Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wdrfkRY3BP5dn2PwSRgp-OWu8SA.roa
File: wdrfkRY3BP5dn2PwSRgp-OWu8SA.roa (raw, json)
Hash identifier: AHDPDyp8iuK4iLcd+87JbT9JyQWmOCYM9tplcU1gDaA=
Subject key identifier: C1:DA:DF:91:16:37:04:FE:5D:9F:63:F0:49:18:29:F8:E5:AE:F1:20
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0194CF6B59A1AA30523E7CE5C2B76AE2143D
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wdrfkRY3BP5dn2PwSRgp-OWu8SA.roa
Signing time: Tue 04 Feb 2025 05:25:06 +0000
ROA not before: Tue 04 Feb 2025 05:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.189.0/24 maxlen: 24
45.65.114.0/24 maxlen: 24
45.154.156.0/24 maxlen: 24
45.154.158.0/24 maxlen: 24
185.83.200.0/23 maxlen: 23
185.83.202.0/23 maxlen: 23
188.209.131.0/24 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.134.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
194.15.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cf:6b:59:a1:aa:30:52:3e:7c:e5:c2:b7:6a:e2:14:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Feb 4 05:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1dadf91163704fe5d9f63f0491829f8e5aef120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d8:2e:85:5a:30:d8:c8:89:6f:4e:10:61:fd:
d5:9a:58:6f:0e:d0:ba:36:c3:67:6d:d3:2b:1d:52:
53:5d:62:fc:99:22:2c:4b:df:5c:04:71:af:ee:5b:
85:85:38:20:a8:ff:fd:39:a5:0c:da:28:76:d3:9b:
f9:9a:1c:13:c7:c5:b8:f2:16:d0:a2:87:a8:df:cc:
a1:a1:bc:85:48:44:e5:2d:8f:c7:c1:04:00:1b:fd:
c4:60:92:ad:c4:09:6a:c8:58:c1:d1:45:7e:14:2a:
51:45:42:49:74:1c:67:e2:19:8d:8a:ab:c5:52:4e:
43:6a:a4:1f:ce:1c:4d:a1:a8:f8:9c:4f:6f:db:a3:
86:01:73:9a:11:e4:ef:1b:9b:bb:d7:a9:1a:f8:f7:
b5:4a:c7:ef:f5:af:fd:48:fa:05:13:fd:3f:d5:81:
b3:67:86:58:d4:07:f3:82:3c:41:2d:03:ef:ae:15:
0a:c2:01:d5:01:dd:c1:f4:85:10:ba:40:e1:c8:3b:
55:5a:cb:4c:d9:59:64:10:23:0f:a3:8c:9a:01:68:
f3:9c:28:c0:59:c4:20:5f:1c:0a:fb:10:41:e0:90:
4e:0a:7c:b3:b9:db:fd:e0:30:cf:d8:60:13:ba:5a:
f7:c6:11:2a:d5:87:73:0f:20:03:d7:bc:50:0a:34:
7a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DA:DF:91:16:37:04:FE:5D:9F:63:F0:49:18:29:F8:E5:AE:F1:20
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/wdrfkRY3BP5dn2PwSRgp-OWu8SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.189.0/24
45.65.114.0/24
45.154.156.0/24
45.154.158.0/24
185.83.200.0/22
188.209.131.0-188.209.135.255
188.209.139.0/24
194.15.99.0/24
Signature Algorithm: sha256WithRSAEncryption
12:ae:31:4a:a4:77:4d:86:82:46:2a:20:ce:58:4e:16:83:12:
d4:4f:44:c5:fc:4b:e8:33:ca:36:a6:b9:3d:b6:89:0d:b3:92:
54:5b:fd:01:c1:e6:90:86:15:12:1a:5c:98:40:74:fe:49:dc:
28:70:70:9b:56:9b:c2:b2:77:1b:27:23:4c:49:70:13:38:a2:
f3:a0:07:66:ea:93:dc:06:bc:c6:83:62:33:59:c3:9a:0d:0f:
53:b1:75:b1:71:a2:d7:f6:68:4e:3e:d4:31:a9:f3:12:f6:39:
1c:35:5b:c4:86:34:53:0d:71:a6:d4:73:5f:a0:78:a2:03:e0:
a5:73:c4:72:23:2e:19:de:f0:66:28:b6:f2:d1:6b:68:ff:96:
0c:41:6d:67:d4:5a:ab:38:be:6e:97:f2:50:1f:30:ad:16:3d:
aa:c2:2c:3c:18:4e:87:3a:7a:91:3d:ca:5d:67:fd:5f:c5:e1:
02:0c:de:6d:67:6b:f4:d0:8e:66:75:00:0b:57:c2:73:59:e7:
70:09:fc:f8:27:db:1a:be:c1:e6:eb:4c:fe:35:3a:9a:82:2a:
70:a8:59:ab:61:19:84:cc:4d:9b:78:6d:6e:9a:6e:08:d0:c2:
2a:6e:89:e0:08:1e:9e:6d:56:b6:8a:e2:0b:f7:d1:54:e0:f1:
33:3f:28:c8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZTPa1mhqjBSPnzlwrdq4hQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMjA0MDUyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRhZGY5MTE2MzcwNGZlNWQ5ZjYzZjA0OTE4MjlmOGU1YWVmMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNguhVow2MiJb04QYf3VmlhvDtC6
NsNnbdMrHVJTXWL8mSIsS99cBHGv7luFhTggqP/9OaUM2ih205v5mhwTx8W48hbQ
ooeo38yhobyFSETlLY/HwQQAG/3EYJKtxAlqyFjB0UV+FCpRRUJJdBxn4hmNiqvF
Uk5DaqQfzhxNoaj4nE9v26OGAXOaEeTvG5u716ka+Pe1Ssfv9a/9SPoFE/0/1YGz
Z4ZY1AfzgjxBLQPvrhUKwgHVAd3B9IUQukDhyDtVWstM2VlkECMPo4yaAWjznCjA
WcQgXxwK+xBB4JBOCnyzudv94DDP2GATulr3xhEq1YdzDyAD17xQCjR6mQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMHa35EWNwT+XZ9j8EkYKfjlrvEgMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvd2RyZmtSWTNCUDVkbjJQd1NSZ3AtT1d1OFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQu9AwQA
LUFyAwQALZqcAwQALZqeAwQCuVPIMAwDBAC80YMDBAO80YADBAC80YsDBADCD2Mw
DQYJKoZIhvcNAQELBQADggEBABKuMUqkd02GgkYqIM5YThaDEtRPRMX8S+gzyjam
uT22iQ2zklRb/QHB5pCGFRIaXJhAdP5J3ChwcJtWm8KydxsnI0xJcBM4ovOgB2bq
k9wGvMaDYjNZw5oND1OxdbFxotf2aE4+1DGp8xL2ORw1W8SGNFMNcabUc1+geKID
4KVzxHIjLhne8GYotvLRa2j/lgxBbWfUWqs4vm6X8lAfMK0WParCLDwYToc6epE9
yl1n/V/F4QIM3m1na/TQjmZ1AAtXwnNZ53AJ/Pgn2xq+webrTP41OpqCKnCoWath
GYTMTZt4bW6abgjQwipuieAIHp5tVraK4gv30VTg8TM/KMg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:23:54 2025 by rpki-client