Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/WhGWPzS8xGDxCqrYjxVfnm6jt6Q.roa
File: WhGWPzS8xGDxCqrYjxVfnm6jt6Q.roa (raw, json)
Hash identifier: wsT36h4NahjqudtK9upbeMXxjGzvszhUfYQrxfMufBo=
Subject key identifier: 5A:11:96:3F:34:BC:C4:60:F1:0A:AA:D8:8F:15:5F:9E:6E:A3:B7:A4
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0195DCEFFC5FDB7D2D3CE841FAF89D89B2DD
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/WhGWPzS8xGDxCqrYjxVfnm6jt6Q.roa
Signing time: Fri 28 Mar 2025 13:27:50 +0000
ROA not before: Fri 28 Mar 2025 13:27:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6282
IP address blocks: 31.131.8.0/23 maxlen: 23
31.131.10.0/23 maxlen: 23
64.43.100.0/22 maxlen: 22
77.36.24.0/22 maxlen: 22
81.161.0.0/23 maxlen: 23
93.120.16.0/22 maxlen: 22
93.120.20.0/22 maxlen: 22
176.96.52.0/22 maxlen: 22
176.111.160.0/23 maxlen: 23
176.111.162.0/23 maxlen: 23
176.113.184.0/22 maxlen: 22
176.113.188.0/22 maxlen: 22
176.116.32.0/22 maxlen: 22
176.116.36.0/22 maxlen: 22
178.159.144.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:ef:fc:5f:db:7d:2d:3c:e8:41:fa:f8:9d:89:b2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 28 13:27:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a11963f34bcc460f10aaad88f155f9e6ea3b7a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:11:78:9b:89:3d:f9:12:77:54:59:ca:b4:54:
97:8f:a4:47:a5:93:9a:23:95:6f:7e:11:84:02:3b:
0c:03:d2:a0:3c:cc:9b:a6:33:43:d3:e2:a1:75:7f:
b1:60:1f:dd:f6:ce:eb:5a:9b:70:11:64:45:3e:6d:
e7:62:b4:30:80:b4:7c:0c:fc:8e:07:f3:91:2a:24:
ff:2d:b1:08:23:10:e3:35:fe:32:d8:9d:bc:d3:aa:
d0:5b:e7:e9:49:7f:48:37:4e:9e:4e:6f:82:f8:73:
d5:56:03:f6:c4:18:b0:91:14:64:83:34:80:53:d9:
03:78:da:a6:0c:af:f2:ea:73:5c:54:fe:21:c4:95:
47:96:33:45:da:8d:9c:4f:d0:3f:5a:a8:c1:72:82:
b9:91:49:8d:30:4a:5e:20:0a:12:0e:76:cf:bc:46:
fc:71:2f:21:be:f7:74:65:b4:a3:ec:a9:84:38:5b:
73:b6:67:9e:79:9a:d8:09:13:6b:75:66:5b:a2:c1:
92:ad:e0:c1:9b:9d:20:20:f9:f3:fd:98:55:be:df:
ec:86:04:c2:2a:67:fd:27:04:c3:4a:ea:03:91:f5:
9b:39:ba:dc:9a:1e:9d:bc:bc:f2:c6:a7:b2:ab:b9:
39:65:b4:37:51:11:a1:ef:37:00:34:71:47:d4:88:
cd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:11:96:3F:34:BC:C4:60:F1:0A:AA:D8:8F:15:5F:9E:6E:A3:B7:A4
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/WhGWPzS8xGDxCqrYjxVfnm6jt6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
64.43.100.0/22
77.36.24.0/22
81.161.0.0/23
93.120.16.0/21
176.96.52.0/22
176.111.160.0/22
176.113.184.0/21
176.116.32.0/21
178.159.144.0/23
Signature Algorithm: sha256WithRSAEncryption
71:5f:9e:37:21:0a:4c:60:69:c6:6f:af:c0:b9:17:1a:b0:a1:
41:63:26:a2:59:ea:91:6f:ee:56:57:b5:7a:7d:40:18:8f:cc:
c4:0b:28:b1:aa:75:2e:17:07:ad:87:42:19:3a:0f:2c:0a:d5:
73:5e:b2:e6:60:24:d8:5c:c7:32:29:d3:2e:1d:8a:05:ac:d8:
88:09:86:06:dc:66:fe:de:a9:ef:e5:bd:ca:9b:b2:a7:d2:c9:
85:64:c7:2a:45:7e:6d:24:1b:1a:b7:8a:61:a9:bc:f7:be:0e:
8f:ee:05:0b:20:29:e0:13:0a:df:55:f5:ad:2e:6f:fb:5c:09:
c2:3f:70:15:84:92:79:a3:b2:b7:7d:8a:86:8d:fd:0a:44:08:
4f:95:7c:00:48:9d:d1:e5:13:84:b0:55:c7:41:15:4c:8d:70:
34:9c:41:26:03:08:6b:a4:95:cb:9d:15:27:16:4d:86:60:62:
e0:67:6a:34:c4:e5:7d:da:cb:00:c6:56:93:85:58:6f:f7:07:
fe:76:d6:74:77:73:52:d6:d7:00:b5:8e:5e:97:40:0a:71:87:
5b:3d:be:f3:15:ba:f0:84:6c:9c:44:90:91:cf:c2:ee:1b:81:
37:ca:57:dd:53:bb:af:5c:71:30:1d:63:fd:b4:e9:af:be:dd:
e7:36:2c:2e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXc7/xf230tPOhB+vidibLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMzI4MTMyNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTExOTYzZjM0YmNjNDYwZjEwYWFhZDg4ZjE1NWY5ZTZlYTNiN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBF4m4k9+RJ3VFnKtFSXj6RHpZOa
I5VvfhGEAjsMA9KgPMybpjND0+KhdX+xYB/d9s7rWptwEWRFPm3nYrQwgLR8DPyO
B/ORKiT/LbEIIxDjNf4y2J2806rQW+fpSX9IN06eTm+C+HPVVgP2xBiwkRRkgzSA
U9kDeNqmDK/y6nNcVP4hxJVHljNF2o2cT9A/WqjBcoK5kUmNMEpeIAoSDnbPvEb8
cS8hvvd0ZbSj7KmEOFtztmeeeZrYCRNrdWZbosGSreDBm50gIPnz/ZhVvt/shgTC
Kmf9JwTDSuoDkfWbObrcmh6dvLzyxqeyq7k5ZbQ3URGh7zcANHFH1IjNAwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFoRlj80vMRg8Qqq2I8VX55uo7ekMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvV2hHV1B6Uzh4R0R4Q3FyWWp4VmZubTZqdDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCH4MIAwQC
QCtkAwQCTSQYAwQBUaEAAwQDXXgQAwQCsGA0AwQCsG+gAwQDsHG4AwQDsHQgAwQB
sp+QMA0GCSqGSIb3DQEBCwUAA4IBAQBxX543IQpMYGnGb6/AuRcasKFBYyaiWeqR
b+5WV7V6fUAYj8zECyixqnUuFweth0IZOg8sCtVzXrLmYCTYXMcyKdMuHYoFrNiI
CYYG3Gb+3qnv5b3Km7Kn0smFZMcqRX5tJBsat4phqbz3vg6P7gULICngEwrfVfWt
Lm/7XAnCP3AVhJJ5o7K3fYqGjf0KRAhPlXwASJ3R5ROEsFXHQRVMjXA0nEEmAwhr
pJXLnRUnFk2GYGLgZ2o0xOV92ssAxlaThVhv9wf+dtZ0d3NS1tcAtY5el0AKcYdb
Pb7zFbrwhGycRJCRz8LuG4E3ylfdU7uvXHEwHWP9tOmvvt3nNiwu
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:30:38 2025 by rpki-client