Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/WO8CC1bQiYKRTUh2PpE1oH0WSMQ.roa
File: WO8CC1bQiYKRTUh2PpE1oH0WSMQ.roa (raw, json)
Hash identifier: nMViXqwOYG1R0zYLbB3RNt6Y4a4tnW0J8OdzxZQ/asY=
Subject key identifier: 58:EF:02:0B:56:D0:89:82:91:4D:48:76:3E:91:35:A0:7D:16:48:C4
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018DCB70EDCD925E0912EBB62DFA11FE5F37
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/WO8CC1bQiYKRTUh2PpE1oH0WSMQ.roa
Signing time: Wed 21 Feb 2024 11:33:12 +0000
ROA not before: Wed 21 Feb 2024 11:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 88.135.96.0/20 maxlen: 24
94.26.110.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:70:ed:cd:92:5e:09:12:eb:b6:2d:fa:11:fe:5f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Feb 21 11:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58ef020b56d08982914d48763e9135a07d1648c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:12:c0:65:41:23:f3:02:02:bc:58:56:fc:
69:3d:10:c7:d7:85:25:91:a4:7e:02:24:f9:69:d3:
ee:ef:a0:21:e7:58:4b:13:29:82:ad:bf:32:aa:6f:
06:b2:67:94:22:d6:30:1c:71:0b:dc:65:f2:ac:55:
62:c9:e6:7a:d3:57:86:68:c3:7c:19:d7:e1:c1:27:
66:d9:21:08:4c:92:2d:16:d0:df:60:bf:1c:c9:7b:
31:76:ba:52:47:61:ea:45:e9:97:2d:34:40:05:77:
34:e6:c4:dd:8c:24:4e:d9:60:d7:4f:41:05:c4:1a:
f4:17:33:cd:81:3b:8f:08:7e:dd:34:14:51:f3:e8:
18:b0:b7:ec:c3:4a:ec:37:8e:ed:67:ef:72:ce:01:
99:b4:3f:4a:73:bd:85:ed:9e:d9:4f:59:80:fb:65:
98:aa:b5:50:60:0a:d8:62:87:88:95:96:ff:4a:4d:
53:cb:6d:3c:5e:fb:dc:ef:77:06:71:c0:0c:91:4d:
27:74:e9:fe:c9:82:a3:3c:80:d3:90:b4:95:79:49:
28:f1:d4:66:1f:10:76:78:0b:68:ab:7e:12:3d:97:
40:b1:a4:3f:9b:4f:6c:4d:24:96:d6:ad:73:46:48:
6c:57:bc:85:3d:46:e5:a1:d1:7d:54:7a:c0:0f:ef:
84:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EF:02:0B:56:D0:89:82:91:4D:48:76:3E:91:35:A0:7D:16:48:C4
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/WO8CC1bQiYKRTUh2PpE1oH0WSMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.96.0/20
94.26.110.0/23
Signature Algorithm: sha256WithRSAEncryption
d4:ff:b6:9b:d9:5a:68:db:58:85:09:a3:ca:a9:a8:64:6c:3c:
28:5c:c2:dc:4b:7f:49:56:ee:f2:91:4a:c5:2d:81:97:87:66:
64:b9:1e:be:f1:65:36:ed:27:39:68:5a:b9:53:6e:bd:da:2c:
dc:77:41:9f:65:43:98:e5:e3:8d:06:dc:66:a8:e0:47:55:61:
e5:cc:44:f3:a0:ce:d2:69:38:9b:96:cb:ce:00:8c:a7:eb:29:
67:d5:60:d5:c2:4a:82:c9:3e:70:37:26:57:3b:c2:0f:e5:11:
ca:d5:9f:7a:89:1d:19:13:9b:d7:d8:31:16:e0:4d:5e:1c:f4:
11:0e:01:60:3f:99:3f:58:d6:38:b4:68:99:44:e3:b9:9c:45:
02:30:72:29:24:27:69:6b:07:4d:e2:de:86:38:ed:89:8c:b0:
da:72:97:49:04:2e:1b:98:5e:42:78:1c:c2:19:03:44:4f:3e:
b0:0a:81:7e:de:16:81:a6:12:29:6a:0c:60:90:90:02:bc:30:
58:e0:a4:c2:c5:03:9e:b7:5c:61:9d:d0:d9:e9:d9:fd:89:52:
ac:7c:2d:b1:89:7d:58:f4:22:e1:47:c8:3d:a0:65:23:43:6a:
0a:aa:03:46:fa:6a:68:f4:0e:17:b8:80:01:cd:7e:3f:bd:db:
fb:9f:83:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3LcO3Nkl4JEuu2LfoR/l83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMjIxMTEzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGVmMDIwYjU2ZDA4OTgyOTE0ZDQ4NzYzZTkxMzVhMDdkMTY0OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbsSwGVBI/MCArxYVvxpPRDH14Ul
kaR+AiT5adPu76Ah51hLEymCrb8yqm8GsmeUItYwHHEL3GXyrFViyeZ601eGaMN8
GdfhwSdm2SEITJItFtDfYL8cyXsxdrpSR2HqRemXLTRABXc05sTdjCRO2WDXT0EF
xBr0FzPNgTuPCH7dNBRR8+gYsLfsw0rsN47tZ+9yzgGZtD9Kc72F7Z7ZT1mA+2WY
qrVQYArYYoeIlZb/Sk1Ty208Xvvc73cGccAMkU0ndOn+yYKjPIDTkLSVeUko8dRm
HxB2eAtoq34SPZdAsaQ/m09sTSSW1q1zRkhsV7yFPUblodF9VHrAD++EDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFjvAgtW0ImCkU1Idj6RNaB9FkjEMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvV084Q0MxYlFpWUtSVFVoMlBwRTFvSDBXU01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWIdgAwQB
XhpuMA0GCSqGSIb3DQEBCwUAA4IBAQDU/7ab2Vpo21iFCaPKqahkbDwoXMLcS39J
Vu7ykUrFLYGXh2ZkuR6+8WU27Sc5aFq5U2692izcd0GfZUOY5eONBtxmqOBHVWHl
zETzoM7SaTiblsvOAIyn6yln1WDVwkqCyT5wNyZXO8IP5RHK1Z96iR0ZE5vX2DEW
4E1eHPQRDgFgP5k/WNY4tGiZROO5nEUCMHIpJCdpawdN4t6GOO2JjLDacpdJBC4b
mF5CeBzCGQNETz6wCoF+3haBphIpagxgkJACvDBY4KTCxQOet1xhndDZ6dn9iVKs
fC2xiX1Y9CLhR8g9oGUjQ2oKqgNG+mpo9A4XuIABzX4/vdv7n4NV
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:00:42 2025 by rpki-client