Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/WCDN3tIMJf6IUmCnx3_OzBWND-k.roa
File: WCDN3tIMJf6IUmCnx3_OzBWND-k.roa (raw, json)
Hash identifier: p+GV6tlT8kfLYsMGkOurAT26P8AL5kncF7OJUJ2QUa4=
Subject key identifier: 58:20:CD:DE:D2:0C:25:FE:88:52:60:A7:C7:7F:CE:CC:15:8D:0F:E9
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019421B213E065E2ED71A13D9730B340CEF5
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/WCDN3tIMJf6IUmCnx3_OzBWND-k.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35281
IP address blocks: 193.223.0.0/24 maxlen: 24
195.136.198.0/24 maxlen: 24
195.136.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:13:e0:65:e2:ed:71:a1:3d:97:30:b3:40:ce:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5820cdded20c25fe885260a7c77fcecc158d0fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:87:9f:0e:5d:25:df:95:d8:0a:ea:67:72:5b:
ca:63:81:6b:2c:2b:79:59:45:2e:db:cd:6c:ba:e3:
64:0a:b8:21:86:7f:1b:48:d4:97:d9:ae:ec:36:ac:
a7:3c:0c:8c:8f:67:0d:2e:4b:e8:b3:cf:2b:69:39:
fc:3f:98:1a:57:90:b2:96:65:17:7c:2e:29:54:c4:
57:26:2e:12:8a:71:00:53:4d:9c:fd:2f:39:2d:11:
62:04:96:1f:8a:93:a5:7a:03:74:65:3c:c2:dc:5f:
db:0a:bc:ce:69:f3:02:30:2f:31:a6:4c:20:6d:d3:
9b:7b:f8:df:d7:46:6b:c1:17:41:02:a2:93:92:fe:
78:27:38:e3:12:4d:5a:ca:b2:28:cc:d4:0c:76:f0:
e7:76:af:8d:88:67:45:6f:b0:05:25:d1:51:5f:34:
91:77:e1:91:4e:86:89:b3:3e:62:f5:48:d4:8c:4d:
41:aa:f7:c4:74:d1:c0:fe:4c:01:f5:f2:1c:9f:e9:
e5:7c:26:39:da:07:58:9a:05:77:ab:2e:e8:aa:a3:
f8:80:35:46:7f:56:5e:a2:08:d0:42:1c:20:e3:e0:
fc:72:5c:10:47:cd:49:12:16:47:c7:bd:3b:68:12:
13:c0:77:b9:35:59:40:fe:07:9c:de:c1:c6:79:a0:
f7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:20:CD:DE:D2:0C:25:FE:88:52:60:A7:C7:7F:CE:CC:15:8D:0F:E9
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/WCDN3tIMJf6IUmCnx3_OzBWND-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.223.0.0/24
195.136.198.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:ee:7a:f3:e3:9d:08:e4:26:b1:a3:42:f0:5f:58:80:0c:75:
a9:e5:fd:b7:28:99:ee:11:2f:48:81:de:d4:09:41:f6:b1:b2:
3d:96:29:5a:ee:18:d4:be:0c:82:e2:24:40:2b:78:a6:79:56:
b3:89:5f:b8:a3:cc:b2:f0:e5:55:34:0c:05:13:f6:0f:06:94:
88:04:4d:f2:fd:60:5d:54:ed:0c:3a:27:05:ec:68:ec:6b:98:
b2:94:df:cc:3b:5d:d3:12:85:69:e2:bd:79:88:ec:0c:35:ac:
ed:92:e9:cf:2d:7e:23:57:0f:e8:fe:7f:63:8a:67:d8:84:d6:
b8:e2:15:8d:79:e3:6d:ec:3e:ec:93:cd:72:da:60:60:56:aa:
69:e9:90:b4:d1:78:0b:ad:72:7c:eb:23:43:95:6c:fc:e7:30:
84:1d:ba:7d:5e:43:8d:41:a9:95:69:1d:18:ed:6d:31:bd:a2:
69:0a:93:75:2b:e9:e8:ec:55:71:57:9b:94:c0:9d:b7:f0:8a:
26:87:0a:7a:c9:74:23:08:f9:9a:92:a3:89:ef:7a:d6:dd:9e:
e7:32:e7:de:f9:d8:be:80:37:f3:3f:dd:74:ff:84:d8:0f:c8:
3c:15:9f:ea:84:1c:eb:97:59:a8:35:7b:aa:4f:9e:db:d2:16:
17:5a:af:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhshPgZeLtcaE9lzCzQM71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODIwY2RkZWQyMGMyNWZlODg1MjYwYTdjNzdmY2VjYzE1OGQwZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oefDl0l35XYCupnclvKY4FrLCt5
WUUu281suuNkCrghhn8bSNSX2a7sNqynPAyMj2cNLkvos88raTn8P5gaV5CylmUX
fC4pVMRXJi4SinEAU02c/S85LRFiBJYfipOlegN0ZTzC3F/bCrzOafMCMC8xpkwg
bdObe/jf10ZrwRdBAqKTkv54JzjjEk1ayrIozNQMdvDndq+NiGdFb7AFJdFRXzSR
d+GRToaJsz5i9UjUjE1BqvfEdNHA/kwB9fIcn+nlfCY52gdYmgV3qy7oqqP4gDVG
f1ZeogjQQhwg4+D8clwQR81JEhZHx707aBITwHe5NVlA/gec3sHGeaD3owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFggzd7SDCX+iFJgp8d/zswVjQ/pMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvV0NETjN0SU1KZjZJVW1DbngzX096QldORC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwd8AAwQB
w4jGMA0GCSqGSIb3DQEBCwUAA4IBAQBL7nrz450I5Caxo0LwX1iADHWp5f23KJnu
ES9Igd7UCUH2sbI9lila7hjUvgyC4iRAK3imeVaziV+4o8yy8OVVNAwFE/YPBpSI
BE3y/WBdVO0MOicF7Gjsa5iylN/MO13TEoVp4r15iOwMNaztkunPLX4jVw/o/n9j
imfYhNa44hWNeeNt7D7sk81y2mBgVqpp6ZC00XgLrXJ86yNDlWz85zCEHbp9XkON
QamVaR0Y7W0xvaJpCpN1K+no7FVxV5uUwJ238Iomhwp6yXQjCPmakqOJ73rW3Z7n
Mufe+di+gDfzP910/4TYD8g8FZ/qhBzrl1moNXuqT57b0hYXWq9S
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:38 2025 by rpki-client