Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/DWb6WF8DjwRTU0qXDx46BO4zwgA.roa
File: DWb6WF8DjwRTU0qXDx46BO4zwgA.roa (raw, json)
Hash identifier: CzOBQqTqajUkprVoUPDiYGmEDab6x3jR9YCHnFVJudw=
Subject key identifier: 0D:66:FA:58:5F:03:8F:04:53:53:4A:97:0F:1E:3A:04:EE:33:C2:00
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 0194236964C8640E4BF29888B6ED1DC9707E
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/DWb6WF8DjwRTU0qXDx46BO4zwgA.roa
Signing time: Wed 01 Jan 2025 19:48:17 +0000
ROA not before: Wed 01 Jan 2025 19:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47524
IP address blocks: 24.133.0.0/16 maxlen: 24
24.133.152.0/22 maxlen: 24
24.133.156.0/22 maxlen: 24
46.196.0.0/15 maxlen: 24
94.54.0.0/15 maxlen: 24
94.55.64.0/20 maxlen: 24
94.55.80.0/21 maxlen: 24
94.55.88.0/22 maxlen: 24
94.55.96.0/22 maxlen: 24
94.55.112.0/22 maxlen: 24
94.55.116.0/22 maxlen: 24
94.55.120.0/23 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.124.0/23 maxlen: 24
94.55.126.0/24 maxlen: 24
94.55.127.0/24 maxlen: 24
176.240.0.0/16 maxlen: 24
178.233.0.0/16 maxlen: 24
185.26.68.0/22 maxlen: 24
185.26.68.0/24 maxlen: 24
185.26.69.0/24 maxlen: 24
185.26.70.0/24 maxlen: 24
185.26.71.0/24 maxlen: 24
2a00:1d58::/29 maxlen: 48
2a00:1d58::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:64:c8:64:0e:4b:f2:98:88:b6:ed:1d:c9:70:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 19:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d66fa585f038f0453534a970f1e3a04ee33c200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:38:b7:a6:a6:f8:8e:ce:21:15:2e:12:a4:bc:
a5:24:54:13:aa:cc:d3:e4:70:7a:9e:1c:e3:bb:68:
e1:6e:ab:f3:f3:7c:5b:70:32:70:6e:ba:cd:c7:1a:
ae:5d:8b:a2:aa:57:bd:c9:2d:23:26:c4:fe:4e:bc:
2c:21:b8:80:65:8f:f0:27:14:45:b6:c0:e9:51:9e:
38:40:7c:b9:1c:5a:69:1a:42:32:39:08:48:f8:60:
20:ae:c2:44:57:b9:ee:c6:c4:09:fc:1e:8a:13:f5:
c0:28:aa:c1:7a:57:79:e4:c5:43:0a:a1:e6:d8:c5:
65:e2:a8:94:29:8b:41:05:6f:ad:da:bb:4c:a4:3b:
6d:f1:0b:80:35:bb:19:06:f6:1e:11:57:40:b4:0d:
80:4c:6b:92:02:a3:74:d3:f4:20:a5:bf:bf:07:ab:
e3:9d:13:cd:66:80:9f:6c:31:d5:1b:5e:7b:34:67:
d5:b8:08:52:38:01:34:0c:84:85:6f:44:b3:1f:db:
83:46:fd:90:d7:94:f2:39:cf:c4:e1:60:98:5f:0f:
e5:18:98:76:a8:9b:8f:4d:a3:92:b7:13:72:1e:86:
83:7e:26:bc:e2:28:9c:4f:ff:a0:04:8e:51:c0:d5:
3e:b2:03:73:45:23:85:1c:55:89:af:7f:2b:d7:04:
8c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:66:FA:58:5F:03:8F:04:53:53:4A:97:0F:1E:3A:04:EE:33:C2:00
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/DWb6WF8DjwRTU0qXDx46BO4zwgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.0.0/16
46.196.0.0/15
94.54.0.0/15
176.240.0.0/16
178.233.0.0/16
185.26.68.0/22
IPv6:
2a00:1d58::/29
Signature Algorithm: sha256WithRSAEncryption
46:11:74:22:ba:08:0f:66:4b:34:aa:7e:e7:d1:b9:dc:5e:8f:
6d:e1:28:e4:fb:f6:1f:d7:e2:62:d6:36:3c:dd:90:b6:30:37:
cb:c2:68:5b:32:f4:0a:f5:34:d9:36:f0:d1:00:86:f5:a3:81:
4b:db:e6:1a:ec:d2:20:e3:80:23:03:09:b1:e0:dc:3a:ed:82:
06:61:86:67:51:3e:45:06:2a:f5:05:0e:1e:a0:46:71:c5:dd:
0c:22:a8:22:86:64:cb:58:6f:bf:b9:2e:06:3d:cd:f2:ca:93:
ba:99:f3:5d:53:0e:ed:8c:b6:8b:d2:7d:39:58:9d:33:6c:63:
c0:49:2a:48:5c:04:9a:66:9c:60:c5:f8:98:da:aa:4e:20:6e:
37:77:22:45:8b:ac:06:da:e8:ef:3a:7c:33:73:c9:f2:be:2c:
34:d5:45:65:19:89:78:ef:50:99:72:e6:90:c5:c7:91:d7:c3:
71:a2:59:82:e1:71:d8:a0:7d:ee:90:9a:9c:2a:4d:44:3c:aa:
c1:9b:c0:58:5b:34:7f:ac:92:cb:c8:67:d0:ab:d8:9d:96:76:
eb:6c:15:54:01:af:a1:34:ae:3f:b2:c3:c2:92:23:41:b5:bf:
1a:6a:2a:e5:86:ea:31:1e:16:4d:ac:54:7d:79:ef:62:40:68:
36:cc:e6:63
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQjaWTIZA5L8piItu0dyXB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjUwMTAxMTk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDY2ZmE1ODVmMDM4ZjA0NTM1MzRhOTcwZjFlM2EwNGVlMzNjMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvji3pqb4js4hFS4SpLylJFQTqszT
5HB6nhzju2jhbqvz83xbcDJwbrrNxxquXYuiqle9yS0jJsT+TrwsIbiAZY/wJxRF
tsDpUZ44QHy5HFppGkIyOQhI+GAgrsJEV7nuxsQJ/B6KE/XAKKrBeld55MVDCqHm
2MVl4qiUKYtBBW+t2rtMpDtt8QuANbsZBvYeEVdAtA2ATGuSAqN00/Qgpb+/B6vj
nRPNZoCfbDHVG157NGfVuAhSOAE0DISFb0SzH9uDRv2Q15TyOc/E4WCYXw/lGJh2
qJuPTaOStxNyHoaDfia84iicT/+gBI5RwNU+sgNzRSOFHFWJr38r1wSMRQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFA1m+lhfA48EU1NKlw8eOgTuM8IAMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvRFdiNldGOERqd1JUVTBxWER4NDZCTzR6d2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMAGIUDAwEu
xAMDAV42AwMAsPADAwCy6QMEArkaRDANBAIAAjAHAwUDKgAdWDANBgkqhkiG9w0B
AQsFAAOCAQEARhF0IroID2ZLNKp+59G53F6PbeEo5Pv2H9fiYtY2PN2QtjA3y8Jo
WzL0CvU02Tbw0QCG9aOBS9vmGuzSIOOAIwMJseDcOu2CBmGGZ1E+RQYq9QUOHqBG
ccXdDCKoIoZky1hvv7kuBj3N8sqTupnzXVMO7Yy2i9J9OVidM2xjwEkqSFwEmmac
YMX4mNqqTiBuN3ciRYusBtro7zp8M3PJ8r4sNNVFZRmJeO9QmXLmkMXHkdfDcaJZ
guFx2KB97pCanCpNRDyqwZvAWFs0f6ySy8hn0KvYnZZ262wVVAGvoTSuP7LDwpIj
QbW/Gmoq5YbqMR4WTaxUfXnvYkBoNszmYw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:53:33 2025 by rpki-client