Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/wGt5pipgZHoKC7AVh5WZIWfX1iI.roa
File: wGt5pipgZHoKC7AVh5WZIWfX1iI.roa (raw, json)
Hash identifier: 5OMrtI5aHPg5vA9Q2ATwwtc5vHAjdkiUpP7InnA3fUU=
Subject key identifier: C0:6B:79:A6:2A:60:64:7A:0A:0B:B0:15:87:95:99:21:67:D7:D6:22
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0192FC2DA08B146EEE5111BF7D1CE7DA92EC
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/wGt5pipgZHoKC7AVh5WZIWfX1iI.roa
Signing time: Tue 05 Nov 2024 11:55:01 +0000
ROA not before: Tue 05 Nov 2024 11:55:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.84.0/24 maxlen: 24
198.38.85.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:2d:a0:8b:14:6e:ee:51:11:bf:7d:1c:e7:da:92:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Nov 5 11:55:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c06b79a62a60647a0a0bb0158795992167d7d622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:e1:d2:7c:da:26:99:5c:49:61:49:a0:19:
98:d7:ba:56:d1:ae:f9:dd:60:cd:92:3e:7f:96:f6:
3c:75:f3:a7:66:22:4b:02:b0:91:e9:a3:77:cb:45:
e0:36:07:a2:3d:6b:d8:2b:39:c1:2d:97:7f:6b:33:
25:68:7e:ec:d6:dd:c7:cf:09:df:05:3c:2d:e1:5c:
bf:16:c9:e4:76:4c:0f:be:c2:92:fd:fe:c4:32:86:
25:7b:27:94:be:ca:0e:d1:03:fa:01:0f:f1:be:2c:
6b:7f:80:58:96:4b:86:e6:e2:e8:0b:5a:12:fc:4b:
f8:b8:23:91:0a:bb:b5:f1:75:ed:50:25:28:06:08:
4e:c2:6f:e5:06:47:3e:3e:52:a2:46:bf:0c:37:0e:
43:36:a6:cf:66:e0:15:f3:2b:bb:f4:64:ec:76:ff:
cb:64:57:3d:30:55:73:b7:b6:e3:9b:99:a0:9d:2e:
b0:a1:3a:91:02:11:45:69:61:b0:e8:a6:93:55:8e:
44:e9:0c:2e:ed:e5:b9:43:72:d6:ca:a7:ad:71:4b:
d4:c9:19:b7:33:20:ad:d0:a8:74:cf:3b:e6:cc:d4:
99:08:7e:3d:6b:ec:1c:91:fc:cc:70:c3:ac:7d:c7:
c3:46:d6:b4:80:e8:ac:ae:a0:5b:df:e4:ab:19:74:
07:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6B:79:A6:2A:60:64:7A:0A:0B:B0:15:87:95:99:21:67:D7:D6:22
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/wGt5pipgZHoKC7AVh5WZIWfX1iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.84.0-198.38.95.255
Signature Algorithm: sha256WithRSAEncryption
90:9a:4b:09:f8:e4:4c:e7:af:7b:5d:a9:b4:fd:83:39:9b:b7:
6c:7d:40:c1:4d:23:96:80:fa:35:54:9e:8b:c9:58:58:73:61:
50:2c:44:f6:c2:60:cc:61:72:0f:45:39:45:0f:2f:e4:c6:ed:
4b:bc:ec:31:84:d4:5e:b3:fe:a3:16:b4:0f:93:c0:a2:e3:aa:
e4:2c:ec:51:07:e9:c7:2a:d6:c7:18:38:f0:52:df:81:0c:c4:
cb:50:71:9b:dc:4e:55:dc:2b:9a:ed:d1:c8:1d:82:d9:82:66:
cc:9a:68:4f:20:a0:03:7e:8f:31:d1:3b:e1:78:b3:14:30:55:
bd:3a:5a:35:40:cc:b7:f0:f8:31:3c:ce:be:8b:74:15:9a:82:
86:d4:6c:04:2f:47:2a:9c:3b:2d:05:f6:cd:20:e3:72:81:c8:
e3:fb:08:86:72:6b:3b:fa:78:cb:c8:11:4a:2f:4e:12:07:ae:
b4:a7:d7:be:e8:65:f2:4d:ba:c5:98:c1:30:64:75:3d:65:7d:
2d:10:64:d9:4c:48:aa:ae:99:92:6b:c4:94:13:00:a4:de:3d:
d6:a8:43:58:a0:8a:34:99:58:65:2d:ff:73:ad:e0:fe:a4:d3:
ab:fc:86:41:11:d1:44:d2:24:3b:64:64:e8:16:3a:21:f7:df:
9d:40:d0:ad
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZL8LaCLFG7uURG/fRzn2pLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMTA1MTE1NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDZiNzlhNjJhNjA2NDdhMGEwYmIwMTU4Nzk1OTkyMTY3ZDdkNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2Xh0nzaJplcSWFJoBmY17pW0a75
3WDNkj5/lvY8dfOnZiJLArCR6aN3y0XgNgeiPWvYKznBLZd/azMlaH7s1t3Hzwnf
BTwt4Vy/FsnkdkwPvsKS/f7EMoYleyeUvsoO0QP6AQ/xvixrf4BYlkuG5uLoC1oS
/Ev4uCORCru18XXtUCUoBghOwm/lBkc+PlKiRr8MNw5DNqbPZuAV8yu79GTsdv/L
ZFc9MFVzt7bjm5mgnS6woTqRAhFFaWGw6KaTVY5E6Qwu7eW5Q3LWyqetcUvUyRm3
MyCt0Kh0zzvmzNSZCH49a+wckfzMcMOsfcfDRta0gOisrqBb3+SrGXQHNwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMBreaYqYGR6CguwFYeVmSFn19YiMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvd0d0NXBpcGdaSG9LQzdBVmg1V1pJV2ZYMWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALGJlQD
BAXGJkAwDQYJKoZIhvcNAQELBQADggEBAJCaSwn45Eznr3tdqbT9gzmbt2x9QMFN
I5aA+jVUnovJWFhzYVAsRPbCYMxhcg9FOUUPL+TG7Uu87DGE1F6z/qMWtA+TwKLj
quQs7FEH6ccq1scYOPBS34EMxMtQcZvcTlXcK5rt0cgdgtmCZsyaaE8goAN+jzHR
O+F4sxQwVb06WjVAzLfw+DE8zr6LdBWagobUbAQvRyqcOy0F9s0g43KByOP7CIZy
azv6eMvIEUovThIHrrSn177oZfJNusWYwTBkdT1lfS0QZNlMSKqumZJrxJQTAKTe
PdaoQ1igijSZWGUt/3Ot4P6k06v8hkER0UTSJDtkZOgWOiH3351A0K0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:34:38 2025 by rpki-client