Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/wnl2JH7TR5Suil54wScSQzokusQ.roa
File: wnl2JH7TR5Suil54wScSQzokusQ.roa (raw, json)
Hash identifier: HhOHDe7BTsMrKEXbmgn7d5o1LXqITq2qdCdvpAanV70=
Subject key identifier: C2:79:76:24:7E:D3:47:94:AE:8A:5E:78:C1:27:12:43:3A:24:BA:C4
Certificate issuer: /CN=334f9f83d2d74c0c0fd00da735578f737dd7da03
Certificate serial: 0194258E676FC8466C3A51222EDF56BAC06A
Authority key identifier: 33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/wnl2JH7TR5Suil54wScSQzokusQ.roa
Signing time: Thu 02 Jan 2025 05:47:57 +0000
ROA not before: Thu 02 Jan 2025 05:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210619
IP address blocks: 195.54.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:67:6f:c8:46:6c:3a:51:22:2e:df:56:ba:c0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=334f9f83d2d74c0c0fd00da735578f737dd7da03
Validity
Not Before: Jan 2 05:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c27976247ed34794ae8a5e78c12712433a24bac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c2:e2:e7:8b:83:e0:c9:c0:31:d7:be:c4:ef:
1c:92:73:d3:b3:69:1e:6c:96:1a:64:8c:83:4e:85:
2c:b8:cc:64:1a:e8:fd:7c:0d:81:52:73:ef:4a:8d:
8e:9f:70:77:59:5a:5f:86:37:0b:1d:d2:8c:8e:3f:
ae:4b:d3:8e:66:a4:0e:f5:ec:06:04:cd:a0:c0:86:
a4:bc:0e:28:61:37:7d:e5:57:e7:f8:75:22:4c:74:
12:da:d2:58:2c:cd:6b:5c:92:8e:e3:7e:36:5e:91:
48:9f:85:26:a7:cb:fc:16:10:f7:48:44:6b:89:09:
0f:cb:10:b6:f8:b7:79:46:6a:99:de:0a:b9:98:17:
79:35:a7:d0:64:52:5c:e1:6a:e9:2d:33:ac:bd:0f:
e1:8a:ed:e4:8c:e8:e3:60:4e:d3:2b:e4:de:11:96:
7a:00:57:e6:3f:ee:ae:0e:ea:29:35:ce:ee:8a:cf:
14:9f:29:86:a7:a6:00:40:ea:72:04:76:da:cf:7d:
a0:fe:52:49:72:ef:e6:46:84:52:d4:e0:c8:f7:c4:
91:cc:e4:0d:b4:b6:c4:ff:ae:a9:36:04:48:ac:eb:
bc:de:43:4f:4c:e7:f4:11:00:b5:17:07:96:a8:57:
b7:01:72:06:fa:0c:8a:57:fa:1c:79:ce:5b:fd:af:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:79:76:24:7E:D3:47:94:AE:8A:5E:78:C1:27:12:43:3A:24:BA:C4
X509v3 Authority Key Identifier:
keyid:33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/wnl2JH7TR5Suil54wScSQzokusQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/M0-fg9LXTAwP0A2nNVePc33X2gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.54.59.0/24
Signature Algorithm: sha256WithRSAEncryption
95:af:ee:77:4a:8d:6f:de:89:82:50:d1:d0:7b:d9:4e:b4:c1:
48:ad:16:ab:42:8b:18:3c:ba:4f:cf:de:cd:01:33:15:f9:40:
de:83:6d:54:e6:0d:b0:ec:97:4d:16:f3:8e:0a:c6:b6:89:de:
67:1c:b9:21:e5:3e:47:c2:74:54:6f:dc:af:a1:fa:24:2e:f5:
7a:c0:e6:de:a4:76:c1:27:2d:c1:60:da:85:44:2e:e2:f5:a0:
04:08:1c:21:1d:db:7d:c0:7e:a1:54:c3:4f:96:a3:ab:ee:b5:
54:6d:c1:f6:08:6e:3f:8b:61:df:2c:fc:b0:ab:83:67:cf:e0:
cc:04:6f:b2:a0:89:d0:6c:2d:88:24:68:16:0f:08:ac:59:83:
50:c5:38:b5:4c:2a:7d:0c:6e:91:00:72:e4:d2:94:b0:27:2e:
7b:55:bd:3e:49:45:1b:8b:9f:c7:d7:ed:48:6c:3d:2a:fa:ce:
c1:21:9c:25:14:08:67:ae:8e:a5:c1:c6:d7:c4:48:ee:85:28:
63:9b:56:7b:de:51:69:32:a5:98:45:a7:60:42:0f:62:1c:37:
69:1a:1d:c3:cd:49:b8:4e:4e:23:97:ef:0b:cb:f1:d1:9d:10:
78:ba:94:89:e0:cb:96:40:53:79:34:13:5a:fa:5f:78:e5:14:
7f:cd:62:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljmdvyEZsOlEiLt9WusBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNGY5ZjgzZDJkNzRjMGMwZmQwMGRhNzM1NTc4ZjczN2Rk
N2RhMDMwHhcNMjUwMTAyMDU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc5NzYyNDdlZDM0Nzk0YWU4YTVlNzhjMTI3MTI0MzNhMjRiYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cLi54uD4MnAMde+xO8cknPTs2ke
bJYaZIyDToUsuMxkGuj9fA2BUnPvSo2On3B3WVpfhjcLHdKMjj+uS9OOZqQO9ewG
BM2gwIakvA4oYTd95Vfn+HUiTHQS2tJYLM1rXJKO4342XpFIn4Ump8v8FhD3SERr
iQkPyxC2+Ld5RmqZ3gq5mBd5NafQZFJc4WrpLTOsvQ/hiu3kjOjjYE7TK+TeEZZ6
AFfmP+6uDuopNc7uis8UnymGp6YAQOpyBHbaz32g/lJJcu/mRoRS1ODI98SRzOQN
tLbE/66pNgRIrOu83kNPTOf0EQC1FweWqFe3AXIG+gyKV/ocec5b/a81TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJ5diR+00eUropeeMEnEkM6JLrEMB8GA1UdIwQY
MBaAFDNPn4PS10wMD9ANpzVXj3N919oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTAtZmc5TFhUQXdQMEEybk5WZVBjMzNYMmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85YzVmMDYtNTlhNy00NTg4LWFjMjgt
ZWZkMjBmNmMyZWMzLzEvd25sMkpIN1RSNVN1aWw1NHdTY1NRem9rdXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85YzVmMDYtNTlhNy00NTg4LWFjMjgtZWZkMjBmNmMyZWMz
LzEvTTAtZmc5TFhUQXdQMEEybk5WZVBjMzNYMmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzY7MA0G
CSqGSIb3DQEBCwUAA4IBAQCVr+53So1v3omCUNHQe9lOtMFIrRarQosYPLpPz97N
ATMV+UDeg21U5g2w7JdNFvOOCsa2id5nHLkh5T5HwnRUb9yvofokLvV6wObepHbB
Jy3BYNqFRC7i9aAECBwhHdt9wH6hVMNPlqOr7rVUbcH2CG4/i2HfLPywq4Nnz+DM
BG+yoInQbC2IJGgWDwisWYNQxTi1TCp9DG6RAHLk0pSwJy57Vb0+SUUbi5/H1+1I
bD0q+s7BIZwlFAhnro6lwcbXxEjuhShjm1Z73lFpMqWYRadgQg9iHDdpGh3DzUm4
Tk4jl+8Ly/HRnRB4upSJ4MuWQFN5NBNa+l945RR/zWLJ
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:12:07 2025 by rpki-client