Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Wk2nk_npfvuDK3d7yb8uiNsWgso.roa
File: Wk2nk_npfvuDK3d7yb8uiNsWgso.roa (raw, json)
Hash identifier: 9uoY0xdAMA71Q732eb1TH1o48fqtG8bkS/TtEFw86ho=
Subject key identifier: 5A:4D:A7:93:F9:E9:7E:FB:83:2B:77:7B:C9:BF:2E:88:DB:16:82:CA
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B978D75987ACB73026D206E1ADC0F
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Wk2nk_npfvuDK3d7yb8uiNsWgso.roa
Signing time: Thu 02 Jan 2025 09:49:32 +0000
ROA not before: Thu 02 Jan 2025 09:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 5.154.42.0/24 maxlen: 24
31.14.207.0/24 maxlen: 24
185.25.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:97:8d:75:98:7a:cb:73:02:6d:20:6e:1a:dc:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a4da793f9e97efb832b777bc9bf2e88db1682ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c6:b2:da:6c:20:c2:2b:74:1f:c4:62:53:26:
69:eb:22:22:53:b5:2c:7e:a2:f3:dc:23:cd:85:45:
44:34:ac:61:ec:df:db:bb:1b:a7:66:a9:ab:e4:56:
2f:21:78:7a:ee:f3:65:7e:2d:56:da:f6:be:89:e6:
23:9d:54:05:6e:e2:2d:e6:f3:6a:32:98:d1:2b:19:
68:5f:05:5f:03:44:48:02:7b:6d:24:c7:9f:4f:ba:
03:33:00:34:6e:f3:5a:60:0a:13:85:9a:65:e6:ad:
eb:28:fb:d5:6e:d2:74:5c:d5:8a:80:93:cc:3f:f4:
40:88:b4:f3:8e:cd:e7:dc:85:bb:56:bb:3a:13:47:
0f:cd:8a:e1:15:1f:9d:ac:4c:13:47:8e:96:92:c5:
05:fa:26:3e:54:7a:6b:0f:c0:33:5d:0e:61:31:40:
84:20:0b:20:3b:61:8e:3f:a6:51:fe:5c:8a:32:14:
79:46:a1:46:69:9e:48:6c:fb:17:79:1a:cf:09:39:
67:ee:a9:27:be:c8:4c:5f:c3:f5:69:d3:22:f1:74:
af:3b:05:6e:4d:02:37:79:e0:4f:6d:81:17:d0:e1:
76:b3:ad:10:0f:3b:76:e6:75:c9:51:58:51:a6:62:
ca:aa:6b:cd:91:92:4b:d6:e0:f0:58:0a:c2:61:05:
4c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4D:A7:93:F9:E9:7E:FB:83:2B:77:7B:C9:BF:2E:88:DB:16:82:CA
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Wk2nk_npfvuDK3d7yb8uiNsWgso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.42.0/24
31.14.207.0/24
185.25.197.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:b0:b2:23:73:33:10:4f:ca:44:b5:e6:01:04:7b:92:87:4c:
49:71:93:cd:ac:83:7a:09:b7:32:a1:08:06:02:9c:71:82:f0:
b1:af:df:a6:3d:38:dc:1b:63:94:08:03:a1:57:f5:d8:cf:28:
f6:da:c9:73:01:a1:75:90:44:2f:6d:3a:5a:ac:ae:cf:41:cf:
9d:78:01:4e:4e:a2:4d:2f:5d:75:d3:6e:d8:0a:1e:fe:aa:84:
52:b5:37:42:74:3f:d5:ff:f1:51:a4:7a:3f:79:d6:6e:6a:d2:
f3:11:44:1e:90:49:b1:a5:21:b5:bf:81:56:4a:05:3b:06:1b:
1c:19:5f:f5:4f:c2:0c:bb:12:5d:be:4c:71:39:e2:ec:06:4d:
33:cf:f9:2b:a3:a1:c9:6b:f9:7c:6c:f4:92:60:3a:c6:5f:01:
78:93:80:af:48:d4:f1:ee:72:4e:d1:5c:b7:4f:f8:b5:2f:e7:
17:7d:7e:ee:37:8c:e9:72:76:78:13:c9:c6:0a:6f:d0:8a:ac:
45:4a:f1:8e:84:f9:e1:eb:c0:bb:0d:79:f2:42:f8:28:00:a3:
e6:12:f8:46:f8:7f:1c:79:23:5f:ce:d2:07:ed:d8:0f:46:6e:
95:f5:7f:b2:6b:ca:77:b5:2d:20:b2:ab:9a:80:57:17:f7:70:
76:91:6b:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma5eNdZh6y3MCbSBuGtwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRkYTc5M2Y5ZTk3ZWZiODMyYjc3N2JjOWJmMmU4OGRiMTY4MmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksay2mwgwit0H8RiUyZp6yIiU7Us
fqLz3CPNhUVENKxh7N/buxunZqmr5FYvIXh67vNlfi1W2va+ieYjnVQFbuIt5vNq
MpjRKxloXwVfA0RIAnttJMefT7oDMwA0bvNaYAoThZpl5q3rKPvVbtJ0XNWKgJPM
P/RAiLTzjs3n3IW7Vrs6E0cPzYrhFR+drEwTR46WksUF+iY+VHprD8AzXQ5hMUCE
IAsgO2GOP6ZR/lyKMhR5RqFGaZ5IbPsXeRrPCTln7qknvshMX8P1adMi8XSvOwVu
TQI3eeBPbYEX0OF2s60QDzt25nXJUVhRpmLKqmvNkZJL1uDwWArCYQVMTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFpNp5P56X77gyt3e8m/LojbFoLKMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvV2sybmtfbnBmdnVESzNkN3liOHVpTnNXZ3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZoqAwQA
Hw7PAwQAuRnFMA0GCSqGSIb3DQEBCwUAA4IBAQB/sLIjczMQT8pEteYBBHuSh0xJ
cZPNrIN6CbcyoQgGApxxgvCxr9+mPTjcG2OUCAOhV/XYzyj22slzAaF1kEQvbTpa
rK7PQc+deAFOTqJNL111027YCh7+qoRStTdCdD/V//FRpHo/edZuatLzEUQekEmx
pSG1v4FWSgU7BhscGV/1T8IMuxJdvkxxOeLsBk0zz/kro6HJa/l8bPSSYDrGXwF4
k4CvSNTx7nJO0Vy3T/i1L+cXfX7uN4zpcnZ4E8nGCm/QiqxFSvGOhPnh68C7DXny
QvgoAKPmEvhG+H8ceSNfztIH7dgPRm6V9X+ya8p3tS0gsquagFcX93B2kWsH
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:36:28 2025 by rpki-client