Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/WSmq5VDWoDvyfK5N0sa9h5kTLEE.roa
File: WSmq5VDWoDvyfK5N0sa9h5kTLEE.roa (raw, json)
Hash identifier: 8o8yTWSsFErhX2BAFuLsTfCB+lKNYkxH20K1z0u84Cc=
Subject key identifier: 59:29:AA:E5:50:D6:A0:3B:F2:7C:AE:4D:D2:C6:BD:87:99:13:2C:41
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F90F84E70BC56CB650AB66696F053
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/WSmq5VDWoDvyfK5N0sa9h5kTLEE.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204229
IP address blocks: 64.43.73.0/24 maxlen: 24
91.238.40.0/23 maxlen: 23
91.245.188.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:90:f8:4e:70:bc:56:cb:65:0a:b6:66:96:f0:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5929aae550d6a03bf27cae4dd2c6bd8799132c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b9:64:ba:1f:f4:ff:79:44:d8:28:ad:6c:ff:
ac:ce:63:7c:00:c2:c3:e7:04:38:c6:ec:29:e7:f8:
67:86:62:1f:13:46:58:77:15:52:8e:7b:47:25:66:
60:5c:c3:11:46:4d:86:57:8a:7d:51:3c:f9:b5:ad:
13:9c:f2:5a:7e:01:28:1e:f4:c0:fc:3a:9d:e0:ee:
f6:9a:5f:c1:36:ae:b6:ba:6d:3c:cf:52:89:c0:62:
5e:30:32:a3:55:9a:9e:6d:de:b4:25:5b:32:d3:68:
14:a4:82:54:06:93:9a:6c:1c:12:8c:96:5b:35:12:
3a:f3:56:26:e0:0b:5b:1c:e7:10:eb:7f:cf:e1:c7:
40:78:30:6b:97:75:d6:47:f3:ec:64:6a:87:0c:d3:
f8:88:2f:7e:1e:3a:90:0c:fe:61:c8:13:92:4c:d8:
6a:17:f6:dc:5e:d7:cb:04:8d:20:d1:db:8b:74:54:
c1:0a:9a:06:f9:f3:ee:9b:1f:41:13:7b:c9:e6:b8:
63:59:c6:aa:90:c4:9f:b1:69:12:ab:cd:84:db:16:
92:b0:cc:88:3f:ae:ca:a8:de:0a:0a:8b:aa:83:9e:
60:b4:22:20:07:ed:9e:5a:0f:bf:8f:80:ef:9e:ea:
4e:46:a3:89:33:79:d9:4a:f9:22:9f:75:e1:21:9a:
09:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:29:AA:E5:50:D6:A0:3B:F2:7C:AE:4D:D2:C6:BD:87:99:13:2C:41
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/WSmq5VDWoDvyfK5N0sa9h5kTLEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.73.0/24
91.238.40.0/23
91.245.188.0/22
Signature Algorithm: sha256WithRSAEncryption
74:77:cc:e5:92:ad:39:a8:1b:35:46:e2:bd:58:fd:b1:d9:92:
58:a6:bf:b8:23:de:f4:6e:da:41:49:36:5a:29:fa:5e:9b:b9:
15:03:23:66:27:1d:21:5e:5e:63:2f:40:cc:c6:78:23:1c:89:
3c:56:da:b4:63:a1:b0:9c:1f:88:07:e5:00:e8:1c:03:d1:e8:
54:8d:60:fd:51:d5:14:24:96:1f:a2:be:e0:c7:4e:c2:e9:68:
40:a9:c6:ea:bd:65:b5:85:ec:77:1f:f8:cf:fe:64:9e:82:6f:
c3:e8:82:2f:23:b6:14:ad:b5:9c:e4:d0:a4:07:83:f0:87:b7:
d8:55:a3:ba:3a:e0:82:37:ee:2d:6d:ac:b9:bd:f2:80:26:db:
fe:52:42:5f:6a:e4:1d:bd:08:2c:de:53:e6:fb:80:5d:bc:60:
74:57:96:8a:34:de:a6:7b:85:fc:96:c5:fa:7a:f4:e6:15:7f:
c3:58:39:6e:cb:4e:e3:47:cb:c4:7c:3e:2a:57:ed:b9:88:2d:
62:16:1a:cf:18:08:c2:b8:9b:c7:f1:dc:09:07:a1:c9:92:7b:
ac:c0:e4:b6:91:bb:56:e9:f8:96:a8:51:1e:19:00:43:f3:5a:
95:6a:aa:c0:f2:85:5c:e4:fa:96:ae:79:e6:c6:4c:8a:b3:72:
a3:3a:14:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj5D4TnC8VstlCrZmlvBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTI5YWFlNTUwZDZhMDNiZjI3Y2FlNGRkMmM2YmQ4Nzk5MTMyYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArblkuh/0/3lE2CitbP+szmN8AMLD
5wQ4xuwp5/hnhmIfE0ZYdxVSjntHJWZgXMMRRk2GV4p9UTz5ta0TnPJafgEoHvTA
/Dqd4O72ml/BNq62um08z1KJwGJeMDKjVZqebd60JVsy02gUpIJUBpOabBwSjJZb
NRI681Ym4AtbHOcQ63/P4cdAeDBrl3XWR/PsZGqHDNP4iC9+HjqQDP5hyBOSTNhq
F/bcXtfLBI0g0duLdFTBCpoG+fPumx9BE3vJ5rhjWcaqkMSfsWkSq82E2xaSsMyI
P67KqN4KCouqg55gtCIgB+2eWg+/j4DvnupORqOJM3nZSvkin3XhIZoJKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFkpquVQ1qA78nyuTdLGvYeZEyxBMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvV1NtcTVWRFdvRHZ5Zks1TjBzYTloNWtUTEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAQCtJAwQB
W+4oAwQCW/W8MA0GCSqGSIb3DQEBCwUAA4IBAQB0d8zlkq05qBs1RuK9WP2x2ZJY
pr+4I970btpBSTZaKfpem7kVAyNmJx0hXl5jL0DMxngjHIk8Vtq0Y6GwnB+IB+UA
6BwD0ehUjWD9UdUUJJYfor7gx07C6WhAqcbqvWW1hex3H/jP/mSegm/D6IIvI7YU
rbWc5NCkB4Pwh7fYVaO6OuCCN+4tbay5vfKAJtv+UkJfauQdvQgs3lPm+4BdvGB0
V5aKNN6me4X8lsX6evTmFX/DWDluy07jR8vEfD4qV+25iC1iFhrPGAjCuJvH8dwJ
B6HJknuswOS2kbtW6fiWqFEeGQBD81qVaqrA8oVc5PqWrnnmxkyKs3KjOhTB
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:32:19 2025 by rpki-client