Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/ws65NnH7cc5LX3ZtkutF5lwgOTo.roa
File: ws65NnH7cc5LX3ZtkutF5lwgOTo.roa (raw, json)
Hash identifier: 3tggzgIge6V0BsIfvy+BLekh4WUZ+47Y39glMLBsTTE=
Subject key identifier: C2:CE:B9:36:71:FB:71:CE:4B:5F:76:6D:92:EB:45:E6:5C:20:39:3A
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 019427B638789B58CF08DD65632B4DD41A66
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/ws65NnH7cc5LX3ZtkutF5lwgOTo.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 185.23.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:38:78:9b:58:cf:08:dd:65:63:2b:4d:d4:1a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2ceb93671fb71ce4b5f766d92eb45e65c20393a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:02:16:ce:f9:34:9b:cb:78:e1:15:75:da:e3:
f7:45:81:ed:95:44:9e:53:56:60:d3:8c:26:03:9f:
41:80:66:a3:b0:7e:05:1a:05:f5:96:2f:c4:a1:1b:
59:0b:3e:49:48:86:a6:bb:0d:b5:45:b9:34:e3:c0:
f8:67:a8:06:2a:cb:92:6a:56:26:7e:e6:ff:c7:56:
49:f3:8d:02:68:91:9e:93:03:cd:e5:08:48:d6:d6:
e2:fe:82:ce:41:bb:48:57:8d:8d:40:55:63:dd:87:
a6:9d:f2:7e:f6:19:08:ee:cb:53:06:c9:03:af:f5:
cc:09:27:ba:bc:cd:1e:1e:58:79:95:9e:53:a6:56:
a5:0b:1f:2e:c9:69:da:fa:98:e0:09:9a:ce:73:ef:
2a:c0:0a:fc:05:fe:86:d3:f2:54:40:86:28:3a:52:
64:9b:3e:4e:4e:d1:df:0f:b6:9f:0f:fe:6c:39:dc:
76:9d:8d:70:fa:20:a1:21:5e:6e:35:87:37:64:99:
ef:e3:39:57:1f:fe:fe:28:f0:49:05:e6:e3:45:a2:
52:4d:28:96:55:b1:8f:97:00:4e:b2:01:b6:b3:1c:
51:e5:b7:d3:f0:e2:72:41:80:4c:17:c4:95:c5:c2:
a7:7e:bf:27:53:71:8e:86:35:5e:bf:09:37:2b:3a:
15:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:CE:B9:36:71:FB:71:CE:4B:5F:76:6D:92:EB:45:E6:5C:20:39:3A
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/ws65NnH7cc5LX3ZtkutF5lwgOTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.238.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a6:00:30:b0:01:81:5c:c7:f6:43:15:ce:e1:42:e1:77:c8:
c9:f0:06:ad:4d:4f:33:70:95:d2:15:c7:26:71:d7:d4:5a:a4:
45:8a:8d:f2:40:c1:b8:04:df:39:f3:d8:a2:f4:ed:91:73:19:
43:5a:50:63:f5:b7:10:af:89:b1:95:08:b2:f0:ef:88:a5:50:
00:de:28:05:e8:f2:e0:0f:55:08:30:69:6f:ce:de:0a:44:3e:
ed:27:2f:8d:34:02:05:ef:a5:a8:3f:5e:ca:04:f7:23:7d:75:
57:65:2b:58:93:7d:ee:f2:20:05:4e:cf:93:2e:a8:29:4c:5d:
68:26:9d:46:ff:ed:a0:7c:5f:da:e9:7c:8f:c9:88:01:34:25:
06:b1:3b:95:2c:72:00:d0:5e:ca:0d:5d:c2:46:37:da:fc:16:
c4:f8:ef:a6:e2:d0:07:87:a4:17:e6:f0:fa:22:04:19:14:ae:
98:03:64:f9:c3:02:f6:d8:af:1a:02:23:95:6b:79:43:a2:f8:
57:f0:d5:5d:1b:b1:74:e8:99:4a:57:b6:a6:d3:d1:2d:d6:1d:
3c:9f:a2:90:3d:f9:ae:74:bf:5a:bd:3e:d2:b0:47:ad:4f:44:
0f:c8:b8:9e:44:3e:81:66:02:96:cb:42:ef:7d:fb:ec:ce:f9:
31:eb:7a:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntjh4m1jPCN1lYytN1BpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmNlYjkzNjcxZmI3MWNlNGI1Zjc2NmQ5MmViNDVlNjVjMjAzOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QIWzvk0m8t44RV12uP3RYHtlUSe
U1Zg04wmA59BgGajsH4FGgX1li/EoRtZCz5JSIamuw21Rbk048D4Z6gGKsuSalYm
fub/x1ZJ840CaJGekwPN5QhI1tbi/oLOQbtIV42NQFVj3YemnfJ+9hkI7stTBskD
r/XMCSe6vM0eHlh5lZ5TplalCx8uyWna+pjgCZrOc+8qwAr8Bf6G0/JUQIYoOlJk
mz5OTtHfD7afD/5sOdx2nY1w+iChIV5uNYc3ZJnv4zlXH/7+KPBJBebjRaJSTSiW
VbGPlwBOsgG2sxxR5bfT8OJyQYBMF8SVxcKnfr8nU3GOhjVevwk3KzoVgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMLOuTZx+3HOS192bZLrReZcIDk6MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvd3M2NU5uSDdjYzVMWDNadGt1dEY1bHdnT1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRfuMA0G
CSqGSIb3DQEBCwUAA4IBAQCMpgAwsAGBXMf2QxXO4ULhd8jJ8AatTU8zcJXSFccm
cdfUWqRFio3yQMG4BN8589ii9O2RcxlDWlBj9bcQr4mxlQiy8O+IpVAA3igF6PLg
D1UIMGlvzt4KRD7tJy+NNAIF76WoP17KBPcjfXVXZStYk33u8iAFTs+TLqgpTF1o
Jp1G/+2gfF/a6XyPyYgBNCUGsTuVLHIA0F7KDV3CRjfa/BbE+O+m4tAHh6QX5vD6
IgQZFK6YA2T5wwL22K8aAiOVa3lDovhX8NVdG7F06JlKV7am09Et1h08n6KQPfmu
dL9avT7SsEetT0QPyLieRD6BZgKWy0Lvffvszvkx63oi
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:49:54 2025 by rpki-client