Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f842c1-9a96-44f1-a36f-b1081750ce15/1/wkYXDy6jmP0Af0Mp2rQ3k6yOAAw.roa
File: wkYXDy6jmP0Af0Mp2rQ3k6yOAAw.roa (raw, json)
Hash identifier: UUIGA4ibmPpEgaOdXWNcs3JAI5RUgnFEIrwSbmNcKfs=
Subject key identifier: C2:46:17:0F:2E:A3:98:FD:00:7F:43:29:DA:B4:37:93:AC:8E:00:0C
Certificate issuer: /CN=cb81d1f3ac14af50dc0665744f9076b7fadb1f9b
Certificate serial: 01942825D9983680145758CE0B8AE93B7C4D
Authority key identifier: CB:81:D1:F3:AC:14:AF:50:DC:06:65:74:4F:90:76:B7:FA:DB:1F:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y4HR86wUr1DcBmV0T5B2t_rbH5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f842c1-9a96-44f1-a36f-b1081750ce15/1/wkYXDy6jmP0Af0Mp2rQ3k6yOAAw.roa
Signing time: Thu 02 Jan 2025 17:52:36 +0000
ROA not before: Thu 02 Jan 2025 17:52:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205988
IP address blocks: 185.200.52.0/22 maxlen: 24
2a0a:ab40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:d9:98:36:80:14:57:58:ce:0b:8a:e9:3b:7c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb81d1f3ac14af50dc0665744f9076b7fadb1f9b
Validity
Not Before: Jan 2 17:52:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c246170f2ea398fd007f4329dab43793ac8e000c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:83:f8:e4:dc:a1:6b:a9:07:5d:8f:2a:0e:74:
60:4e:66:b3:17:36:6d:17:13:aa:f1:55:8e:d5:f2:
1e:9f:23:89:09:44:30:47:8b:c1:d3:6d:2d:97:64:
ac:e8:74:a0:47:4c:cd:40:ea:00:e4:44:31:dd:cf:
64:cd:51:62:29:9e:56:97:c2:b1:97:a9:1b:c7:7b:
3f:c8:b7:49:d2:af:5c:fe:4f:ce:48:0b:cd:bd:78:
8b:ec:c4:d2:60:d2:45:d7:a5:7f:79:a1:32:f7:e4:
77:bb:b7:8f:ec:ad:28:fd:8e:3b:51:12:f6:c1:8c:
84:10:8e:14:b1:d8:82:80:31:89:8e:cb:2b:a3:8b:
f3:c3:55:c4:20:0a:92:c6:a6:e5:46:67:7f:5f:cd:
ad:13:17:a2:d7:46:6a:0f:e2:14:fc:3c:20:d1:26:
5c:18:e2:7c:6c:98:06:69:40:31:37:90:1e:44:5f:
f6:0a:50:5c:0d:85:0d:83:98:a1:48:42:c6:29:c9:
f1:c1:11:0b:07:ae:94:6b:65:31:07:8d:87:9f:83:
05:6d:9a:35:b2:43:83:05:48:d0:a0:cc:66:44:82:
7c:40:68:9e:3c:b5:2e:e0:24:3d:4d:d7:57:9a:ba:
18:cc:a4:14:83:17:e5:66:9f:3a:3e:86:c9:7d:14:
68:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:46:17:0F:2E:A3:98:FD:00:7F:43:29:DA:B4:37:93:AC:8E:00:0C
X509v3 Authority Key Identifier:
keyid:CB:81:D1:F3:AC:14:AF:50:DC:06:65:74:4F:90:76:B7:FA:DB:1F:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4HR86wUr1DcBmV0T5B2t_rbH5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f842c1-9a96-44f1-a36f-b1081750ce15/1/wkYXDy6jmP0Af0Mp2rQ3k6yOAAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f842c1-9a96-44f1-a36f-b1081750ce15/1/y4HR86wUr1DcBmV0T5B2t_rbH5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.52.0/22
IPv6:
2a0a:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
78:90:7b:c5:14:53:f5:cf:fe:8c:c4:83:f9:09:8a:24:a0:98:
a9:ca:32:f8:e7:a3:60:95:27:14:e9:97:53:eb:ae:63:6f:08:
55:ca:a5:d6:9f:66:bf:ad:79:7a:91:d3:6e:15:cb:73:e2:67:
3d:66:91:f7:45:97:23:50:d7:21:92:d9:6b:c3:31:9a:d5:84:
83:58:25:1e:1f:92:ae:88:21:ab:12:29:c2:69:30:f5:5f:dc:
63:3f:e9:de:cb:ec:7b:72:48:2c:e3:e0:73:3f:7f:53:70:1d:
7b:ec:ea:38:ca:de:e4:4b:c8:de:db:39:3a:d6:f2:76:15:e1:
e6:7c:82:80:ca:8a:ec:73:50:2a:e8:73:5d:dc:d5:ec:7b:41:
3a:c3:89:6e:5e:42:0a:a2:ee:45:9b:f9:78:7e:fa:11:b8:0f:
0d:37:bf:39:d8:d9:58:7b:60:67:1a:0e:c8:33:ce:ec:f0:54:
5b:b1:5e:6a:89:ae:3f:42:ec:05:30:3d:67:7c:aa:1a:68:a3:
85:97:96:01:41:0d:92:26:6c:e5:73:8b:1d:14:02:f8:ea:9b:
a0:7c:66:89:40:f2:24:57:5c:a6:e1:7d:85:cf:9f:17:fa:f5:
16:de:fe:cd:31:7d:bd:1c:fb:1d:0a:f6:e9:7e:98:03:c9:b8:
4f:00:15:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJdmYNoAUV1jOC4rpO3xNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODFkMWYzYWMxNGFmNTBkYzA2NjU3NDRmOTA3NmI3ZmFk
YjFmOWIwHhcNMjUwMTAyMTc1MjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ2MTcwZjJlYTM5OGZkMDA3ZjQzMjlkYWI0Mzc5M2FjOGUwMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4P45Nyha6kHXY8qDnRgTmazFzZt
FxOq8VWO1fIenyOJCUQwR4vB020tl2Ss6HSgR0zNQOoA5EQx3c9kzVFiKZ5Wl8Kx
l6kbx3s/yLdJ0q9c/k/OSAvNvXiL7MTSYNJF16V/eaEy9+R3u7eP7K0o/Y47URL2
wYyEEI4UsdiCgDGJjssro4vzw1XEIAqSxqblRmd/X82tExei10ZqD+IU/Dwg0SZc
GOJ8bJgGaUAxN5AeRF/2ClBcDYUNg5ihSELGKcnxwRELB66Ua2UxB42Hn4MFbZo1
skODBUjQoMxmRIJ8QGiePLUu4CQ9TddXmroYzKQUgxflZp86PobJfRRolwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMJGFw8uo5j9AH9DKdq0N5OsjgAMMB8GA1UdIwQY
MBaAFMuB0fOsFK9Q3AZldE+Qdrf62x+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRIUjg2d1VyMURjQm1WMFQ1QjJ0X3JiSDVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mODQyYzEtOWE5Ni00NGYxLWEzNmYt
YjEwODE3NTBjZTE1LzEvd2tZWER5NmptUDBBZjBNcDJyUTNrNnlPQUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mODQyYzEtOWE5Ni00NGYxLWEzNmYtYjEwODE3NTBjZTE1
LzEveTRIUjg2d1VyMURjQm1WMFQ1QjJ0X3JiSDVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucg0MA0E
AgACMAcDBQMqCqtAMA0GCSqGSIb3DQEBCwUAA4IBAQB4kHvFFFP1z/6MxIP5CYok
oJipyjL456NglScU6ZdT665jbwhVyqXWn2a/rXl6kdNuFctz4mc9ZpH3RZcjUNch
ktlrwzGa1YSDWCUeH5KuiCGrEinCaTD1X9xjP+ney+x7ckgs4+BzP39TcB177Oo4
yt7kS8je2zk61vJ2FeHmfIKAyorsc1Aq6HNd3NXse0E6w4luXkIKou5Fm/l4fvoR
uA8NN7852NlYe2BnGg7IM87s8FRbsV5qia4/QuwFMD1nfKoaaKOFl5YBQQ2SJmzl
c4sdFAL46pugfGaJQPIkV1ym4X2Fz58X+vUW3v7NMX29HPsdCvbpfpgDybhPABWd
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:26 2025 by rpki-client