Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WcNfc2ebH1nabssdIAaljgMAMvI.roa
File: WcNfc2ebH1nabssdIAaljgMAMvI.roa (raw, json)
Hash identifier: gIeR1+oo2boP6Zw5hratvRw93AbF/Ul3dA94pgz+zkM=
Subject key identifier: 59:C3:5F:73:67:9B:1F:59:DA:6E:CB:1D:20:06:A5:8E:03:00:32:F2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240C62BBEDBBAAF5E0461559814D0D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WcNfc2ebH1nabssdIAaljgMAMvI.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0c:62:bb:ed:bb:aa:f5:e0:46:15:59:81:4d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59c35f73679b1f59da6ecb1d2006a58e030032f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:4a:be:83:b3:5f:09:05:a2:c7:77:81:5b:
f4:41:b4:9a:73:d3:24:1f:e1:5b:e0:24:f8:a1:dd:
c0:57:c2:15:96:59:ce:ec:96:c5:53:0d:40:60:75:
36:7c:56:71:eb:75:a7:a8:99:5f:65:24:da:a9:4e:
b1:78:d3:67:65:be:1f:58:45:1b:c5:10:cf:a2:40:
84:df:bb:77:a3:5e:1e:dd:2c:a2:7b:c0:9f:f7:09:
17:63:70:de:b7:57:85:35:0f:84:31:0c:95:8c:b2:
cc:4c:44:cf:4c:4d:11:37:87:ac:43:fe:d2:ae:a6:
2c:5d:33:ab:b5:4e:ac:f1:fb:91:a6:8f:0e:2f:02:
41:77:12:2f:11:77:49:cc:6e:1c:68:de:d7:2d:c4:
5d:8e:61:38:48:7b:51:8f:be:c9:14:45:db:3d:09:
d4:d2:a3:f8:33:ec:d6:bf:ab:b3:86:a5:20:94:26:
56:40:76:5b:6c:9d:f3:a6:e4:1d:31:ad:63:79:08:
a7:7d:63:55:f5:25:71:e4:83:f5:4a:52:89:60:f7:
c7:8a:0b:90:df:8f:b0:2e:c0:3b:c4:e3:14:20:85:
e6:1d:5b:e5:45:19:f3:67:44:1f:2e:1f:08:76:f7:
79:f8:8c:10:42:d5:f3:c5:7c:04:b0:d4:9f:7d:1b:
f8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C3:5F:73:67:9B:1F:59:DA:6E:CB:1D:20:06:A5:8E:03:00:32:F2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/WcNfc2ebH1nabssdIAaljgMAMvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
17:d6:fd:b7:a9:16:eb:84:18:a0:02:a6:42:2a:68:e0:82:99:
bc:c9:dc:41:d6:77:89:13:bf:58:04:59:20:59:63:8a:97:26:
34:ea:56:ac:35:f3:9c:ac:6f:60:73:65:95:37:d7:15:1c:dc:
e3:1d:89:e4:0c:bd:ec:33:83:4d:b2:26:7f:a1:ec:0a:89:94:
94:c0:4d:9b:27:75:3f:ba:13:7d:d8:3d:33:47:ac:ea:30:72:
e6:19:2d:13:1c:85:eb:3f:9f:2a:9c:e6:56:7e:42:a7:2c:d8:
23:a6:b7:81:eb:5f:7e:78:08:f9:e4:05:33:3a:58:7a:26:37:
7d:26:e8:24:9f:e3:20:1f:ad:b4:76:3a:4c:5b:0d:17:2b:6c:
7f:4b:42:a3:2e:6e:6b:4a:a1:c3:2a:34:5a:ed:a6:14:b6:f1:
25:3d:9c:f4:2d:78:b4:22:b0:73:11:47:eb:20:ee:18:53:e8:
64:b8:63:e2:9f:35:62:87:09:67:60:a8:4d:98:b7:48:bb:75:
ee:5b:a3:52:c2:92:c1:dc:ff:52:48:e2:ad:ce:2b:f1:d8:e8:
e6:63:c8:dd:90:c7:72:a9:53:3d:da:77:b8:82:e9:45:39:dc:
34:6c:6b:a7:2f:41:35:31:79:85:9c:b3:6a:b8:ea:79:12:5c:
18:e2:3a:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJAxiu+27qvXgRhVZgU0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWMzNWY3MzY3OWIxZjU5ZGE2ZWNiMWQyMDA2YTU4ZTAzMDAzMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRJKvoOzXwkFosd3gVv0QbSac9Mk
H+Fb4CT4od3AV8IVllnO7JbFUw1AYHU2fFZx63WnqJlfZSTaqU6xeNNnZb4fWEUb
xRDPokCE37t3o14e3Syie8Cf9wkXY3Det1eFNQ+EMQyVjLLMTETPTE0RN4esQ/7S
rqYsXTOrtU6s8fuRpo8OLwJBdxIvEXdJzG4caN7XLcRdjmE4SHtRj77JFEXbPQnU
0qP4M+zWv6uzhqUglCZWQHZbbJ3zpuQdMa1jeQinfWNV9SVx5IP1SlKJYPfHiguQ
34+wLsA7xOMUIIXmHVvlRRnzZ0QfLh8Idvd5+IwQQtXzxXwEsNSffRv44wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFnDX3Nnmx9Z2m7LHSAGpY4DADLyMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvV2NOZmMyZWJIMW5hYnNzZElBYWxqZ01BTXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUqOoAwQC
UqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQAX1v23qRbrhBigAqZC
Kmjggpm8ydxB1neJE79YBFkgWWOKlyY06lasNfOcrG9gc2WVN9cVHNzjHYnkDL3s
M4NNsiZ/oewKiZSUwE2bJ3U/uhN92D0zR6zqMHLmGS0THIXrP58qnOZWfkKnLNgj
preB619+eAj55AUzOlh6Jjd9Jugkn+MgH620djpMWw0XK2x/S0KjLm5rSqHDKjRa
7aYUtvElPZz0LXi0IrBzEUfrIO4YU+hkuGPinzVihwlnYKhNmLdIu3XuW6NSwpLB
3P9SSOKtzivx2OjmY8jdkMdyqVM92ne4gulFOdw0bGunL0E1MXmFnLNquOp5ElwY
4jrS
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:37:27 2025 by rpki-client