd5U9rG/4Zq1X4W7yovVQ9stQiqe
mT7b3oI4OtA4SQYL21OJoPR3d08X0GK2fqjIoZlOjvyKiBdnO2F3hcoYdWhyh7zc
a+YAgzXfWH4lkNKosIeYlyJuEUBYLKQt8rCaaIhrTv+RikIUHUqqY3NFEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFsisCaGExBaDWL2SY5+Xtmcf2SoMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvV3lLd0pvWVRFRm9OWXZaSmpuNWUyWnhfWktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCXkqYMAwD
BANty6gDBAZty4ADBAK5IqAwDQYJKoZIhvcNAQELBQADggEBAIj5PX60IsJ7TAR8
vFqt+g3irs+ncTvjUbDLgnPTVvp5yG99jQKgZguH2ln1b430WXNlZd+LCu6Rq94j
+6ZaJ+1ewbeBOUqP1tscbtYagQOOUASZAdRrkI0tWe492g3kiXuqT5xUDuV/q7Yo
cHHdKXVnqJGs2GkJhfVMkjARJ81VViR4go++3k7+oYyknF8uw0tDDNuDYEGgxD7w
BGxlP9Wk6JszlPJhHes30J9W8M4Qy24ciqJaKiK7CsBiiZ9K6aP3bM7TLvLVPmQq
RZwc7LdbMxxpZFQGCIf44ClEycJ56BjlBVhL4Ax0FihkKNYZXRNCGZfspbApezc4
q8BriEg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:31 2025 by rpki-client