Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/W91Q9sg-wt2Yu4aCAosEC68ooGE.roa
File: W91Q9sg-wt2Yu4aCAosEC68ooGE.roa (raw, json)
Hash identifier: BIWQEvEog0g/a9yQQIpBHPkgCuPipM7XeO+sijWcmL8=
Subject key identifier: 5B:DD:50:F6:C8:3E:C2:DD:98:BB:86:82:02:8B:04:0B:AF:28:A0:61
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01940905BF004DA4007EF625E4996DA2A323
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/W91Q9sg-wt2Yu4aCAosEC68ooGE.roa
Signing time: Fri 27 Dec 2024 16:49:19 +0000
ROA not before: Fri 27 Dec 2024 16:49:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43357
IP address blocks: 45.130.20.0/22 maxlen: 32
45.147.50.0/24 maxlen: 32
45.147.51.0/24 maxlen: 32
80.66.198.0/24 maxlen: 32
92.60.40.0/24 maxlen: 24
185.184.220.0/24 maxlen: 32
185.184.222.0/24 maxlen: 32
185.194.52.0/22 maxlen: 24
185.248.85.0/24 maxlen: 24
185.254.75.0/24 maxlen: 32
194.36.25.0/24 maxlen: 24
2a03:d9c0:3000::/48 maxlen: 48
2a07:fe00:1::/48 maxlen: 48
2a09:7:2007::/48 maxlen: 48
2a0b:89c1:3::/48 maxlen: 48
2a0c:59c0:18::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:05:bf:00:4d:a4:00:7e:f6:25:e4:99:6d:a2:a3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Dec 27 16:49:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bdd50f6c83ec2dd98bb8682028b040baf28a061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:62:3e:bc:e0:aa:76:dc:2a:3c:c2:3d:7a:df:
55:e8:be:ec:ef:02:04:30:9d:38:d0:2f:92:91:c7:
f4:98:94:13:86:3a:b9:b2:35:f9:1d:f8:2a:c5:d1:
e9:dd:32:be:11:43:ea:a2:3d:1d:98:b3:7d:7d:b6:
84:b4:3e:c2:c9:e2:d3:6d:1b:2d:bf:01:cc:f7:b5:
01:78:32:66:9b:58:78:bf:15:f4:0e:e8:bf:dc:25:
ab:40:23:3f:aa:30:c0:a2:79:5b:56:2b:52:c7:7e:
8c:d1:e9:c9:20:ee:38:1e:6d:cd:a8:8c:87:48:39:
29:21:12:de:55:00:e9:ee:8b:eb:bc:da:65:6c:cf:
b2:52:0c:a8:24:34:c2:4c:77:54:44:e7:54:98:0d:
37:7c:4a:60:df:a3:f7:8a:f6:38:e0:74:b7:05:05:
f9:60:47:5c:a9:32:7a:1b:b7:4f:49:89:40:df:b5:
87:ea:b8:de:e3:0a:35:94:07:ed:c0:09:ec:92:61:
d7:8e:83:ad:e1:08:77:0e:27:9b:b6:c0:c2:51:d3:
2f:60:e7:41:ad:59:ac:0b:41:55:ff:31:3b:3e:dc:
f0:97:d1:da:67:eb:7f:aa:51:27:fe:33:ed:e1:5b:
17:5c:fb:08:f3:14:58:bc:41:5c:f5:5a:f3:97:c1:
53:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DD:50:F6:C8:3E:C2:DD:98:BB:86:82:02:8B:04:0B:AF:28:A0:61
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/W91Q9sg-wt2Yu4aCAosEC68ooGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.20.0/22
45.147.50.0/23
80.66.198.0/24
92.60.40.0/24
185.184.220.0/24
185.184.222.0/24
185.194.52.0/22
185.248.85.0/24
185.254.75.0/24
194.36.25.0/24
IPv6:
2a03:d9c0:3000::/48
2a07:fe00:1::/48
2a09:7:2007::/48
2a0b:89c1:3::/48
2a0c:59c0:18::/48
Signature Algorithm: sha256WithRSAEncryption
95:91:4c:88:71:71:e9:d3:0c:df:a3:e5:ff:42:9d:b5:5c:b8:
d5:c4:ce:c3:bd:3e:c6:aa:2c:1c:6d:c0:f6:22:3a:b3:3f:11:
f1:2b:15:6d:ea:a3:43:86:91:a5:c5:fc:9f:c3:ec:b4:6e:81:
39:a8:e7:49:a2:13:63:18:be:93:a2:2a:a1:ba:14:81:9a:1f:
9a:aa:67:06:3d:66:ca:7c:7a:08:6d:fa:74:fe:c7:32:d3:52:
c8:8c:d6:72:b2:7f:4a:70:6d:a0:1c:65:c8:56:a1:ff:c6:42:
51:3f:37:c4:41:6c:a7:58:79:dd:2b:9f:ad:aa:20:7f:28:a4:
3a:0a:8c:a6:8d:31:7f:e5:8e:a9:13:d8:55:6b:3e:01:a1:2d:
a2:35:31:64:96:de:01:80:c0:81:e1:f0:3a:64:20:73:30:32:
fb:7a:b8:01:b3:f3:2b:71:42:24:42:40:f3:9c:1c:54:1d:fe:
ac:13:4d:d9:d9:09:d3:1e:f0:91:94:4e:37:cb:bf:98:da:98:
0c:b3:0f:86:dc:f9:02:9d:9e:79:59:79:57:a4:5d:6e:6a:7c:
34:00:f7:ce:7b:26:17:92:89:0c:53:a2:5c:27:29:98:e1:36:
02:32:d0:d0:07:f2:2a:90:ff:b6:0f:fc:fb:0f:a3:93:0e:57:
00:90:74:ad
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZQJBb8ATaQAfvYl5JltoqMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMjI3MTY0OTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRkNTBmNmM4M2VjMmRkOThiYjg2ODIwMjhiMDQwYmFmMjhhMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWI+vOCqdtwqPMI9et9V6L7s7wIE
MJ040C+Skcf0mJQThjq5sjX5HfgqxdHp3TK+EUPqoj0dmLN9fbaEtD7CyeLTbRst
vwHM97UBeDJmm1h4vxX0Dui/3CWrQCM/qjDAonlbVitSx36M0enJIO44Hm3NqIyH
SDkpIRLeVQDp7ovrvNplbM+yUgyoJDTCTHdUROdUmA03fEpg36P3ivY44HS3BQX5
YEdcqTJ6G7dPSYlA37WH6rje4wo1lAftwAnskmHXjoOt4Qh3DiebtsDCUdMvYOdB
rVmsC0FV/zE7Ptzwl9HaZ+t/qlEn/jPt4VsXXPsI8xRYvEFc9Vrzl8FTfwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFFvdUPbIPsLdmLuGggKLBAuvKKBhMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVzkxUTlzZy13dDJZdTRhQ0Fvc0VDNjhvb0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwQgQCAAEwPAMEAi2CFAME
AS2TMgMEAFBCxgMEAFw8KAMEALm43AMEALm43gMEArnCNAMEALn4VQMEALn+SwME
AMIkGTAzBAIAAjAtAwcAKgPZwDAAAwcAKgf+AAABAwcAKgkAByAHAwcAKguJwQAD
AwcAKgxZwAAYMA0GCSqGSIb3DQEBCwUAA4IBAQCVkUyIcXHp0wzfo+X/Qp21XLjV
xM7DvT7GqiwcbcD2IjqzPxHxKxVt6qNDhpGlxfyfw+y0boE5qOdJohNjGL6Toiqh
uhSBmh+aqmcGPWbKfHoIbfp0/scy01LIjNZysn9KcG2gHGXIVqH/xkJRPzfEQWyn
WHndK5+tqiB/KKQ6CoymjTF/5Y6pE9hVaz4BoS2iNTFklt4BgMCB4fA6ZCBzMDL7
ergBs/MrcUIkQkDznBxUHf6sE03Z2QnTHvCRlE43y7+Y2pgMsw+G3PkCnZ55WXlX
pF1uanw0APfOeyYXkokMU6JcJymY4TYCMtDQB/IqkP+2D/z7D6OTDlcAkHSt
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:16:35 2025 by rpki-client