Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/w-oOByr8sgdKkYY6VLkpg2gKIOQ.roa
File: w-oOByr8sgdKkYY6VLkpg2gKIOQ.roa (raw, json)
Hash identifier: xpmewScXUhAKiF76O5F0ATfgD2UYn/etk92BAR4CN04=
Subject key identifier: C3:EA:0E:07:2A:FC:B2:07:4A:91:86:3A:54:B9:29:83:68:0A:20:E4
Certificate issuer: /CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Certificate serial: 17B4ABF6
Authority key identifier: 70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/w-oOByr8sgdKkYY6VLkpg2gKIOQ.roa
Signing time: Tue 19 Apr 2022 11:58:26 +0000
ROA not before: Tue 19 Apr 2022 11:58:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34655
IP address blocks: 109.71.160.0/24 maxlen: 24
109.71.166.0/24 maxlen: 24
109.71.165.0/24 maxlen: 24
5.159.216.0/24 maxlen: 24
95.128.120.0/24 maxlen: 24
95.128.125.0/24 maxlen: 24
95.128.124.0/24 maxlen: 24
95.128.121.0/24 maxlen: 24
95.128.126.0/24 maxlen: 24
2a03:9c40:800::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 397716470 (0x17b4abf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Validity
Not Before: Apr 19 11:58:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3ea0e072afcb2074a91863a54b92983680a20e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:92:6d:2f:1a:40:6e:be:44:82:13:8d:7f:98:
97:be:48:18:1f:e0:8b:2c:35:ae:80:96:0a:a4:1a:
35:47:79:80:a5:fc:58:e2:fa:c7:1f:14:46:87:6f:
3b:dc:db:4b:f0:4e:7c:fc:df:4f:18:a2:48:c8:f8:
38:38:f7:57:ae:ec:d3:4e:b7:3f:62:e3:92:68:a4:
0f:d1:3b:58:64:45:df:40:26:01:33:89:6c:6b:95:
08:da:d7:93:ee:a5:34:f9:31:fc:1b:c4:50:31:72:
27:ed:48:f6:91:9c:b1:5c:17:85:4d:fe:48:b6:94:
11:45:d7:37:50:a8:43:fd:ea:0a:46:68:48:b0:b7:
18:1c:84:0f:99:9c:27:70:ff:e6:16:34:06:2f:e5:
4b:35:c9:05:2d:b2:cf:b8:a9:7e:c9:25:5f:e6:7c:
e5:6f:dd:f6:33:2c:b2:b5:05:29:6c:ff:f3:fc:bd:
7a:20:de:c1:b5:38:1b:a8:6e:62:bb:ff:72:85:76:
dc:5b:7d:e4:8b:9e:ea:82:df:11:a7:7c:53:c2:65:
f8:2b:6a:61:4c:3b:c0:fb:78:88:ab:ba:00:3d:f8:
d3:19:74:ac:74:2c:53:d6:2e:82:b5:8c:3b:90:2d:
52:2e:a6:12:e0:88:19:38:1e:de:0a:e7:a6:49:f6:
92:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EA:0E:07:2A:FC:B2:07:4A:91:86:3A:54:B9:29:83:68:0A:20:E4
X509v3 Authority Key Identifier:
keyid:70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/w-oOByr8sgdKkYY6VLkpg2gKIOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/cE6wMksWcpndYGTbvzQNL5nEAsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.216.0/24
95.128.120.0/23
95.128.124.0-95.128.126.255
109.71.160.0/24
109.71.165.0-109.71.166.255
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
a3:08:bc:b2:df:97:7c:31:06:4f:d3:a1:43:ae:96:52:ec:24:
d1:89:4f:f8:2a:1f:c1:a4:93:14:f5:c2:39:80:14:60:a7:22:
d6:cc:f4:a9:4c:86:d4:b5:21:d4:98:44:fb:e8:b9:81:f0:c7:
6a:2b:07:2d:cc:9d:f7:f0:95:51:82:f5:af:48:e7:f7:11:36:
c9:04:7a:7c:92:e9:62:e6:f7:a0:c8:dd:49:c6:36:d1:26:de:
7a:4b:98:01:33:97:d8:c2:72:4f:db:01:d9:ea:36:c1:25:3e:
5d:93:dd:07:6f:e6:61:d7:03:9a:41:73:4c:06:1c:d8:75:f7:
27:c4:02:d5:0c:16:7a:38:ec:f6:fb:69:82:3e:5e:fc:fb:b0:
0d:e2:cf:1f:bf:0d:30:70:91:19:10:b9:84:0a:b7:37:84:11:
ae:95:dd:6d:c3:49:5c:3c:f7:8a:a3:0b:d7:42:32:71:ac:2a:
6a:77:85:56:97:f7:c8:a1:bc:55:81:1e:dc:80:c9:70:a7:0f:
dd:58:06:b0:82:58:44:af:ee:af:94:b8:81:01:00:3b:ff:9b:
5c:c4:99:12:3f:1c:8d:82:9e:05:c4:96:44:d7:45:bb:36:31:
ef:76:a0:13:72:97:be:e2:05:cb:2a:5c:94:b4:cb:d9:45:e4:
f8:7a:d1:bd
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEF7Sr9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDRlYjAzMjRiMTY3Mjk5ZGQ2MDY0ZGJiZjM0MGQyZjk5YzQwMmMyMB4XDTIyMDQx
OTExNTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzNlYTBlMDcyYWZj
YjIwNzRhOTE4NjNhNTRiOTI5ODM2ODBhMjBlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSSbS8aQG6+RIITjX+Yl75IGB/giyw1roCWCqQaNUd5gKX8
WOL6xx8URodvO9zbS/BOfPzfTxiiSMj4ODj3V67s0063P2LjkmikD9E7WGRF30Am
ATOJbGuVCNrXk+6lNPkx/BvEUDFyJ+1I9pGcsVwXhU3+SLaUEUXXN1CoQ/3qCkZo
SLC3GByED5mcJ3D/5hY0Bi/lSzXJBS2yz7ipfsklX+Z85W/d9jMssrUFKWz/8/y9
eiDewbU4G6huYrv/coV23Ft95Iue6oLfEad8U8Jl+CtqYUw7wPt4iKu6AD340xl0
rHQsU9YugrWMO5AtUi6mEuCIGTge3grnpkn2klUCAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBTD6g4HKvyyB0qRhjpUuSmDaAog5DAfBgNVHSMEGDAWgBRwTrAySxZymd1g
ZNu/NA0vmcQCwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NFNndNa3NXY3BuZFlHVGJ2elFOTDVuRUFzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvYWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8x
L3ctb09CeXI4c2dkS2tZWTZWTGtwZzJnS0lPUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
YWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8xL2NFNndNa3NXY3Bu
ZFlHVGJ2elFOTDVuRUFzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswNAQCAAEwLgMEAAWf2AMEAV+AeDAMAwQCX4B8AwQA
X4B+AwQAbUegMAwDBABtR6UDBABtR6YwMwQCAAIwLQMHACoDnEAAAAMHACoDnEAC
AAMHACoDnEAEAAMHACoDnEAGAAMHACoDnEAIADANBgkqhkiG9w0BAQsFAAOCAQEA
owi8st+XfDEGT9OhQ66WUuwk0YlP+CofwaSTFPXCOYAUYKci1sz0qUyG1LUh1JhE
++i5gfDHaisHLcyd9/CVUYL1r0jn9xE2yQR6fJLpYub3oMjdScY20SbeekuYATOX
2MJyT9sB2eo2wSU+XZPdB2/mYdcDmkFzTAYc2HX3J8QC1QwWejjs9vtpgj5e/Puw
DeLPH78NMHCRGRC5hAq3N4QRrpXdbcNJXDz3iqML10IycawqaneFVpf3yKG8VYEe
3IDJcKcP3VgGsIJYRK/ur5S4gQEAO/+bXMSZEj8cjYKeBcSWRNdFuzYx73agE3KX
vuIFyypclLTL2UXk+HrRvQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:12 2025 by rpki-client