Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/w1G4lufVL1oZHaaA7E0GGRQcriI.roa
File: w1G4lufVL1oZHaaA7E0GGRQcriI.roa (raw, json)
Hash identifier: MUP7TBQ1sX5vjM8bYqAHvmX/VnFPyS9US8arLfAFXb8=
Subject key identifier: C3:51:B8:96:E7:D5:2F:5A:19:1D:A6:80:EC:4D:06:19:14:1C:AE:22
Certificate issuer: /CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Certificate serial: 01856CC157D5F738C1781840A9A203E9BA33
Authority key identifier: 98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/w1G4lufVL1oZHaaA7E0GGRQcriI.roa
Signing time: Sun 01 Jan 2023 09:54:48 +0000
ROA not before: Sun 01 Jan 2023 09:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2852
IP address blocks: 147.251.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:57:d5:f7:38:c1:78:18:40:a9:a2:03:e9:ba:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Validity
Not Before: Jan 1 09:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c351b896e7d52f5a191da680ec4d0619141cae22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:79:e6:a8:63:4a:22:99:2f:51:7a:e5:72:9a:
df:f9:3b:81:f1:27:ba:e2:63:5a:4f:c0:23:c9:7d:
97:71:5e:cd:90:1a:d6:d4:91:c9:61:7c:20:c4:f9:
03:b2:6c:ef:55:30:31:fb:db:a0:85:f8:cd:e5:7e:
2d:90:28:44:06:23:84:91:0f:cd:47:e6:51:8d:3d:
61:2b:54:2d:f5:a4:fa:78:05:ab:9a:c1:c0:39:d1:
96:ef:79:9e:1c:42:95:4f:27:06:3c:90:a4:35:f7:
2c:af:48:9a:20:23:c1:d4:4e:b4:23:f4:cc:0b:96:
98:a3:d2:0f:f0:95:b5:33:e6:9b:5c:73:39:ed:f7:
37:71:11:77:fd:3c:0d:6f:05:ad:35:bb:fb:d3:4d:
74:27:24:13:17:c0:0d:a1:04:8b:bd:86:e0:cd:f3:
c4:ef:74:4e:2c:d5:12:a9:30:14:86:fd:47:13:19:
1a:94:38:0f:a4:f9:c6:62:48:b0:b7:62:e6:38:54:
f1:bc:7a:d7:7c:ea:bb:c0:d0:c5:08:2a:4a:c4:dd:
e9:ea:f4:9e:d0:35:60:eb:42:04:d9:63:84:6c:6b:
1b:e8:5a:2e:5a:75:56:63:14:fc:e3:63:f9:74:0f:
bb:37:8b:df:fd:51:a8:53:9d:37:52:fc:ee:6f:a6:
1d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:51:B8:96:E7:D5:2F:5A:19:1D:A6:80:EC:4D:06:19:14:1C:AE:22
X509v3 Authority Key Identifier:
keyid:98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/w1G4lufVL1oZHaaA7E0GGRQcriI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/mBGGh_3W_4D7CYqe7vBt43f4XW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.251.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:80:af:55:15:8c:02:d4:aa:7d:7e:9f:74:d4:44:2a:29:22:
23:d2:cd:b6:42:21:62:1c:4b:98:6c:56:e8:43:c3:34:bf:be:
0b:dc:fe:25:96:8e:df:c4:21:67:c0:cb:68:aa:4c:26:03:aa:
98:24:03:f1:d7:fc:62:00:37:7a:cc:b5:fa:39:4e:25:10:41:
fd:7c:24:3c:1c:24:89:63:87:a3:28:ad:1f:4d:e5:61:af:ea:
0f:1b:2d:8f:76:ca:f5:61:65:ec:a7:e8:01:53:51:5d:ba:23:
3f:e1:00:de:a7:99:c3:0a:30:5f:bb:2e:14:bf:67:6c:06:b1:
52:22:84:9d:7f:fb:cd:7a:00:23:33:98:f3:49:bb:b2:4f:97:
f8:e1:71:e3:e1:2a:94:1e:57:ec:5d:8d:83:c4:97:fa:4d:d2:
ef:96:d1:28:ec:36:bf:15:fb:0f:f1:2c:dd:ac:c8:7f:55:aa:
3d:c1:26:fd:60:73:82:45:cf:90:57:a6:b7:44:0d:0b:e0:46:
9b:1c:f3:6a:80:7f:08:2e:e6:d0:b0:cc:ef:26:89:0c:c6:6e:
d5:cb:af:f3:b0:e4:2c:2c:92:10:f6:c4:c1:d9:7b:27:0e:73:
35:d5:25:1c:b7:a1:df:e7:c9:f3:e0:08:db:9d:59:ee:94:cb:
74:8e:8a:f2
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVswVfV9zjBeBhAqaID6bozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTE4Njg3ZmRkNmZmODBmYjA5OGE5ZWVlZjA2ZGUzNzdm
ODVkNmUwHhcNMjMwMTAxMDk1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzUxYjg5NmU3ZDUyZjVhMTkxZGE2ODBlYzRkMDYxOTE0MWNhZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonnmqGNKIpkvUXrlcprf+TuB8Se6
4mNaT8AjyX2XcV7NkBrW1JHJYXwgxPkDsmzvVTAx+9ughfjN5X4tkChEBiOEkQ/N
R+ZRjT1hK1Qt9aT6eAWrmsHAOdGW73meHEKVTycGPJCkNfcsr0iaICPB1E60I/TM
C5aYo9IP8JW1M+abXHM57fc3cRF3/TwNbwWtNbv70010JyQTF8ANoQSLvYbgzfPE
73ROLNUSqTAUhv1HExkalDgPpPnGYkiwt2LmOFTxvHrXfOq7wNDFCCpKxN3p6vSe
0DVg60IE2WOEbGsb6FouWnVWYxT842P5dA+7N4vf/VGoU503Uvzub6YdEQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMNRuJbn1S9aGR2mgOxNBhkUHK4iMB8GA1UdIwQY
MBaAFJgRhof91v+A+wmKnu7wbeN3+F1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYt
NjlhZjBhNmU5ODliLzEvdzFHNGx1ZlZMMW9aSGFhQTdFMEdHUlFjcmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYtNjlhZjBhNmU5ODli
LzEvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk/swDQYJ
KoZIhvcNAQELBQADggEBAF+Ar1UVjALUqn1+n3TURCopIiPSzbZCIWIcS5hsVuhD
wzS/vgvc/iWWjt/EIWfAy2iqTCYDqpgkA/HX/GIAN3rMtfo5TiUQQf18JDwcJIlj
h6MorR9N5WGv6g8bLY92yvVhZeyn6AFTUV26Iz/hAN6nmcMKMF+7LhS/Z2wGsVIi
hJ1/+816ACMzmPNJu7JPl/jhcePhKpQeV+xdjYPEl/pN0u+W0SjsNr8V+w/xLN2s
yH9Vqj3BJv1gc4JFz5BXprdEDQvgRpsc82qAfwgu5tCwzO8miQzGbtXLr/Ow5Cws
khD2xMHZeycOczXVJRy3od/nyfPgCNudWe6Uy3SOivI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:43 2025 by rpki-client