Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/wen8RPms2N-sa4kh6rt97g5VpT8.roa
File: wen8RPms2N-sa4kh6rt97g5VpT8.roa (raw, json)
Hash identifier: wEbFbsHCC6t0+cXMmfNWVL6lCb0QqwAngAsom0+q6Yg=
Subject key identifier: C1:E9:FC:44:F9:AC:D8:DF:AC:6B:89:21:EA:BB:7D:EE:0E:55:A5:3F
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 0193F5DA9CB56A8C262754C0204A4FC8BFB0
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/wen8RPms2N-sa4kh6rt97g5VpT8.roa
Signing time: Mon 23 Dec 2024 23:29:25 +0000
ROA not before: Mon 23 Dec 2024 23:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398464
IP address blocks: 195.64.122.0/24 maxlen: 24
2a14:2500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f5:da:9c:b5:6a:8c:26:27:54:c0:20:4a:4f:c8:bf:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Dec 23 23:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1e9fc44f9acd8dfac6b8921eabb7dee0e55a53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b3:ca:b6:31:86:1e:bc:91:b2:1b:62:ce:c5:
18:ad:65:1f:01:10:0d:e6:77:c6:db:ca:82:a8:ba:
71:95:f2:38:7b:6b:d2:e9:bb:00:97:eb:de:22:74:
b8:9d:f2:f6:0f:94:63:9c:15:dd:8e:bc:24:3c:78:
36:ed:9c:31:d5:c9:d8:75:91:28:65:07:0e:2a:74:
7e:8d:f7:78:fe:f2:74:74:e1:7c:56:8f:4e:31:43:
fe:66:9b:45:c5:23:71:14:2f:ac:65:81:ee:1f:d7:
af:5f:2e:9d:ae:c0:d3:b3:1f:b9:25:5a:a7:ab:55:
ba:01:9f:c4:ca:ce:23:51:dd:7c:61:23:64:ad:c9:
38:af:ce:c1:f8:9e:84:76:ad:eb:4a:9a:fb:38:7d:
a8:79:06:2b:1c:5c:62:a4:68:c3:6d:fb:61:62:34:
e7:3f:e9:02:85:45:1e:79:58:bd:e2:0f:6d:bd:fc:
42:23:67:fc:8f:ad:23:5d:5d:ff:f9:c8:4f:7d:9e:
d2:f6:df:f2:55:e5:ce:c6:8c:54:ef:34:13:74:47:
b1:a1:45:86:cf:4c:73:d6:fa:a4:92:da:3b:e3:5e:
08:53:99:34:d4:d0:92:83:9a:4b:54:08:c3:fa:ab:
34:b5:81:83:a8:1d:0d:44:1e:2a:9f:6f:c0:73:52:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E9:FC:44:F9:AC:D8:DF:AC:6B:89:21:EA:BB:7D:EE:0E:55:A5:3F
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/wen8RPms2N-sa4kh6rt97g5VpT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.122.0/24
IPv6:
2a14:2500::/29
Signature Algorithm: sha256WithRSAEncryption
db:a0:41:90:21:90:10:e1:fb:64:ce:1a:ac:5b:8c:eb:ff:3c:
3f:14:61:9e:54:a8:b4:17:10:e4:bb:83:10:c4:b6:d1:41:27:
f9:c0:1e:54:98:a5:d0:14:a8:27:27:9e:03:0f:e6:2a:63:16:
67:9b:49:26:45:cc:73:3c:23:1d:d9:df:aa:ff:53:03:aa:07:
99:a1:a7:b3:8a:3c:ec:b9:fe:1f:bf:3f:14:48:5f:12:44:8b:
b5:55:ee:e3:51:2b:65:9e:1d:cf:96:60:f3:72:5c:aa:31:df:
17:3f:e1:61:b2:95:28:80:43:d1:74:c9:48:6c:43:ee:2b:55:
f0:c7:66:23:eb:b9:fb:a1:2d:ab:20:ad:e7:1b:74:18:cc:6f:
5a:eb:79:28:47:5d:74:a8:3b:04:e7:6c:ae:eb:43:22:b7:5d:
34:a9:74:d7:b1:9c:4f:7f:f1:2d:f7:fd:9f:f5:02:85:3c:61:
e0:65:d3:c2:d5:d7:36:34:48:cc:ba:cc:8d:7d:ac:ac:36:cf:
5d:36:34:07:53:77:92:58:a9:2b:3f:ff:ed:48:f9:61:ed:6d:
60:24:b8:90:2c:63:de:c0:3f:76:1d:ea:00:cf:9b:7e:8e:c9:
43:ea:d8:5f:27:3b:d0:38:11:0d:8e:c2:9b:97:14:2e:24:40:
ac:f9:79:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZP12py1aowmJ1TAIEpPyL+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjQxMjIzMjMyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU5ZmM0NGY5YWNkOGRmYWM2Yjg5MjFlYWJiN2RlZTBlNTVhNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubPKtjGGHryRshtizsUYrWUfARAN
5nfG28qCqLpxlfI4e2vS6bsAl+veInS4nfL2D5RjnBXdjrwkPHg27Zwx1cnYdZEo
ZQcOKnR+jfd4/vJ0dOF8Vo9OMUP+ZptFxSNxFC+sZYHuH9evXy6drsDTsx+5JVqn
q1W6AZ/Eys4jUd18YSNkrck4r87B+J6Edq3rSpr7OH2oeQYrHFxipGjDbfthYjTn
P+kChUUeeVi94g9tvfxCI2f8j60jXV3/+chPfZ7S9t/yVeXOxoxU7zQTdEexoUWG
z0xz1vqkkto7414IU5k01NCSg5pLVAjD+qs0tYGDqB0NRB4qn2/Ac1L8xQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMHp/ET5rNjfrGuJIeq7fe4OVaU/MB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvd2VuOFJQbXMyTi1zYTRraDZydDk3ZzVWcFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw0B6MA0E
AgACMAcDBQMqFCUAMA0GCSqGSIb3DQEBCwUAA4IBAQDboEGQIZAQ4ftkzhqsW4zr
/zw/FGGeVKi0FxDku4MQxLbRQSf5wB5UmKXQFKgnJ54DD+YqYxZnm0kmRcxzPCMd
2d+q/1MDqgeZoaezijzsuf4fvz8USF8SRIu1Ve7jUStlnh3PlmDzclyqMd8XP+Fh
spUogEPRdMlIbEPuK1Xwx2Yj67n7oS2rIK3nG3QYzG9a63koR110qDsE52yu60Mi
t100qXTXsZxPf/Et9/2f9QKFPGHgZdPC1dc2NEjMusyNfaysNs9dNjQHU3eSWKkr
P//tSPlh7W1gJLiQLGPewD92HeoAz5t+jslD6thfJzvQOBENjsKblxQuJECs+XmT
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:00:59 2025 by rpki-client