Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/W7hm1v1BZSRkI-g-Q988i-QfQmg.roa
File: W7hm1v1BZSRkI-g-Q988i-QfQmg.roa (raw, json)
Hash identifier: tTl/U0i8KKl6mpPXvqkEhYGwVtb5LDrDTJXxu7tcm3E=
Subject key identifier: 5B:B8:66:D6:FD:41:65:24:64:23:E8:3E:43:DF:3C:8B:E4:1F:42:68
Certificate issuer: /CN=c17cc37f1ed81ac37b20faf0f42c41ab808f13c1
Certificate serial: 01941FFA792E4C516D731719CDD53615D7A8
Authority key identifier: C1:7C:C3:7F:1E:D8:1A:C3:7B:20:FA:F0:F4:2C:41:AB:80:8F:13:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wXzDfx7YGsN7IPrw9CxBq4CPE8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/W7hm1v1BZSRkI-g-Q988i-QfQmg.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.7.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:79:2e:4c:51:6d:73:17:19:cd:d5:36:15:d7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c17cc37f1ed81ac37b20faf0f42c41ab808f13c1
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb866d6fd4165246423e83e43df3c8be41f4268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:5d:09:76:e4:d1:6a:8a:87:6e:ae:29:6d:
76:7b:5f:df:27:50:bb:36:9f:bc:55:0c:2d:8d:63:
0c:8b:89:ec:b1:6f:8d:ac:90:4e:62:ac:9c:f9:ce:
61:cd:f4:60:66:3b:4b:02:84:5b:df:27:14:08:34:
16:52:68:c8:f2:1c:9b:0b:f2:79:41:84:1a:10:c4:
4d:58:9c:08:40:00:55:75:25:af:6d:06:4b:5b:a2:
e5:04:de:00:15:b4:6a:20:2f:ca:80:41:a8:6d:94:
dd:71:8f:3f:d0:6c:8e:0a:c2:a9:0e:9b:a1:68:e6:
04:08:0c:ad:ed:04:54:7e:1f:b2:c0:43:70:db:b9:
4c:f3:6d:fc:b1:84:94:3c:a9:c0:2b:4c:ac:06:50:
d7:c0:15:39:03:73:ef:b9:89:84:13:af:7c:4f:89:
0c:f0:e3:a2:f0:5c:ca:aa:4a:ad:de:c5:8d:e0:27:
e8:11:e1:2b:44:06:cc:3b:6b:11:6a:61:d5:1a:9b:
f5:28:6f:aa:7b:d1:94:a2:34:1a:0b:63:9d:a0:d9:
8d:f1:11:d7:1c:b2:d3:29:50:5b:a7:d0:97:dc:f0:
92:ea:be:cf:a3:b4:74:56:15:76:41:02:03:2b:fd:
1a:16:83:4c:65:dd:d6:be:db:8f:26:2d:39:bc:28:
4c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B8:66:D6:FD:41:65:24:64:23:E8:3E:43:DF:3C:8B:E4:1F:42:68
X509v3 Authority Key Identifier:
keyid:C1:7C:C3:7F:1E:D8:1A:C3:7B:20:FA:F0:F4:2C:41:AB:80:8F:13:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wXzDfx7YGsN7IPrw9CxBq4CPE8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/W7hm1v1BZSRkI-g-Q988i-QfQmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b10e06-257c-4995-879d-6d07d7f1a701/1/wXzDfx7YGsN7IPrw9CxBq4CPE8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.128.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:a2:c3:f5:8e:e7:89:82:2a:a1:ce:77:65:f8:43:78:ec:9f:
f9:9a:23:86:59:1d:14:31:f2:12:a6:b7:19:c7:c6:eb:e4:01:
2a:67:09:1e:33:dd:3d:c8:98:f4:a2:22:84:5f:ed:42:fc:62:
9c:18:3c:8e:a3:22:54:a6:9b:53:33:2e:d0:cc:3c:71:63:31:
e3:90:fb:4a:00:28:78:24:97:0a:7e:79:6e:5b:ac:f1:9b:37:
cb:0c:ac:8a:7d:8f:10:9a:89:aa:67:d7:f9:d7:0a:20:02:65:
04:38:81:e3:c4:43:be:91:5b:a0:3f:4a:f9:e5:c5:61:5b:88:
aa:1f:93:ec:34:48:e9:b2:5a:c6:be:6d:d1:ca:27:31:39:8a:
7c:7e:f0:d1:01:ad:1f:c4:84:ff:b7:aa:1f:d5:1f:bc:0a:9a:
7f:b8:de:cd:26:cf:92:dd:64:dc:6c:9a:da:81:e4:ed:97:99:
c5:f4:85:0a:e0:76:90:63:e3:7a:15:b3:16:53:c0:bb:e1:a5:
19:9a:e0:31:de:a6:33:f1:be:e7:23:f7:5b:48:d2:b4:78:5f:
63:2f:81:9b:13:bf:ab:1e:44:9d:10:0b:4f:59:89:30:a6:32:
60:24:f2:c6:54:bd:61:e0:d0:de:e4:8e:ea:77:dc:60:eb:3b:
0b:13:f3:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nkuTFFtcxcZzdU2FdeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxN2NjMzdmMWVkODFhYzM3YjIwZmFmMGY0MmM0MWFiODA4
ZjEzYzEwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI4NjZkNmZkNDE2NTI0NjQyM2U4M2U0M2RmM2M4YmU0MWY0MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRFdCXbk0WqKh26uKW12e1/fJ1C7
Np+8VQwtjWMMi4nssW+NrJBOYqyc+c5hzfRgZjtLAoRb3ycUCDQWUmjI8hybC/J5
QYQaEMRNWJwIQABVdSWvbQZLW6LlBN4AFbRqIC/KgEGobZTdcY8/0GyOCsKpDpuh
aOYECAyt7QRUfh+ywENw27lM8238sYSUPKnAK0ysBlDXwBU5A3PvuYmEE698T4kM
8OOi8FzKqkqt3sWN4CfoEeErRAbMO2sRamHVGpv1KG+qe9GUojQaC2OdoNmN8RHX
HLLTKVBbp9CX3PCS6r7Po7R0VhV2QQIDK/0aFoNMZd3WvtuPJi05vChMTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFu4Ztb9QWUkZCPoPkPfPIvkH0JoMB8GA1UdIwQY
MBaAFMF8w38e2BrDeyD68PQsQauAjxPBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1h6RGZ4N1lHc043SVBydzlDeEJxNENQRThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iMTBlMDYtMjU3Yy00OTk1LTg3OWQt
NmQwN2Q3ZjFhNzAxLzEvVzdobTF2MUJaU1JrSS1nLVE5ODhpLVFmUW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iMTBlMDYtMjU3Yy00OTk1LTg3OWQtNmQwN2Q3ZjFhNzAx
LzEvd1h6RGZ4N1lHc043SVBydzlDeEJxNENQRThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQeAMA0G
CSqGSIb3DQEBCwUAA4IBAQDRosP1jueJgiqhzndl+EN47J/5miOGWR0UMfISprcZ
x8br5AEqZwkeM909yJj0oiKEX+1C/GKcGDyOoyJUpptTMy7QzDxxYzHjkPtKACh4
JJcKfnluW6zxmzfLDKyKfY8QmomqZ9f51wogAmUEOIHjxEO+kVugP0r55cVhW4iq
H5PsNEjpslrGvm3RyicxOYp8fvDRAa0fxIT/t6of1R+8Cpp/uN7NJs+S3WTcbJra
geTtl5nF9IUK4HaQY+N6FbMWU8C74aUZmuAx3qYz8b7nI/dbSNK0eF9jL4GbE7+r
HkSdEAtPWYkwpjJgJPLGVL1h4NDe5I7qd9xg6zsLE/NO
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:41 2025 by rpki-client