Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/04946b-22fe-4a33-b6ac-d05f0ff4c243/1/hXwoqMIn8qTJK4QROzsdYrUWzFo.roa
File: hXwoqMIn8qTJK4QROzsdYrUWzFo.roa (raw, json)
Hash identifier: q4ywFzuLrG+FijJpEev/rbrnrzro4PHR2eo/yOYJJWU=
Subject key identifier: 85:7C:28:A8:C2:27:F2:A4:C9:2B:84:11:3B:3B:1D:62:B5:16:CC:5A
Certificate issuer: /CN=5814cb3885fd336d414e70dce3ed190d79243263
Certificate serial: 0191E14FCD0460C6E6219214C5B35ED77572
Authority key identifier: 58:14:CB:38:85:FD:33:6D:41:4E:70:DC:E3:ED:19:0D:79:24:32:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WBTLOIX9M21BTnDc4-0ZDXkkMmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/04946b-22fe-4a33-b6ac-d05f0ff4c243/1/hXwoqMIn8qTJK4QROzsdYrUWzFo.roa
Signing time: Wed 11 Sep 2024 13:39:48 +0000
ROA not before: Wed 11 Sep 2024 13:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35263
IP address blocks: 86.109.64.0/19 maxlen: 19
2a00:1b90::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:4f:cd:04:60:c6:e6:21:92:14:c5:b3:5e:d7:75:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5814cb3885fd336d414e70dce3ed190d79243263
Validity
Not Before: Sep 11 13:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=857c28a8c227f2a4c92b84113b3b1d62b516cc5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:70:2a:10:ed:2b:24:4f:f1:de:0d:81:09:6e:
cd:1d:87:6f:ac:e2:80:cf:0a:b7:fd:5f:8d:56:d3:
ba:12:72:ab:38:23:ae:e9:0f:db:1b:af:b3:25:d2:
af:50:57:3b:20:6c:75:ab:0a:1c:53:03:dc:6a:7a:
81:ee:df:1f:d8:40:9f:1b:60:06:d3:52:0a:f3:f9:
c2:2b:05:5a:e3:88:a8:a0:cd:09:8c:1a:21:47:f9:
07:f2:eb:3d:ad:5b:6a:d1:cf:64:77:94:61:79:e4:
11:8c:33:e8:e3:97:5e:52:a0:35:09:9a:43:5c:f2:
27:1b:0f:38:f0:60:3a:a8:be:6b:56:26:12:4c:6c:
f3:04:0a:69:65:e3:ac:f5:3b:e2:ce:9d:11:ad:81:
0a:b1:ad:78:1f:76:0f:cf:aa:18:ad:6d:51:85:77:
b6:29:3a:18:d3:9e:78:5d:ef:10:5c:32:fb:e2:c6:
52:7e:f4:0d:b1:2d:1e:c5:67:cf:d7:51:ed:15:ad:
e8:b0:e2:e4:7e:a0:29:cf:b8:3c:f5:6f:3c:41:0f:
f6:38:1a:30:bb:66:18:b6:19:50:ba:7b:a0:35:52:
b0:37:ed:16:f4:8c:84:54:ac:7d:75:f2:56:ea:10:
c8:63:4b:60:6a:bc:d2:2a:fd:53:65:57:41:17:b4:
e8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7C:28:A8:C2:27:F2:A4:C9:2B:84:11:3B:3B:1D:62:B5:16:CC:5A
X509v3 Authority Key Identifier:
keyid:58:14:CB:38:85:FD:33:6D:41:4E:70:DC:E3:ED:19:0D:79:24:32:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBTLOIX9M21BTnDc4-0ZDXkkMmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/04946b-22fe-4a33-b6ac-d05f0ff4c243/1/hXwoqMIn8qTJK4QROzsdYrUWzFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/04946b-22fe-4a33-b6ac-d05f0ff4c243/1/WBTLOIX9M21BTnDc4-0ZDXkkMmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.64.0/19
IPv6:
2a00:1b90::/32
Signature Algorithm: sha256WithRSAEncryption
27:ee:ef:f0:24:08:10:61:8e:58:01:ad:25:dd:57:b7:05:a3:
ba:81:9d:27:f3:ec:43:2e:47:31:94:79:79:fa:93:db:a1:c0:
cb:0b:40:3e:c3:de:5c:6a:cd:87:d8:9d:b1:3d:ef:15:b9:47:
91:90:c6:e7:e7:02:88:57:a8:84:9c:18:6b:7b:36:dc:f2:56:
5c:07:42:9d:a4:0d:71:a1:f6:51:2b:96:22:dd:d3:b7:79:b4:
3e:15:33:79:23:75:d4:c8:60:ac:1a:62:be:45:a4:a2:81:1c:
92:6b:90:04:33:08:60:00:72:54:47:7e:22:cb:02:54:59:4f:
e5:fb:89:45:1e:f9:e8:0e:f2:7a:77:9e:83:f2:da:3e:ff:2b:
c2:19:87:0a:2d:8e:7a:e8:3a:10:2e:f6:8a:71:45:8a:6f:a2:
8e:f4:b3:14:31:a7:1b:7b:ec:35:47:6a:8d:4f:a3:20:13:44:
d3:4d:cd:59:5d:af:13:25:18:0b:16:fa:cb:50:79:c9:bf:78:
99:cb:78:b4:dd:f9:25:7a:ba:d6:8c:eb:f1:0b:14:8e:e9:05:
3f:40:a1:61:4a:fe:b0:5b:4c:f3:1c:d7:90:d7:4e:08:e1:38:
17:14:a6:72:15:6e:02:9b:f7:57:fb:47:f4:4e:9c:3a:d1:62:
ce:8f:6a:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZHhT80EYMbmIZIUxbNe13VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTRjYjM4ODVmZDMzNmQ0MTRlNzBkY2UzZWQxOTBkNzky
NDMyNjMwHhcNMjQwOTExMTMzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTdjMjhhOGMyMjdmMmE0YzkyYjg0MTEzYjNiMWQ2MmI1MTZjYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHAqEO0rJE/x3g2BCW7NHYdvrOKA
zwq3/V+NVtO6EnKrOCOu6Q/bG6+zJdKvUFc7IGx1qwocUwPcanqB7t8f2ECfG2AG
01IK8/nCKwVa44iooM0JjBohR/kH8us9rVtq0c9kd5RheeQRjDPo45deUqA1CZpD
XPInGw848GA6qL5rViYSTGzzBAppZeOs9Tvizp0RrYEKsa14H3YPz6oYrW1RhXe2
KToY0554Xe8QXDL74sZSfvQNsS0exWfP11HtFa3osOLkfqApz7g89W88QQ/2OBow
u2YYthlQunugNVKwN+0W9IyEVKx9dfJW6hDIY0tgarzSKv1TZVdBF7ToGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIV8KKjCJ/KkySuEETs7HWK1FsxaMB8GA1UdIwQY
MBaAFFgUyziF/TNtQU5w3OPtGQ15JDJjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JUTE9JWDlNMjFCVG5EYzQtMFpEWGtrTW1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8wNDk0NmItMjJmZS00YTMzLWI2YWMt
ZDA1ZjBmZjRjMjQzLzEvaFh3b3FNSW44cVRKSzRRUk96c2RZclVXekZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8wNDk0NmItMjJmZS00YTMzLWI2YWMtZDA1ZjBmZjRjMjQz
LzEvV0JUTE9JWDlNMjFCVG5EYzQtMFpEWGtrTW1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVm1AMA0E
AgACMAcDBQAqABuQMA0GCSqGSIb3DQEBCwUAA4IBAQAn7u/wJAgQYY5YAa0l3Ve3
BaO6gZ0n8+xDLkcxlHl5+pPbocDLC0A+w95cas2H2J2xPe8VuUeRkMbn5wKIV6iE
nBhrezbc8lZcB0KdpA1xofZRK5Yi3dO3ebQ+FTN5I3XUyGCsGmK+RaSigRySa5AE
MwhgAHJUR34iywJUWU/l+4lFHvnoDvJ6d56D8to+/yvCGYcKLY566DoQLvaKcUWK
b6KO9LMUMacbe+w1R2qNT6MgE0TTTc1ZXa8TJRgLFvrLUHnJv3iZy3i03fklerrW
jOvxCxSO6QU/QKFhSv6wW0zzHNeQ104I4TgXFKZyFW4Cm/dX+0f0Tpw60WLOj2pP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:01 2025 by rpki-client