Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/_wxIpWqyIqcwT0jIFu3wHCtTeaU.roa
File: _wxIpWqyIqcwT0jIFu3wHCtTeaU.roa (raw, json)
Hash identifier: xOk/21eFHjKuIzv68qQ9JRiKqa1DmIrIgWrxs+VwFgc=
Subject key identifier: FF:0C:48:A5:6A:B2:22:A7:30:4F:48:C8:16:ED:F0:1C:2B:53:79:A5
Certificate issuer: /CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Certificate serial: 01857227CCF66140E1CD9886C2B015E3D830
Authority key identifier: C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/_wxIpWqyIqcwT0jIFu3wHCtTeaU.roa
Signing time: Mon 02 Jan 2023 11:04:48 +0000
ROA not before: Mon 02 Jan 2023 11:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198295
IP address blocks: 37.9.128.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:cc:f6:61:40:e1:cd:98:86:c2:b0:15:e3:d8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6f5dec09bc7a1203045699ba058295d38e346
Validity
Not Before: Jan 2 11:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff0c48a56ab222a7304f48c816edf01c2b5379a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cb:ea:54:c8:9c:bb:d4:16:57:49:e7:68:02:
15:31:3d:f6:e8:3f:a7:5e:d3:59:e1:fc:85:22:f5:
9c:5a:2c:44:76:02:1e:5d:2d:6f:42:76:71:82:be:
93:f9:5d:03:7d:ef:2a:2d:29:2b:c2:56:99:ab:d4:
c7:42:b3:d3:14:97:b5:9d:f9:5d:33:7d:06:b6:35:
69:4e:94:fa:92:47:b9:db:58:55:de:b7:ce:85:70:
a2:2f:82:40:17:24:ef:5d:92:cf:93:15:58:7f:bb:
9e:bf:f0:32:cc:98:b2:df:d7:94:7d:db:52:13:39:
f6:da:ce:57:ec:e2:4a:00:c1:e1:a6:95:06:01:50:
cc:3c:37:41:96:9e:61:27:82:50:1d:48:2f:1b:1f:
81:af:d2:76:d9:78:90:54:3f:0d:e0:e9:cc:1c:f3:
ca:58:6a:c2:9f:ac:84:cc:cf:06:4e:b3:21:45:9f:
31:81:1d:ac:ec:17:9c:36:10:68:56:e0:26:af:07:
fb:6d:80:b5:a8:95:75:1b:25:18:26:c8:30:6b:4b:
56:7b:43:8d:af:8a:09:de:0a:ed:31:e7:83:0d:b1:
19:ea:19:ac:ab:98:cf:10:6c:e4:89:28:ed:15:e0:
1c:65:12:08:f2:ec:b5:91:13:f1:34:d5:b0:6d:fd:
b5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0C:48:A5:6A:B2:22:A7:30:4F:48:C8:16:ED:F0:1C:2B:53:79:A5
X509v3 Authority Key Identifier:
keyid:C8:F6:F5:DE:C0:9B:C7:A1:20:30:45:69:9B:A0:58:29:5D:38:E3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPb13sCbx6EgMEVpm6BYKV0440Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/_wxIpWqyIqcwT0jIFu3wHCtTeaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/48cb86-2750-4d6a-8a71-1be525576863/1/yPb13sCbx6EgMEVpm6BYKV0440Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.128.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:a9:fc:2d:0a:7e:ab:35:ba:c3:e1:9f:b9:f6:0d:00:ab:b6:
d5:1e:5e:98:1e:2d:b8:7a:3c:94:fa:44:10:4d:d5:81:00:d3:
4b:db:94:4c:fd:15:30:5d:9b:62:43:e9:4b:4f:e7:6c:af:eb:
9b:21:ae:ad:e8:62:ad:4e:4c:a6:fd:a3:88:d3:29:3a:34:06:
29:d4:a3:42:6a:0f:ce:31:00:27:a3:62:ec:12:63:72:07:77:
59:5c:04:33:03:d0:74:f1:1e:a8:83:c4:36:8d:7d:d5:ab:6c:
a1:eb:e1:a5:07:8b:f2:bc:32:3b:4e:67:98:7e:7a:1c:36:f7:
de:5f:8a:7b:12:61:48:19:5c:be:f9:00:b1:3e:43:45:b2:c6:
be:5e:f3:a5:62:87:d2:e1:1f:77:cf:ca:d7:8f:1e:f6:17:86:
88:23:92:64:83:83:a4:14:e3:2d:40:ca:f9:c9:f3:09:98:69:
18:67:ee:1b:ec:a5:32:32:43:43:c3:5a:5c:5c:08:da:18:69:
2b:c3:71:a6:f0:91:32:89:4e:76:8f:c2:b1:81:41:1b:c1:c7:
5b:7c:d6:bc:9f:4f:bb:33:33:95:62:8e:c3:54:ee:60:a1:1f:
8d:ba:f3:fd:5d:ba:d0:4b:82:48:15:b5:0b:16:46:ce:9d:73:
67:af:ec:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ8z2YUDhzZiGwrAV49gwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZmNWRlYzA5YmM3YTEyMDMwNDU2OTliYTA1ODI5NWQz
OGUzNDYwHhcNMjMwMTAyMTEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjBjNDhhNTZhYjIyMmE3MzA0ZjQ4YzgxNmVkZjAxYzJiNTM3OWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MvqVMicu9QWV0nnaAIVMT326D+n
XtNZ4fyFIvWcWixEdgIeXS1vQnZxgr6T+V0Dfe8qLSkrwlaZq9THQrPTFJe1nfld
M30GtjVpTpT6kke521hV3rfOhXCiL4JAFyTvXZLPkxVYf7uev/AyzJiy39eUfdtS
Ezn22s5X7OJKAMHhppUGAVDMPDdBlp5hJ4JQHUgvGx+Br9J22XiQVD8N4OnMHPPK
WGrCn6yEzM8GTrMhRZ8xgR2s7BecNhBoVuAmrwf7bYC1qJV1GyUYJsgwa0tWe0ON
r4oJ3grtMeeDDbEZ6hmsq5jPEGzkiSjtFeAcZRII8uy1kRPxNNWwbf21YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8MSKVqsiKnME9IyBbt8BwrU3mlMB8GA1UdIwQY
MBaAFMj29d7Am8ehIDBFaZugWCldOONGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEt
MWJlNTI1NTc2ODYzLzEvX3d4SXBXcXlJcWN3VDBqSUZ1M3dIQ3RUZWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80OGNiODYtMjc1MC00ZDZhLThhNzEtMWJlNTI1NTc2ODYz
LzEveVBiMTNzQ2J4NkVnTUVWcG02QllLVjA0NDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJQmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAtqfwtCn6rNbrD4Z+59g0Aq7bVHl6YHi24ejyU+kQQ
TdWBANNL25RM/RUwXZtiQ+lLT+dsr+ubIa6t6GKtTkym/aOI0yk6NAYp1KNCag/O
MQAno2LsEmNyB3dZXAQzA9B08R6og8Q2jX3Vq2yh6+GlB4vyvDI7TmeYfnocNvfe
X4p7EmFIGVy++QCxPkNFssa+XvOlYofS4R93z8rXjx72F4aII5Jkg4OkFOMtQMr5
yfMJmGkYZ+4b7KUyMkNDw1pcXAjaGGkrw3Gm8JEyiU52j8KxgUEbwcdbfNa8n0+7
MzOVYo7DVO5goR+NuvP9XbrQS4JIFbULFkbOnXNnr+xN
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:42:00 2025 by rpki-client