Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wal96F3i3LqA5odlBErOnFDCpvE.roa
File: wal96F3i3LqA5odlBErOnFDCpvE.roa (raw, json)
Hash identifier: pdK6DK1i8kroPyupqo/401UwrqnqWkvqZnWtVWDRAgg=
Subject key identifier: C1:A9:7D:E8:5D:E2:DC:BA:80:E6:87:65:04:4A:CE:9C:50:C2:A6:F1
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CCA2A3357DCD0F50EB7B4AB89C1CEAA86
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wal96F3i3LqA5odlBErOnFDCpvE.roa
Signing time: Tue 02 Jan 2024 12:33:32 +0000
ROA not before: Tue 02 Jan 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 95.82.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:33:57:dc:d0:f5:0e:b7:b4:ab:89:c1:ce:aa:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 2 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1a97de85de2dcba80e68765044ace9c50c2a6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2e:5a:6b:b4:d9:f8:45:b7:9e:21:7f:53:ea:
67:24:b4:4a:09:2c:7b:c1:59:e5:19:09:df:04:24:
62:39:9c:65:3e:8b:b9:c4:ee:93:aa:21:b7:3d:24:
cb:d1:dc:0c:bc:1b:f9:81:cc:1b:80:b5:2b:94:5b:
51:66:8d:f3:dc:cf:63:05:16:f5:c5:fa:55:0a:8c:
2e:be:7a:d1:23:f2:aa:3a:c7:4c:ea:79:45:4a:60:
99:5d:34:03:1a:bd:c2:fb:58:b4:94:5e:53:6f:3d:
20:7d:0b:a5:2c:7e:6e:0c:b2:94:e3:4a:47:52:88:
fd:2a:a8:df:c7:a5:b7:ef:fb:59:52:56:a7:ef:89:
f0:fe:70:c4:94:63:ea:e9:2a:43:2d:81:82:d5:9c:
f5:99:70:12:fd:57:97:13:f0:e9:b1:fa:ce:67:90:
21:2c:d0:e3:ce:fe:9f:f6:8d:b3:b0:a6:1f:c3:91:
e1:94:30:25:bd:fc:ec:56:e0:df:77:00:ef:50:f7:
7a:4e:73:f3:82:ac:e5:a1:99:40:b8:8c:af:2d:15:
cb:1e:5d:32:5c:73:39:25:01:f7:95:6f:5b:f5:ae:
10:68:47:b2:26:45:a9:26:9d:04:71:92:3e:97:27:
eb:a7:c6:94:b3:f3:d4:d2:87:9f:4f:0a:1c:7f:8e:
f2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A9:7D:E8:5D:E2:DC:BA:80:E6:87:65:04:4A:CE:9C:50:C2:A6:F1
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/wal96F3i3LqA5odlBErOnFDCpvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.16.0/20
Signature Algorithm: sha256WithRSAEncryption
10:d6:02:d4:21:74:65:67:c4:cf:82:bd:b6:07:68:33:ab:4a:
dc:c3:7f:4b:6b:1d:ad:44:29:1b:e7:93:6c:42:65:97:13:96:
a7:1c:6f:53:44:08:af:7c:d4:e6:a1:60:27:80:23:59:d5:2f:
3c:f5:3c:16:6a:81:d2:16:5a:c2:5f:3e:eb:0d:2f:f4:7b:cd:
9c:de:6b:70:21:9e:58:eb:1c:6b:d1:4d:ff:91:87:dc:5c:40:
16:70:e7:76:72:32:c7:aa:85:e4:b1:75:3f:29:16:22:4c:a3:
0d:1c:57:13:fb:69:00:91:0a:d7:1e:7c:38:48:67:d1:ec:fa:
ba:f9:1d:8a:45:79:2c:0b:33:a2:67:52:f9:b7:66:90:9c:5a:
4e:a7:dd:67:6f:ca:3e:42:0c:db:e8:16:1f:33:ab:ca:06:4a:
46:fd:8b:2b:4b:12:12:e5:df:66:97:fc:da:50:f8:fd:f9:67:
2c:fc:fe:c2:6c:64:c3:ea:06:3b:2e:2e:22:15:00:ba:4a:47:
69:87:23:ce:76:b8:d4:64:4b:47:a9:a5:f0:a0:7f:28:07:57:
b6:24:bf:55:43:43:6e:48:d5:ab:cd:4c:0b:10:33:e4:7c:23:
34:59:2d:36:cb:f9:63:0d:2e:89:17:63:59:44:4e:40:a9:bf:
9d:61:f4:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjNX3ND1Dre0q4nBzqqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTAyMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE5N2RlODVkZTJkY2JhODBlNjg3NjUwNDRhY2U5YzUwYzJhNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC5aa7TZ+EW3niF/U+pnJLRKCSx7
wVnlGQnfBCRiOZxlPou5xO6TqiG3PSTL0dwMvBv5gcwbgLUrlFtRZo3z3M9jBRb1
xfpVCowuvnrRI/KqOsdM6nlFSmCZXTQDGr3C+1i0lF5Tbz0gfQulLH5uDLKU40pH
Uoj9Kqjfx6W37/tZUlan74nw/nDElGPq6SpDLYGC1Zz1mXAS/VeXE/DpsfrOZ5Ah
LNDjzv6f9o2zsKYfw5HhlDAlvfzsVuDfdwDvUPd6TnPzgqzloZlAuIyvLRXLHl0y
XHM5JQH3lW9b9a4QaEeyJkWpJp0EcZI+lyfrp8aUs/PU0oefTwocf47yDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGpfehd4ty6gOaHZQRKzpxQwqbxMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvd2FsOTZGM2kzTHFBNW9kbEJFck9uRkRDcHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEX1IQMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ1gLUIXRlZ8TPgr22B2gzq0rcw39Lax2tRCkb55Ns
QmWXE5anHG9TRAivfNTmoWAngCNZ1S889TwWaoHSFlrCXz7rDS/0e82c3mtwIZ5Y
6xxr0U3/kYfcXEAWcOd2cjLHqoXksXU/KRYiTKMNHFcT+2kAkQrXHnw4SGfR7Pq6
+R2KRXksCzOiZ1L5t2aQnFpOp91nb8o+Qgzb6BYfM6vKBkpG/YsrSxIS5d9ml/za
UPj9+Wcs/P7CbGTD6gY7Li4iFQC6SkdphyPOdrjUZEtHqaXwoH8oB1e2JL9VQ0Nu
SNWrzUwLEDPkfCM0WS02y/ljDS6JF2NZRE5Aqb+dYfRO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:23 2025 by rpki-client