Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/_WS_KUWo5VlHoso4BGtRKVhHyHo.roa
File: _WS_KUWo5VlHoso4BGtRKVhHyHo.roa (raw, json)
Hash identifier: EHMdLaq+K6Q6inb3xq+fso0i3zQ47TR+r4l4lfO+5pU=
Subject key identifier: FD:64:BF:29:45:A8:E5:59:47:A2:CA:38:04:6B:51:29:58:47:C8:7A
Certificate issuer: /CN=ded353e2f5d318c348772a8ff105aa70719e4135
Certificate serial: 019421B219A3EA495EE0F1892245897BD051
Authority key identifier: DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/_WS_KUWo5VlHoso4BGtRKVhHyHo.roa
Signing time: Wed 01 Jan 2025 11:48:27 +0000
ROA not before: Wed 01 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25267
IP address blocks: 79.170.64.0/24 maxlen: 24
79.170.66.0/24 maxlen: 24
79.170.68.0/24 maxlen: 24
79.170.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:19:a3:ea:49:5e:e0:f1:89:22:45:89:7b:d0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded353e2f5d318c348772a8ff105aa70719e4135
Validity
Not Before: Jan 1 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd64bf2945a8e55947a2ca38046b51295847c87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2c:44:9a:fe:4d:23:86:68:1d:8a:38:fb:25:
bf:1e:92:b0:55:33:9a:6d:cf:9a:6c:f3:f8:be:32:
76:d5:2c:6c:84:c2:1f:05:d4:5f:59:0d:53:20:fb:
47:5b:21:81:36:2e:c7:e2:77:9d:35:27:24:1a:2a:
de:2d:87:40:3a:28:81:20:e2:8a:f5:8f:65:fd:66:
2e:ca:07:d3:44:7e:2f:63:35:c0:ed:21:37:36:51:
0a:d8:75:a5:04:ed:82:27:9e:98:4d:ca:41:72:d9:
5f:f4:8b:56:a1:77:24:5a:36:96:b6:0d:c5:e3:6e:
9c:2e:ff:dd:11:c4:f7:26:13:2e:89:3e:fd:e0:57:
bf:e9:84:17:60:b6:f3:ac:c8:a3:de:bf:60:92:da:
c3:42:24:8e:b8:8e:6a:c8:cb:e7:4c:39:20:f0:83:
58:f0:fe:9d:a6:85:92:46:6d:ee:85:3a:e8:8c:79:
39:aa:d2:da:4c:31:3f:79:68:69:d6:f2:8a:ca:4b:
cf:02:2e:a5:27:38:f6:d1:50:a9:53:2c:a6:e5:4c:
c6:70:54:65:64:78:d7:f1:06:b6:93:a0:00:bc:83:
eb:0d:88:75:fc:bd:ca:52:8f:00:7d:66:70:f9:e0:
20:6c:2c:08:24:66:f3:a3:e6:f4:f2:61:09:18:ea:
ac:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:64:BF:29:45:A8:E5:59:47:A2:CA:38:04:6B:51:29:58:47:C8:7A
X509v3 Authority Key Identifier:
keyid:DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/_WS_KUWo5VlHoso4BGtRKVhHyHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/3tNT4vXTGMNIdyqP8QWqcHGeQTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.64.0/24
79.170.66.0/24
79.170.68.0/23
Signature Algorithm: sha256WithRSAEncryption
39:82:07:dc:94:7c:b0:ff:79:f8:cb:bd:79:a6:08:6e:a2:47:
f1:02:d0:ba:08:8f:9b:f6:38:43:27:9c:d3:40:f3:d7:41:3b:
04:b2:0b:c2:ff:59:92:a2:ef:90:8d:92:b0:ce:3c:7b:f9:3e:
6a:8c:f9:a2:f9:50:a7:a1:41:08:7e:d0:41:1d:f5:e6:2c:f7:
c6:93:44:34:11:6c:a7:25:53:72:72:35:f2:59:3d:05:67:2b:
12:e7:35:8f:24:d5:7a:f7:e1:37:da:9b:87:a0:9c:4f:7d:7d:
47:7f:1b:68:28:2c:64:23:86:28:13:89:f1:36:f4:0c:45:78:
3d:a3:f8:cc:90:1b:be:70:8b:a5:cd:99:d5:cf:e9:ec:a8:ca:
f3:06:46:e2:d9:0d:ec:d1:74:5f:e7:d2:c5:5e:3f:96:94:03:
94:fd:df:aa:9a:9c:79:44:fc:4d:59:1d:57:19:cd:fe:c1:71:
74:78:43:d0:45:0b:9f:d3:4d:66:ae:7c:4d:3e:d0:9d:4a:b7:
f1:5b:96:f6:54:36:9b:75:79:5e:87:67:7d:85:ce:9d:51:c8:
03:18:6c:e0:f2:57:5c:19:6c:8d:c3:f5:20:78:21:4f:da:10:
6c:b0:fb:aa:bb:ed:8b:82:cc:71:07:88:98:13:d7:61:4d:20:
02:e5:ac:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhshmj6kle4PGJIkWJe9BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDM1M2UyZjVkMzE4YzM0ODc3MmE4ZmYxMDVhYTcwNzE5
ZTQxMzUwHhcNMjUwMTAxMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY0YmYyOTQ1YThlNTU5NDdhMmNhMzgwNDZiNTEyOTU4NDdjODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyxEmv5NI4ZoHYo4+yW/HpKwVTOa
bc+abPP4vjJ21SxshMIfBdRfWQ1TIPtHWyGBNi7H4nedNSckGireLYdAOiiBIOKK
9Y9l/WYuygfTRH4vYzXA7SE3NlEK2HWlBO2CJ56YTcpBctlf9ItWoXckWjaWtg3F
426cLv/dEcT3JhMuiT794Fe/6YQXYLbzrMij3r9gktrDQiSOuI5qyMvnTDkg8INY
8P6dpoWSRm3uhTrojHk5qtLaTDE/eWhp1vKKykvPAi6lJzj20VCpUyym5UzGcFRl
ZHjX8Qa2k6AAvIPrDYh1/L3KUo8AfWZw+eAgbCwIJGbzo+b08mEJGOqsqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP1kvylFqOVZR6LKOARrUSlYR8h6MB8GA1UdIwQY
MBaAFN7TU+L10xjDSHcqj/EFqnBxnkE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgt
NGU4NWRhYmQ2NDc0LzEvX1dTX0tVV281VmxIb3NvNEJHdFJLVmhIeUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgtNGU4NWRhYmQ2NDc0
LzEvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT6pAAwQA
T6pCAwQBT6pEMA0GCSqGSIb3DQEBCwUAA4IBAQA5ggfclHyw/3n4y715pghuokfx
AtC6CI+b9jhDJ5zTQPPXQTsEsgvC/1mSou+QjZKwzjx7+T5qjPmi+VCnoUEIftBB
HfXmLPfGk0Q0EWynJVNycjXyWT0FZysS5zWPJNV69+E32puHoJxPfX1HfxtoKCxk
I4YoE4nxNvQMRXg9o/jMkBu+cIulzZnVz+nsqMrzBkbi2Q3s0XRf59LFXj+WlAOU
/d+qmpx5RPxNWR1XGc3+wXF0eEPQRQuf001mrnxNPtCdSrfxW5b2VDabdXleh2d9
hc6dUcgDGGzg8ldcGWyNw/UgeCFP2hBssPuqu+2LgsxxB4iYE9dhTSAC5axI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:49 2025 by rpki-client