Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/112fdc-8374-47e6-8c50-996344f31145/1/WhznZMD8JwsPJjKhkGvlzr-gP0k.roa
File: WhznZMD8JwsPJjKhkGvlzr-gP0k.roa (raw, json)
Hash identifier: V4KhycwTYlOChvUYd/1t6HNCSGzM7Wq7Bs8CL5yFN+U=
Subject key identifier: 5A:1C:E7:64:C0:FC:27:0B:0F:26:32:A1:90:6B:E5:CE:BF:A0:3F:49
Certificate issuer: /CN=9c0ea1d1dd5b6064851d849c70f1cb14fcb2a383
Certificate serial: 018CC5DC3F65B61DA91525E185A7E469B790
Authority key identifier: 9C:0E:A1:D1:DD:5B:60:64:85:1D:84:9C:70:F1:CB:14:FC:B2:A3:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nA6h0d1bYGSFHYSccPHLFPyyo4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/112fdc-8374-47e6-8c50-996344f31145/1/WhznZMD8JwsPJjKhkGvlzr-gP0k.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41820
IP address blocks: 91.220.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3f:65:b6:1d:a9:15:25:e1:85:a7:e4:69:b7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c0ea1d1dd5b6064851d849c70f1cb14fcb2a383
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a1ce764c0fc270b0f2632a1906be5cebfa03f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9e:af:a9:13:b0:b7:85:97:48:17:79:c9:d7:
ed:63:a3:08:d9:ed:c4:8f:f2:54:3d:ad:52:2d:d8:
41:8d:2d:c2:d9:c5:f2:30:5b:eb:9f:d3:6c:e2:f4:
17:1e:72:a7:25:07:a6:f8:8f:d8:02:58:a4:59:55:
be:31:45:d8:7b:db:a6:c9:81:49:b3:9c:4d:dd:69:
8d:9e:cd:f6:6b:9e:cf:15:9e:d3:d2:4d:f0:3d:2e:
ff:97:75:fc:bd:0e:4b:04:0c:54:88:73:eb:0a:27:
aa:5e:3a:53:7f:cc:b8:fe:79:8c:14:68:7c:b5:8f:
74:b3:d6:00:3a:da:f8:dc:a3:f2:f8:37:14:e5:7b:
6c:cc:93:8c:8c:4c:db:5f:19:ad:b4:83:ca:d2:cf:
35:87:26:cd:37:60:a9:a0:9d:c3:55:bd:37:75:ae:
f8:ef:ac:2d:6f:25:ca:7a:4d:19:93:77:46:ec:5f:
d1:ff:2e:be:b3:6c:68:cd:24:99:62:ff:00:c0:51:
f9:04:6f:ce:50:30:31:4a:a1:44:5a:cd:0b:e5:98:
5b:44:f4:4a:30:cf:ff:b7:75:90:c2:36:cd:0b:dd:
50:99:28:a7:74:3a:ae:43:a9:61:d0:45:63:5b:1a:
53:eb:75:9d:2d:4e:3f:1a:45:0c:6b:26:76:b2:58:
98:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1C:E7:64:C0:FC:27:0B:0F:26:32:A1:90:6B:E5:CE:BF:A0:3F:49
X509v3 Authority Key Identifier:
keyid:9C:0E:A1:D1:DD:5B:60:64:85:1D:84:9C:70:F1:CB:14:FC:B2:A3:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nA6h0d1bYGSFHYSccPHLFPyyo4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/112fdc-8374-47e6-8c50-996344f31145/1/WhznZMD8JwsPJjKhkGvlzr-gP0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/112fdc-8374-47e6-8c50-996344f31145/1/nA6h0d1bYGSFHYSccPHLFPyyo4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.226.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:4a:a4:63:fe:16:a5:59:87:0b:ba:26:6e:c5:aa:31:dc:13:
f7:10:00:31:cd:78:dd:fb:9f:c1:e4:48:d5:53:e1:a3:24:f2:
bd:73:01:86:48:a1:46:24:19:9b:e5:a9:60:ab:cf:0d:4c:c6:
eb:9c:e0:e2:14:56:6b:10:65:65:1f:1b:e4:bb:b9:55:ff:d3:
ee:30:1f:10:32:92:50:33:74:5e:d9:f1:30:49:3f:30:ec:cd:
5c:d3:14:09:2d:c2:6c:a5:ab:6e:09:25:b4:10:9e:1e:4c:76:
f4:65:28:9c:7b:22:9d:79:5b:ba:fc:78:ff:c4:15:8b:ca:e2:
43:22:88:23:cb:ac:ca:da:64:06:85:a3:b9:93:22:8f:ee:32:
5f:de:c3:2c:d6:8c:77:90:ed:f8:f3:12:be:ae:b5:d9:89:de:
bf:76:9d:f9:d9:e9:a7:3a:f3:75:ed:4b:8c:b3:a6:e2:e2:44:
7d:9d:c4:96:d1:17:93:dc:9e:32:62:c0:cf:ca:9d:e3:b5:e4:
f6:4f:c9:a2:3c:c9:bc:d4:2e:02:6e:3e:ab:b5:f5:e4:11:3e:
a6:2d:f9:20:60:72:76:e6:8a:7d:1f:6e:97:62:96:15:96:09:
3e:c4:c4:5b:03:c7:30:b4:ad:d0:ac:a1:b3:fd:49:ac:b7:10:
1d:24:58:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3D9lth2pFSXhhafkabeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMGVhMWQxZGQ1YjYwNjQ4NTFkODQ5YzcwZjFjYjE0ZmNi
MmEzODMwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFjZTc2NGMwZmMyNzBiMGYyNjMyYTE5MDZiZTVjZWJmYTAzZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp6vqROwt4WXSBd5ydftY6MI2e3E
j/JUPa1SLdhBjS3C2cXyMFvrn9Ns4vQXHnKnJQem+I/YAlikWVW+MUXYe9umyYFJ
s5xN3WmNns32a57PFZ7T0k3wPS7/l3X8vQ5LBAxUiHPrCieqXjpTf8y4/nmMFGh8
tY90s9YAOtr43KPy+DcU5XtszJOMjEzbXxmttIPK0s81hybNN2CpoJ3DVb03da74
76wtbyXKek0Zk3dG7F/R/y6+s2xozSSZYv8AwFH5BG/OUDAxSqFEWs0L5ZhbRPRK
MM//t3WQwjbNC91QmSindDquQ6lh0EVjWxpT63WdLU4/GkUMayZ2sliYQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFoc52TA/CcLDyYyoZBr5c6/oD9JMB8GA1UdIwQY
MBaAFJwOodHdW2BkhR2EnHDxyxT8sqODMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkE2aDBkMWJZR1NGSFlTY2NQSExGUHl5bzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMTJmZGMtODM3NC00N2U2LThjNTAt
OTk2MzQ0ZjMxMTQ1LzEvV2h6blpNRDhKd3NQSmpLaGtHdmx6ci1nUDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMTJmZGMtODM3NC00N2U2LThjNTAtOTk2MzQ0ZjMxMTQ1
LzEvbkE2aDBkMWJZR1NGSFlTY2NQSExGUHl5bzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ziMA0G
CSqGSIb3DQEBCwUAA4IBAQBLSqRj/halWYcLuiZuxaox3BP3EAAxzXjd+5/B5EjV
U+GjJPK9cwGGSKFGJBmb5algq88NTMbrnODiFFZrEGVlHxvku7lV/9PuMB8QMpJQ
M3Re2fEwST8w7M1c0xQJLcJspatuCSW0EJ4eTHb0ZSiceyKdeVu6/Hj/xBWLyuJD
Iogjy6zK2mQGhaO5kyKP7jJf3sMs1ox3kO348xK+rrXZid6/dp352emnOvN17UuM
s6bi4kR9ncSW0ReT3J4yYsDPyp3jteT2T8miPMm81C4Cbj6rtfXkET6mLfkgYHJ2
5op9H26XYpYVlgk+xMRbA8cwtK3QrKGz/UmstxAdJFhU
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:55:54 2025 by rpki-client