Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Pwt24Okcqzx8EIW57W5HjTh0ufI.roa
File: Pwt24Okcqzx8EIW57W5HjTh0ufI.roa (raw, json)
Hash identifier: dNgEOU6/iO+26BgQiPF5HMviQXjXGKCIpnVuTxXK7kQ=
Subject key identifier: 3F:0B:76:E0:E9:1C:AB:3C:7C:10:85:B9:ED:6E:47:8D:38:74:B9:F2
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA286D3C3DBF22EED56721B2CEF74
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Pwt24Okcqzx8EIW57W5HjTh0ufI.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198919
IP address blocks: 188.72.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a2:86:d3:c3:db:f2:2e:ed:56:72:1b:2c:ef:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f0b76e0e91cab3c7c1085b9ed6e478d3874b9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:f5:2a:61:5b:f5:f3:fd:b5:ed:88:e8:9e:
fa:55:ce:4e:c3:32:2a:ba:de:c3:59:e1:1c:cb:91:
e2:4a:71:34:11:27:f8:67:8d:6d:ee:0b:b0:22:65:
d7:92:00:1a:86:2b:09:ec:a3:b5:57:7a:71:6d:7a:
5a:18:fb:08:80:a6:d7:e8:d0:6a:c6:3e:46:0e:60:
0d:9a:8f:a4:72:ce:3c:f7:4a:bf:8c:8a:88:30:b9:
d0:fa:83:ca:da:3a:44:0a:0b:b9:41:74:c0:5d:5b:
11:fd:0a:cb:68:e4:0c:2a:7a:1b:39:40:b6:e6:5c:
28:9c:8f:50:70:d7:32:95:e3:35:a4:80:a6:b9:84:
e5:38:b2:41:2e:80:a7:90:50:bf:ca:6a:67:38:d0:
5d:bb:79:cf:14:ca:97:aa:cb:03:4b:71:df:fa:fc:
2a:af:52:1d:fc:7b:9d:ac:97:e4:7e:84:c4:8b:72:
eb:52:13:94:cc:1c:8a:3f:2a:87:da:c8:e1:28:5a:
45:b8:f3:6b:ff:b4:f3:ba:32:ac:cc:5d:48:70:46:
71:56:8b:47:1c:6d:60:0b:62:59:15:aa:af:0e:04:
b6:b0:a5:c7:c3:ec:72:cb:be:6d:5c:0a:59:a2:ee:
9d:79:44:c1:ce:fb:87:8d:ed:60:ea:bb:dd:e6:b6:
59:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0B:76:E0:E9:1C:AB:3C:7C:10:85:B9:ED:6E:47:8D:38:74:B9:F2
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Pwt24Okcqzx8EIW57W5HjTh0ufI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.94.0/24
Signature Algorithm: sha256WithRSAEncryption
74:66:07:cd:54:0a:21:ea:1d:d1:b0:46:c9:d0:5f:32:eb:7e:
8c:e5:a2:10:b9:73:52:bc:7c:c9:3c:07:1e:ce:af:ce:52:73:
f8:18:fa:90:a4:8a:b3:3b:2c:fb:42:ff:8b:50:f9:88:8e:34:
c0:93:6d:d8:a2:62:37:36:6c:64:36:e6:ae:ba:09:ec:a0:07:
eb:a9:26:69:e2:1b:b5:5a:13:f7:da:f1:9b:99:be:cd:67:d7:
76:46:fa:26:1f:e8:80:6c:01:b1:f9:4c:13:81:78:12:4b:38:
1c:50:b8:2a:17:46:72:9a:e0:90:f1:69:1f:31:e1:de:cb:e6:
f8:5b:bc:89:b9:45:27:1b:ca:24:04:23:0a:bb:89:ea:df:e4:
94:5b:50:89:ee:45:c7:3d:18:75:94:82:c3:3c:12:8a:11:73:
c5:e3:b2:07:2b:dc:37:8c:4e:f3:7f:8b:96:97:88:8c:be:ba:
1e:2f:79:81:5a:21:22:7a:cd:78:46:10:6e:19:86:0c:b8:f6:
0d:86:45:d4:72:23:9f:50:1b:58:e0:4a:ed:1a:01:71:56:bc:
87:fd:fe:67:ab:cd:03:c3:6b:8c:e1:28:bd:1a:f1:a0:ce:f6:
77:a2:59:bf:b2:c8:f1:72:2b:59:22:d5:8c:2d:0e:88:37:ee:
c1:c4:46:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qKG08Pb8i7tVnIbLO90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBiNzZlMGU5MWNhYjNjN2MxMDg1YjllZDZlNDc4ZDM4NzRiOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfr1KmFb9fP9te2I6J76Vc5OwzIq
ut7DWeEcy5HiSnE0ESf4Z41t7guwImXXkgAahisJ7KO1V3pxbXpaGPsIgKbX6NBq
xj5GDmANmo+kcs4890q/jIqIMLnQ+oPK2jpECgu5QXTAXVsR/QrLaOQMKnobOUC2
5lwonI9QcNcyleM1pICmuYTlOLJBLoCnkFC/ympnONBdu3nPFMqXqssDS3Hf+vwq
r1Id/HudrJfkfoTEi3LrUhOUzByKPyqH2sjhKFpFuPNr/7TzujKszF1IcEZxVotH
HG1gC2JZFaqvDgS2sKXHw+xyy75tXApZou6deUTBzvuHje1g6rvd5rZZGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8LduDpHKs8fBCFue1uR404dLnyMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvUHd0MjRPa2Nxeng4RUlXNTdXNUhqVGgwdWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEheMA0G
CSqGSIb3DQEBCwUAA4IBAQB0ZgfNVAoh6h3RsEbJ0F8y636M5aIQuXNSvHzJPAce
zq/OUnP4GPqQpIqzOyz7Qv+LUPmIjjTAk23YomI3NmxkNuauugnsoAfrqSZp4hu1
WhP32vGbmb7NZ9d2RvomH+iAbAGx+UwTgXgSSzgcULgqF0ZymuCQ8WkfMeHey+b4
W7yJuUUnG8okBCMKu4nq3+SUW1CJ7kXHPRh1lILDPBKKEXPF47IHK9w3jE7zf4uW
l4iMvroeL3mBWiEies14RhBuGYYMuPYNhkXUciOfUBtY4ErtGgFxVryH/f5nq80D
w2uM4Si9GvGgzvZ3olm/ssjxcitZItWMLQ6IN+7BxEYH
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:52:26 2025 by rpki-client