Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/WxfszHGeN-gwyZLH5G2Ar3qScac.roa
File: WxfszHGeN-gwyZLH5G2Ar3qScac.roa (raw, json)
Hash identifier: rlq6GE3ynty7Kfa13WpNZ7g1jwDzYDDHYgWLlbSChzY=
Subject key identifier: 5B:17:EC:CC:71:9E:37:E8:30:C9:92:C7:E4:6D:80:AF:7A:92:71:A7
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01951A48087C1C7D32F4EA2711E0BB3B60C0
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/WxfszHGeN-gwyZLH5G2Ar3qScac.roa
Signing time: Tue 18 Feb 2025 18:18:03 +0000
ROA not before: Tue 18 Feb 2025 18:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 80.71.154.0/24 maxlen: 24
91.198.230.0/24 maxlen: 24
91.199.3.0/24 maxlen: 24
193.33.66.0/24 maxlen: 24
193.37.133.0/24 maxlen: 24
193.109.221.0/24 maxlen: 24
193.135.13.0/24 maxlen: 24
193.176.237.0/24 maxlen: 24
193.193.164.0/24 maxlen: 24
194.56.255.0/24 maxlen: 24
194.107.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1a:48:08:7c:1c:7d:32:f4:ea:27:11:e0:bb:3b:60:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 18 18:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b17eccc719e37e830c992c7e46d80af7a9271a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:a4:60:02:71:1a:4b:67:db:77:a1:e9:17:f1:
15:73:bf:97:d4:59:0d:95:07:1b:d0:ca:c1:f8:03:
d4:39:23:0f:77:74:99:33:f5:9e:99:83:17:2b:e8:
bd:f9:1d:34:2a:16:b3:70:df:13:cb:17:07:5a:7b:
f0:c1:f4:fe:86:03:20:cb:5c:ee:5a:09:54:7e:d7:
b8:00:d6:dc:a2:fe:83:40:08:29:21:9a:cf:37:e4:
87:72:20:ad:96:68:9d:c6:6f:8e:bc:75:c8:ac:0d:
6c:92:67:db:ee:4c:d3:16:78:60:98:4d:19:74:40:
a8:be:c7:90:92:f7:e3:ff:c8:e6:95:28:bb:ba:64:
25:e9:ed:a9:8c:36:d6:4b:ad:c7:55:a9:da:ae:08:
ec:bb:40:11:7f:f6:ee:cd:87:e7:da:58:ff:52:c3:
cd:e7:a5:a1:09:1e:8b:ae:93:57:d6:5b:38:32:cf:
69:b2:ed:bc:1e:24:c9:1f:41:5d:a6:4f:ac:e9:01:
75:6e:10:b2:a8:89:4b:39:4c:a5:a8:56:33:9b:a1:
27:61:33:af:18:b2:67:88:81:20:49:2d:d4:b7:21:
26:a5:59:06:65:46:7f:74:8a:30:0e:f9:93:84:99:
fa:fb:80:a2:d8:d8:c7:f4:60:0c:1b:f0:0d:ec:a2:
85:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:17:EC:CC:71:9E:37:E8:30:C9:92:C7:E4:6D:80:AF:7A:92:71:A7
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/WxfszHGeN-gwyZLH5G2Ar3qScac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.154.0/24
91.198.230.0/24
91.199.3.0/24
193.33.66.0/24
193.37.133.0/24
193.109.221.0/24
193.135.13.0/24
193.176.237.0/24
193.193.164.0/24
194.56.255.0/24
194.107.125.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:5c:e3:20:27:8b:4e:ce:f6:4f:19:7d:da:50:ca:50:4d:3b:
31:3a:8e:89:dc:49:02:63:66:84:ad:26:91:42:cd:12:d5:52:
9e:c1:2a:e9:78:d9:11:3b:8f:90:87:36:1a:d6:a2:3e:d6:89:
a6:d1:ee:17:1b:01:6f:43:b5:c7:d4:4b:ee:ed:40:e6:a8:bb:
80:21:0d:e0:74:99:40:c1:f7:51:a2:cf:df:8b:8f:6c:da:85:
f2:f9:e5:20:13:03:04:55:2d:01:57:11:58:72:6a:4c:ab:93:
44:21:1f:1f:00:c3:22:96:d5:a4:b3:c7:fc:bf:2f:ed:f5:23:
77:10:36:da:d4:f0:b6:21:39:86:57:17:9c:fc:76:c1:04:62:
01:86:bd:78:e7:d8:cd:6e:dd:4d:a4:0f:f7:ed:63:4f:49:52:
fa:e1:3b:bc:ae:e5:54:39:21:d9:e1:8b:1b:51:06:3a:81:2d:
f6:54:17:a7:dd:50:f7:3e:34:3b:00:c3:6c:c4:7f:64:cb:bd:
7a:2b:17:8b:99:76:04:87:80:d9:f1:77:79:4f:9e:0e:0f:7c:
e8:6b:5b:6f:54:32:dc:c6:cc:98:f4:1d:7a:3a:d3:37:4e:e4:
ec:cd:ab:fa:a3:10:7a:84:ad:c9:de:1e:9e:4d:e5:b6:b8:05:
e8:ba:d7:16
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZUaSAh8HH0y9OonEeC7O2DAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMjE4MTgxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE3ZWNjYzcxOWUzN2U4MzBjOTkyYzdlNDZkODBhZjdhOTI3MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9KRgAnEaS2fbd6HpF/EVc7+X1FkN
lQcb0MrB+APUOSMPd3SZM/WemYMXK+i9+R00KhazcN8TyxcHWnvwwfT+hgMgy1zu
WglUfte4ANbcov6DQAgpIZrPN+SHciCtlmidxm+OvHXIrA1skmfb7kzTFnhgmE0Z
dECovseQkvfj/8jmlSi7umQl6e2pjDbWS63HVanargjsu0ARf/buzYfn2lj/UsPN
56WhCR6LrpNX1ls4Ms9psu28HiTJH0Fdpk+s6QF1bhCyqIlLOUylqFYzm6EnYTOv
GLJniIEgSS3UtyEmpVkGZUZ/dIowDvmThJn6+4Ci2NjH9GAMG/AN7KKFXQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFsX7MxxnjfoMMmSx+RtgK96knGnMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvV3hmc3pIR2VOLWd3eVpMSDVHMkFyM3FTY2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUEeaAwQA
W8bmAwQAW8cDAwQAwSFCAwQAwSWFAwQAwW3dAwQAwYcNAwQAwbDtAwQAwcGkAwQA
wjj/AwQAwmt9MA0GCSqGSIb3DQEBCwUAA4IBAQAdXOMgJ4tOzvZPGX3aUMpQTTsx
Oo6J3EkCY2aErSaRQs0S1VKewSrpeNkRO4+QhzYa1qI+1omm0e4XGwFvQ7XH1Evu
7UDmqLuAIQ3gdJlAwfdRos/fi49s2oXy+eUgEwMEVS0BVxFYcmpMq5NEIR8fAMMi
ltWks8f8vy/t9SN3EDba1PC2ITmGVxec/HbBBGIBhr1459jNbt1NpA/37WNPSVL6
4Tu8ruVUOSHZ4YsbUQY6gS32VBen3VD3PjQ7AMNsxH9ky716KxeLmXYEh4DZ8Xd5
T54OD3zoa1tvVDLcxsyY9B16OtM3TuTszav6oxB6hK3J3h6eTeW2uAXoutcW
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:37:56 2025 by rpki-client