Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wNHTWekq35BhohXJLFy5WnvbARo.roa
File: wNHTWekq35BhohXJLFy5WnvbARo.roa (raw, json)
Hash identifier: N2V1osNkJVOowgNXzO+FEizM/KyV74L14XWARmG0BU4=
Subject key identifier: C0:D1:D3:59:E9:2A:DF:90:61:A2:15:C9:2C:5C:B9:5A:7B:DB:01:1A
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C1026B64F4F639C88898D0A30C8120C27
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wNHTWekq35BhohXJLFy5WnvbARo.roa
Signing time: Mon 27 Nov 2023 09:40:21 +0000
ROA not before: Mon 27 Nov 2023 09:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 176.221.24.0/22 maxlen: 22
176.221.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:26:b6:4f:4f:63:9c:88:89:8d:0a:30:c8:12:0c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Nov 27 09:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0d1d359e92adf9061a215c92c5cb95a7bdb011a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6f:24:54:9c:a4:64:f4:c3:dc:d0:f1:0a:4c:
8a:fb:f0:25:e2:c5:2f:a4:ae:89:26:b6:83:a0:cd:
fc:6f:27:e0:35:56:0c:f2:67:39:7d:a8:88:ea:74:
f3:3b:9d:1d:ae:b5:9d:e9:ae:96:fc:5d:74:72:ae:
e4:a7:77:50:95:e4:c1:8f:c5:88:df:05:38:8d:b5:
e4:46:44:db:53:ba:d8:12:46:4b:ee:06:93:60:da:
63:4d:d8:9c:b7:7f:14:8d:54:e0:fa:38:19:7d:fc:
43:8e:c0:4e:ff:7f:e8:34:8c:92:6b:a2:bd:f8:fb:
22:9d:df:4b:78:a3:7e:55:c7:e0:dc:f1:c3:4a:fd:
57:72:db:e4:b9:50:2a:bf:0f:a6:76:eb:97:04:8f:
e9:68:e8:de:0d:32:e9:89:4d:20:12:33:31:b6:ab:
7b:95:a4:7e:b8:52:16:d8:74:7d:df:c1:d7:11:b2:
41:71:06:e2:84:bb:a2:72:3e:14:1f:6c:83:f0:66:
3f:a6:85:17:07:19:fe:98:07:ea:a8:b5:5d:2b:7e:
da:2e:b3:ed:20:8f:27:1d:f2:62:35:0b:52:37:d3:
56:9d:c2:d5:24:cb:cb:91:d7:a0:06:bd:a8:bd:08:
5e:1c:7b:de:be:65:a6:f6:78:e2:e3:7c:3a:c9:cf:
5f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D1:D3:59:E9:2A:DF:90:61:A2:15:C9:2C:5C:B9:5A:7B:DB:01:1A
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wNHTWekq35BhohXJLFy5WnvbARo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
9c:66:77:0c:4b:9e:90:ec:af:2e:1c:68:26:e4:f0:c5:51:9f:
88:a0:13:75:79:13:d0:d8:62:81:35:b3:fd:7b:13:89:68:38:
6f:0d:6c:da:bc:d6:81:67:bb:08:c5:83:19:17:21:1c:34:9e:
fc:96:b3:1a:d9:fa:05:6c:b7:e9:78:07:51:89:61:62:f9:26:
46:c6:b3:33:ca:0f:3d:1e:98:49:7e:40:52:20:1b:4b:e6:00:
44:23:ae:aa:de:ce:12:54:9f:cf:ee:5b:8a:41:5c:1b:1c:f3:
22:5b:37:c6:cb:5e:4a:30:64:ba:d0:2c:74:b8:ae:df:91:10:
51:bb:53:b5:26:18:87:35:ca:6c:bc:a1:07:fb:38:93:59:0c:
d0:e3:2a:12:28:97:24:e4:10:1f:f9:a0:d5:54:c6:be:06:53:
f4:b1:8f:2f:83:ff:b4:d2:68:74:da:58:59:63:6a:9e:3e:ab:
97:fc:d2:08:57:cf:e1:d6:8f:a8:79:19:a6:2c:fc:72:8e:61:
e7:93:3b:f1:84:90:1f:ab:18:cc:41:c6:b3:18:6d:5d:ce:1a:
95:5b:b1:7a:20:47:1c:62:e5:2b:15:06:4f:8c:4a:6e:04:1f:
12:90:2e:30:f2:58:32:ee:0c:63:d9:4e:3d:ec:cd:9d:6a:ec:
fc:45:f0:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYwQJrZPT2OciImNCjDIEgwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMTI3MDk0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQxZDM1OWU5MmFkZjkwNjFhMjE1YzkyYzVjYjk1YTdiZGIwMTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG8kVJykZPTD3NDxCkyK+/Al4sUv
pK6JJraDoM38byfgNVYM8mc5faiI6nTzO50drrWd6a6W/F10cq7kp3dQleTBj8WI
3wU4jbXkRkTbU7rYEkZL7gaTYNpjTdict38UjVTg+jgZffxDjsBO/3/oNIySa6K9
+Psind9LeKN+Vcfg3PHDSv1XctvkuVAqvw+mduuXBI/paOjeDTLpiU0gEjMxtqt7
laR+uFIW2HR938HXEbJBcQbihLuicj4UH2yD8GY/poUXBxn+mAfqqLVdK37aLrPt
II8nHfJiNQtSN9NWncLVJMvLkdegBr2ovQheHHvevmWm9nji43w6yc9f4wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMDR01npKt+QYaIVySxcuVp72wEaMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvd05IVFdla3EzNUJob2hYSkxGeTVXbnZiQVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKw3RQD
BAKw3RgwDQYJKoZIhvcNAQELBQADggEBAJxmdwxLnpDsry4caCbk8MVRn4igE3V5
E9DYYoE1s/17E4loOG8NbNq81oFnuwjFgxkXIRw0nvyWsxrZ+gVst+l4B1GJYWL5
JkbGszPKDz0emEl+QFIgG0vmAEQjrqrezhJUn8/uW4pBXBsc8yJbN8bLXkowZLrQ
LHS4rt+REFG7U7UmGIc1ymy8oQf7OJNZDNDjKhIolyTkEB/5oNVUxr4GU/Sxjy+D
/7TSaHTaWFljap4+q5f80ghXz+HWj6h5GaYs/HKOYeeTO/GEkB+rGMxBxrMYbV3O
GpVbsXogRxxi5SsVBk+MSm4EHxKQLjDyWDLuDGPZTj3szZ1q7PxF8OA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:27 2025 by rpki-client