Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/WJqr5IDxGohXoD9hquYVtJrIdpk.roa
File: WJqr5IDxGohXoD9hquYVtJrIdpk.roa (raw, json)
Hash identifier: ff8GeS/NLdvnlVGjRvMmD130z02vf6IAOtUdhVHa9vU=
Subject key identifier: 58:9A:AB:E4:80:F1:1A:88:57:A0:3F:61:AA:E6:15:B4:9A:C8:76:99
Certificate issuer: /CN=d4cad8d06df6f42bc8a27bdbaabf6c736cc324e6
Certificate serial: 01856FB121DAE6A34730265246D0DFCD321A
Authority key identifier: D4:CA:D8:D0:6D:F6:F4:2B:C8:A2:7B:DB:AA:BF:6C:73:6C:C3:24:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MrY0G329CvIonvbqr9sc2zDJOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/WJqr5IDxGohXoD9hquYVtJrIdpk.roa
Signing time: Sun 01 Jan 2023 23:35:57 +0000
ROA not before: Sun 01 Jan 2023 23:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 193.38.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:21:da:e6:a3:47:30:26:52:46:d0:df:cd:32:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cad8d06df6f42bc8a27bdbaabf6c736cc324e6
Validity
Not Before: Jan 1 23:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=589aabe480f11a8857a03f61aae615b49ac87699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4b:f9:6b:cc:99:70:b2:be:84:58:37:43:bf:
2f:70:7d:c7:39:23:4a:a8:05:4f:47:a8:e2:0c:44:
23:ab:3b:6f:ec:33:4c:b9:cb:e2:e2:11:dd:6b:d0:
92:6d:8d:d6:3f:8e:fc:3b:17:98:6c:26:fb:dd:92:
66:09:9b:e2:c3:e8:06:01:22:0d:26:28:d3:d9:8f:
81:9b:1a:1d:55:98:01:ee:c3:f8:3d:63:7e:39:72:
a5:80:0d:c3:a4:2c:d9:d8:9d:56:c0:4e:6a:dc:e1:
da:4e:90:d2:d4:af:2e:29:56:7a:d9:4e:dc:d6:96:
a2:c2:88:87:4c:17:dd:81:85:15:58:17:13:ad:ae:
cd:d0:9b:40:3c:11:ab:61:6f:c9:4e:63:f2:24:ed:
50:3c:f2:ab:53:90:67:cc:3d:73:88:06:4f:e3:81:
aa:b1:12:d2:57:b6:7a:50:e0:a3:3b:b8:28:c1:4b:
21:25:c9:b9:52:d4:8e:c5:6a:36:cf:8d:8c:43:7d:
f3:6e:16:41:82:19:2d:aa:50:c7:0e:64:5e:69:64:
0f:7f:98:f9:40:2d:6e:26:02:c1:b4:28:d0:20:50:
79:06:5a:19:c8:f4:e6:8d:f1:20:72:20:0f:a3:2f:
07:65:2d:54:6d:1b:f6:35:1b:78:82:85:85:b7:08:
e0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9A:AB:E4:80:F1:1A:88:57:A0:3F:61:AA:E6:15:B4:9A:C8:76:99
X509v3 Authority Key Identifier:
keyid:D4:CA:D8:D0:6D:F6:F4:2B:C8:A2:7B:DB:AA:BF:6C:73:6C:C3:24:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MrY0G329CvIonvbqr9sc2zDJOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/WJqr5IDxGohXoD9hquYVtJrIdpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/1MrY0G329CvIonvbqr9sc2zDJOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.155.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:43:03:db:26:44:5c:cb:e7:e5:bc:df:9f:6c:7f:ac:e4:86:
91:84:c1:e8:68:0f:ed:07:8f:a4:07:f4:77:da:1c:f6:d8:60:
f2:01:88:a1:28:26:61:46:d3:0b:17:2f:de:e2:9e:ff:a6:29:
3d:a2:d2:73:60:39:2d:8b:21:75:27:f2:09:84:33:01:43:63:
8c:af:d1:63:4f:d6:9a:04:33:26:c6:63:c1:e8:b1:5d:c7:37:
d2:4b:b3:9f:b8:36:01:d5:87:f6:8c:64:ff:63:32:49:55:58:
d8:ee:3b:e2:47:e0:c5:f6:57:a9:ec:96:12:60:b1:3a:25:08:
dc:07:02:d7:37:47:b5:1b:18:91:11:0c:ea:66:87:d4:d0:a7:
cf:c3:03:7c:69:75:ed:83:61:d1:52:ae:2e:38:69:c3:4c:10:
45:a7:5c:9c:3d:1c:68:fa:16:9b:bd:b2:31:3c:f2:b7:d0:7e:
ff:7c:24:28:f1:8b:3b:78:6c:30:39:c3:22:78:8a:f1:02:e0:
63:d5:09:22:52:6c:56:16:b1:d1:ab:80:cc:93:4e:b7:75:96:
64:2a:2f:0b:91:aa:d7:fc:60:10:df:c4:24:c6:a5:9a:0b:2c:
31:57:e0:01:a7:8d:44:12:67:3e:e1:3a:89:d2:a4:3f:07:6f:
13:33:c1:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvsSHa5qNHMCZSRtDfzTIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2FkOGQwNmRmNmY0MmJjOGEyN2JkYmFhYmY2YzczNmNj
MzI0ZTYwHhcNMjMwMTAxMjMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODlhYWJlNDgwZjExYTg4NTdhMDNmNjFhYWU2MTViNDlhYzg3Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEv5a8yZcLK+hFg3Q78vcH3HOSNK
qAVPR6jiDEQjqztv7DNMucvi4hHda9CSbY3WP478OxeYbCb73ZJmCZviw+gGASIN
JijT2Y+BmxodVZgB7sP4PWN+OXKlgA3DpCzZ2J1WwE5q3OHaTpDS1K8uKVZ62U7c
1paiwoiHTBfdgYUVWBcTra7N0JtAPBGrYW/JTmPyJO1QPPKrU5BnzD1ziAZP44Gq
sRLSV7Z6UOCjO7gowUshJcm5UtSOxWo2z42MQ33zbhZBghktqlDHDmReaWQPf5j5
QC1uJgLBtCjQIFB5BloZyPTmjfEgciAPoy8HZS1UbRv2NRt4goWFtwjgQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFiaq+SA8RqIV6A/YarmFbSayHaZMB8GA1UdIwQY
MBaAFNTK2NBt9vQryKJ726q/bHNswyTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1yWTBHMzI5Q3ZJb252YnFyOXNjMnpESk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mZmJiZDctYmEyNi00NzNlLTg4YjEt
YThkNjY4MzAxOGRjLzEvV0pxcjVJRHhHb2hYb0Q5aHF1WVZ0SnJJZHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mZmJiZDctYmEyNi00NzNlLTg4YjEtYThkNjY4MzAxOGRj
LzEvMU1yWTBHMzI5Q3ZJb252YnFyOXNjMnpESk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSabMA0G
CSqGSIb3DQEBCwUAA4IBAQAqQwPbJkRcy+flvN+fbH+s5IaRhMHoaA/tB4+kB/R3
2hz22GDyAYihKCZhRtMLFy/e4p7/pik9otJzYDktiyF1J/IJhDMBQ2OMr9FjT9aa
BDMmxmPB6LFdxzfSS7OfuDYB1Yf2jGT/YzJJVVjY7jviR+DF9lep7JYSYLE6JQjc
BwLXN0e1GxiREQzqZofU0KfPwwN8aXXtg2HRUq4uOGnDTBBFp1ycPRxo+habvbIx
PPK30H7/fCQo8Ys7eGwwOcMieIrxAuBj1QkiUmxWFrHRq4DMk063dZZkKi8LkarX
/GAQ38QkxqWaCywxV+ABp41EEmc+4TqJ0qQ/B28TM8FR
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:38:12 2025 by rpki-client