Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/W7lSiLgEWw1PU3RjMuVHViCtMd4.roa
File: W7lSiLgEWw1PU3RjMuVHViCtMd4.roa (raw, json)
Hash identifier: Z1eudaBmI9GAn6czSjHaqw3jDN0IX6tghnkKM1CKFjU=
Subject key identifier: 5B:B9:52:88:B8:04:5B:0D:4F:53:74:63:32:E5:47:56:20:AD:31:DE
Certificate issuer: /CN=232bbc6f51cce01aeaacba80f2d0d26412e47f93
Certificate serial: 0194266B79AC1C20DD338D8EBC8ACFFBEC82
Authority key identifier: 23:2B:BC:6F:51:CC:E0:1A:EA:AC:BA:80:F2:D0:D2:64:12:E4:7F:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyu8b1HM4BrqrLqA8tDSZBLkf5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/W7lSiLgEWw1PU3RjMuVHViCtMd4.roa
Signing time: Thu 02 Jan 2025 09:49:25 +0000
ROA not before: Thu 02 Jan 2025 09:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60905
IP address blocks: 128.0.48.0/24 maxlen: 24
128.0.49.0/24 maxlen: 24
128.0.50.0/24 maxlen: 24
128.0.51.0/24 maxlen: 24
2a10:7bc0:0:1::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:79:ac:1c:20:dd:33:8d:8e:bc:8a:cf:fb:ec:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232bbc6f51cce01aeaacba80f2d0d26412e47f93
Validity
Not Before: Jan 2 09:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb95288b8045b0d4f53746332e5475620ad31de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:d4:48:82:e0:68:59:21:15:c1:c3:16:7c:
4f:91:b1:ef:41:98:c6:58:3a:f2:b6:4c:a7:8f:44:
c8:aa:b1:24:5e:77:34:03:ce:ae:53:b0:24:84:de:
91:83:3c:ec:ac:df:74:c4:8f:85:20:e0:dd:a2:2a:
5f:8a:c5:dd:66:ca:b4:a9:8f:f9:bc:30:f1:81:11:
c5:30:50:04:8b:db:76:b2:13:62:02:9f:4f:21:40:
e9:f4:32:f4:69:bb:98:9b:27:a2:35:67:02:b0:f7:
24:ce:93:c2:f3:80:6e:a8:dc:7c:7b:c3:50:3b:3a:
1a:2e:06:a5:f7:6d:f0:60:9b:fc:04:b5:a2:3a:ac:
8e:e7:e6:ee:93:91:b2:ca:a6:3f:e1:a0:b1:68:8d:
4d:b9:b8:55:d2:da:8a:60:be:65:f0:51:2d:31:e6:
da:20:fb:c2:e0:04:65:07:35:9f:f3:b6:06:23:b6:
6a:24:7b:ba:e3:a9:3c:65:ce:34:a8:36:d9:cb:93:
4f:03:31:98:fa:e1:59:93:e5:17:3c:50:88:25:4c:
80:d9:8a:60:7c:da:c4:b7:4e:d6:b3:58:02:b7:96:
7b:36:ef:73:87:66:66:29:03:52:4d:6e:8a:18:b0:
83:33:36:13:7e:8e:07:c4:52:0a:8b:0d:0a:f8:4b:
18:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B9:52:88:B8:04:5B:0D:4F:53:74:63:32:E5:47:56:20:AD:31:DE
X509v3 Authority Key Identifier:
keyid:23:2B:BC:6F:51:CC:E0:1A:EA:AC:BA:80:F2:D0:D2:64:12:E4:7F:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyu8b1HM4BrqrLqA8tDSZBLkf5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/W7lSiLgEWw1PU3RjMuVHViCtMd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/Iyu8b1HM4BrqrLqA8tDSZBLkf5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.48.0/22
IPv6:
2a10:7bc0:0:1::/64
Signature Algorithm: sha256WithRSAEncryption
71:07:b2:35:3b:af:d6:47:3c:b8:af:09:23:ac:8b:21:15:5c:
55:50:8c:3e:9e:be:d3:c4:ca:76:5c:13:d6:92:74:97:71:0c:
68:39:32:78:2d:e3:70:cd:ae:d5:98:04:36:60:04:1a:ad:17:
b2:8e:e0:66:90:2d:43:40:fc:26:29:4a:2b:70:5b:01:71:dc:
97:ab:2c:42:54:4d:33:e6:83:01:7f:f7:ec:80:c4:be:cc:a2:
4e:c1:d3:e6:b1:ca:31:bb:e6:4a:a3:a9:49:16:c8:88:69:90:
36:ed:8a:05:0e:1b:15:1c:db:7f:d2:12:f4:88:68:04:63:98:
15:f3:49:86:a8:23:bd:fc:e0:40:17:17:20:f5:70:7b:31:a9:
ae:a0:b5:5e:57:ca:d1:e7:05:30:f5:e4:f5:06:2a:63:0f:c0:
79:75:42:f4:8e:e2:46:05:91:2c:2c:58:15:4c:1b:f8:44:e5:
72:f8:7b:97:13:0e:41:40:32:c3:f5:cf:13:84:db:1d:78:28:
2b:15:a9:c7:1a:65:2c:ae:b7:04:c4:95:77:e1:0c:5c:b7:39:
66:5f:03:f0:ad:9a:50:06:d3:7b:5e:24:a4:f2:eb:1e:ff:b8:
b5:d9:98:55:b4:ff:ea:3e:bc:0e:4c:62:45:bf:de:5a:32:68:
8b:f3:b7:e5
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQma3msHCDdM42OvIrP++yCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmJiYzZmNTFjY2UwMWFlYWFjYmE4MGYyZDBkMjY0MTJl
NDdmOTMwHhcNMjUwMTAyMDk0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI5NTI4OGI4MDQ1YjBkNGY1Mzc0NjMzMmU1NDc1NjIwYWQzMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAXUSILgaFkhFcHDFnxPkbHvQZjG
WDrytkynj0TIqrEkXnc0A86uU7AkhN6RgzzsrN90xI+FIODdoipfisXdZsq0qY/5
vDDxgRHFMFAEi9t2shNiAp9PIUDp9DL0abuYmyeiNWcCsPckzpPC84BuqNx8e8NQ
OzoaLgal923wYJv8BLWiOqyO5+buk5GyyqY/4aCxaI1NubhV0tqKYL5l8FEtMeba
IPvC4ARlBzWf87YGI7ZqJHu646k8Zc40qDbZy5NPAzGY+uFZk+UXPFCIJUyA2Ypg
fNrEt07Ws1gCt5Z7Nu9zh2ZmKQNSTW6KGLCDMzYTfo4HxFIKiw0K+EsY5QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFFu5Uoi4BFsNT1N0YzLlR1YgrTHeMB8GA1UdIwQY
MBaAFCMrvG9RzOAa6qy6gPLQ0mQS5H+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXl1OGIxSE00QnJxckxxQTh0RFNaQkxrZjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny83OTE2ZTUtMjQ2My00ZTBlLWJhNmQt
NTMxNGFjY2IwNjEyLzEvVzdsU2lMZ0VXdzFQVTNSak11VkhWaUN0TWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny83OTE2ZTUtMjQ2My00ZTBlLWJhNmQtNTMxNGFjY2IwNjEy
LzEvSXl1OGIxSE00QnJxckxxQTh0RFNaQkxrZjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQCgAAwMBEE
AgACMAsDCQAqEHvAAAAAATANBgkqhkiG9w0BAQsFAAOCAQEAcQeyNTuv1kc8uK8J
I6yLIRVcVVCMPp6+08TKdlwT1pJ0l3EMaDkyeC3jcM2u1ZgENmAEGq0Xso7gZpAt
Q0D8JilKK3BbAXHcl6ssQlRNM+aDAX/37IDEvsyiTsHT5rHKMbvmSqOpSRbIiGmQ
Nu2KBQ4bFRzbf9IS9IhoBGOYFfNJhqgjvfzgQBcXIPVwezGprqC1XlfK0ecFMPXk
9QYqYw/AeXVC9I7iRgWRLCxYFUwb+ETlcvh7lxMOQUAyw/XPE4TbHXgoKxWpxxpl
LK63BMSVd+EMXLc5Zl8D8K2aUAbTe14kpPLrHv+4tdmYVbT/6j68DkxiRb/eWjJo
i/O35Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:41:40 2025 by rpki-client