Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/WiUNZ4IZ3TOY8xkKiYHV5KhkMho.roa
File: WiUNZ4IZ3TOY8xkKiYHV5KhkMho.roa (raw, json)
Hash identifier: mxiuFi8egW0KA2fL3eLsZTZb+rIZYCK58I9PstrinKs=
Subject key identifier: 5A:25:0D:67:82:19:DD:33:98:F3:19:0A:89:81:D5:E4:A8:64:32:1A
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5ADC28E71EA22F869BA80A064CE79
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/WiUNZ4IZ3TOY8xkKiYHV5KhkMho.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31660
IP address blocks: 81.255.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ad:c2:8e:71:ea:22:f8:69:ba:80:a0:64:ce:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a250d678219dd3398f3190a8981d5e4a864321a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:cd:54:f2:a9:16:f3:97:ee:1b:fb:c6:32:
a2:5a:a3:be:2f:34:4b:04:7b:6b:f3:fd:ab:fb:0b:
0b:48:ee:b6:cc:c3:5d:c7:bf:6d:9c:47:dc:73:1e:
25:28:06:e1:9a:3d:2d:f7:6c:68:e9:1b:23:5c:45:
48:05:15:24:f7:96:98:4f:13:fc:da:7b:0f:88:ef:
97:66:21:17:a8:bc:f3:ee:29:d2:dc:24:43:2a:c4:
36:6f:99:7d:a8:93:36:f2:01:69:fc:3c:b2:ce:77:
40:d5:30:6d:57:e2:b5:e2:7f:9a:ea:a3:9a:ca:78:
66:93:95:2b:e9:93:eb:fe:2a:03:cd:f3:14:36:09:
0f:8b:65:45:3a:82:6e:c6:54:14:46:ff:df:5c:83:
07:89:80:d7:fb:d2:b3:7a:78:24:52:4b:b1:cc:a3:
81:54:91:52:08:fb:9d:3e:dc:88:61:2b:c4:bb:72:
5b:30:4f:33:a7:16:d1:c3:ba:08:7f:cb:70:1f:61:
fa:39:c1:92:36:8c:5a:a1:99:d8:6d:a4:2b:d6:db:
04:da:0e:eb:28:a5:94:b0:dd:03:d2:a1:84:67:e4:
05:44:aa:c1:bc:ac:1d:94:ae:12:b6:10:92:ea:bb:
8d:3a:8b:c7:2d:79:41:b3:8c:5c:33:8f:9a:97:52:
22:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:25:0D:67:82:19:DD:33:98:F3:19:0A:89:81:D5:E4:A8:64:32:1A
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/WiUNZ4IZ3TOY8xkKiYHV5KhkMho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.156.0/24
Signature Algorithm: sha256WithRSAEncryption
63:8b:35:36:be:b2:38:06:e8:06:77:7f:a8:53:9d:c0:6b:93:
09:6f:cb:83:fb:51:16:25:c2:d4:96:fd:48:c2:f8:61:0f:39:
5f:c7:c7:ff:34:a1:81:7d:c6:6b:84:f7:47:41:49:d3:d9:20:
07:07:d5:31:e9:e7:30:09:5d:4b:12:3f:96:9e:b6:a1:e7:ac:
7b:17:a0:05:03:20:76:e6:f7:0b:78:b3:db:41:cf:65:94:78:
94:ec:c1:4f:12:58:9f:98:f2:5c:d9:c7:3d:67:44:70:e6:bc:
c1:8d:d7:97:5f:09:a0:d8:82:3b:49:bc:6d:24:24:05:ab:72:
e7:68:8c:87:95:58:30:39:f1:83:a7:85:3b:b8:bb:c3:bf:df:
7a:4f:4d:eb:47:ca:a0:59:e5:7c:dc:ca:d9:d4:20:c1:f1:ef:
63:2f:bc:4f:4c:76:d4:4b:34:6f:3c:66:90:ee:04:ce:87:57:
c7:14:24:4d:a9:d2:86:ba:53:16:6d:18:6c:45:94:07:fb:a8:
ad:f3:af:14:59:62:9e:b6:90:dc:7a:9c:e7:05:7a:e9:48:e3:
b4:1b:d5:1c:5b:41:f3:89:95:b3:8a:51:e7:7f:3c:c6:5b:04:
0a:e2:ed:26:56:50:8f:af:48:ee:13:9a:66:1f:6c:e3:a9:11:
77:91:cc:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1a3CjnHqIvhpuoCgZM55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTI1MGQ2NzgyMTlkZDMzOThmMzE5MGE4OTgxZDVlNGE4NjQzMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc/NVPKpFvOX7hv7xjKiWqO+LzRL
BHtr8/2r+wsLSO62zMNdx79tnEfccx4lKAbhmj0t92xo6RsjXEVIBRUk95aYTxP8
2nsPiO+XZiEXqLzz7inS3CRDKsQ2b5l9qJM28gFp/DyyzndA1TBtV+K14n+a6qOa
ynhmk5Ur6ZPr/ioDzfMUNgkPi2VFOoJuxlQURv/fXIMHiYDX+9KzengkUkuxzKOB
VJFSCPudPtyIYSvEu3JbME8zpxbRw7oIf8twH2H6OcGSNoxaoZnYbaQr1tsE2g7r
KKWUsN0D0qGEZ+QFRKrBvKwdlK4SthCS6ruNOovHLXlBs4xcM4+al1IiPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFolDWeCGd0zmPMZComB1eSoZDIaMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvV2lVTlo0SVozVE9ZOHhrS2lZSFY1S2hrTWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUf+cMA0G
CSqGSIb3DQEBCwUAA4IBAQBjizU2vrI4BugGd3+oU53Aa5MJb8uD+1EWJcLUlv1I
wvhhDzlfx8f/NKGBfcZrhPdHQUnT2SAHB9Ux6ecwCV1LEj+Wnrah56x7F6AFAyB2
5vcLeLPbQc9llHiU7MFPElifmPJc2cc9Z0Rw5rzBjdeXXwmg2II7SbxtJCQFq3Ln
aIyHlVgwOfGDp4U7uLvDv996T03rR8qgWeV83MrZ1CDB8e9jL7xPTHbUSzRvPGaQ
7gTOh1fHFCRNqdKGulMWbRhsRZQH+6it868UWWKetpDcepznBXrpSOO0G9UcW0Hz
iZWzilHnfzzGWwQK4u0mVlCPr0juE5pmH2zjqRF3kcyj
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:15:29 2025 by rpki-client