Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/wGg8NKByP-F8-49JwKsHJej-0ks.roa
File: wGg8NKByP-F8-49JwKsHJej-0ks.roa (raw, json)
Hash identifier: 6NeYKXnfUfbfp0JVHojhaiZ+F9KjenhMqxsTxiHArrw=
Subject key identifier: C0:68:3C:34:A0:72:3F:E1:7C:FB:8F:49:C0:AB:07:25:E8:FE:D2:4B
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 019421B1ABCBF3EA4482BDC35528F57FC43C
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/wGg8NKByP-F8-49JwKsHJej-0ks.roa
Signing time: Wed 01 Jan 2025 11:47:59 +0000
ROA not before: Wed 01 Jan 2025 11:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 45.132.248.0/22 maxlen: 24
46.247.245.0/24 maxlen: 24
46.247.247.0/24 maxlen: 24
79.132.145.0/24 maxlen: 24
79.132.151.0/24 maxlen: 24
79.132.153.0/24 maxlen: 24
79.132.154.0/24 maxlen: 24
85.112.211.0/24 maxlen: 24
86.105.91.0/24 maxlen: 24
86.107.248.0/21 maxlen: 24
86.107.255.0/24 maxlen: 24
89.43.156.0/22 maxlen: 24
185.183.63.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ab:cb:f3:ea:44:82:bd:c3:55:28:f5:7f:c4:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 1 11:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0683c34a0723fe17cfb8f49c0ab0725e8fed24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:35:fa:92:66:42:8f:d4:7c:2e:85:3a:9f:f3:
6a:09:9d:41:fa:58:4b:be:15:1b:cd:af:d4:47:1a:
57:a0:7b:85:cb:71:bd:4d:d4:86:ef:1a:af:c2:41:
aa:f8:9b:54:24:55:7c:22:22:e7:93:86:77:52:a5:
4f:48:83:90:50:05:63:f6:6d:d7:89:6d:a0:f4:ee:
0d:fe:6f:e8:50:58:cb:a4:01:1d:39:4f:8b:d3:59:
69:14:1b:5b:76:71:5e:aa:83:e7:77:0b:7f:97:32:
ed:d2:6a:74:76:16:da:2a:88:f8:91:41:44:59:cd:
8b:1f:0b:2f:f6:e7:48:e4:e7:43:49:df:ea:22:8a:
2e:2c:7b:e4:4f:a7:72:2d:74:ed:e0:ee:5d:d4:48:
a0:2d:8c:70:5b:2a:ab:9f:1a:ba:41:df:b3:76:39:
3a:5a:43:3b:64:8e:5f:12:6c:87:da:84:eb:3d:11:
88:47:c6:25:6b:2d:c9:ec:ae:f5:b4:da:40:7c:ec:
28:97:fd:ba:c5:00:fb:32:12:a5:a6:38:a1:17:5c:
23:e2:58:81:d8:39:af:c6:f9:e1:7b:98:28:6e:99:
5c:0d:ce:58:0f:cc:ca:12:ac:1e:b0:c2:54:96:c6:
e4:9b:00:9b:93:59:14:20:ca:b1:e1:9f:ba:b8:08:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:68:3C:34:A0:72:3F:E1:7C:FB:8F:49:C0:AB:07:25:E8:FE:D2:4B
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/wGg8NKByP-F8-49JwKsHJej-0ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.248.0/22
46.247.245.0/24
46.247.247.0/24
79.132.145.0/24
79.132.151.0/24
79.132.153.0-79.132.154.255
85.112.211.0/24
86.105.91.0/24
86.107.248.0/21
89.43.156.0/22
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:e7:78:88:59:6a:45:c5:61:bd:e2:3d:aa:7f:90:55:5a:13:
34:47:46:12:18:21:0b:c3:1d:20:ec:6f:3b:94:bf:0b:38:b5:
70:e9:63:df:fc:08:a2:7d:38:26:5a:55:7c:6d:75:52:0f:77:
4c:7a:02:ff:c0:0f:db:16:88:ac:9d:65:4d:48:d9:84:8a:ed:
18:8d:43:db:11:d0:c2:38:db:6d:48:22:0e:8f:9e:fa:fc:0e:
41:7d:71:35:4c:70:48:8d:31:54:94:5d:e3:b0:61:af:46:08:
cd:d6:b5:e3:88:9f:8c:ec:99:91:c4:3f:a1:c1:3e:93:57:67:
32:ea:f5:e5:e9:a5:fa:13:44:71:1f:46:16:97:b3:3d:47:7b:
c5:90:b8:50:71:d2:49:2e:68:df:dc:6a:b1:d7:aa:cf:fb:72:
86:11:1c:90:a7:a5:3b:db:66:ee:8a:5b:39:b1:f9:c3:31:36:
f3:7f:ca:dd:d8:d9:b8:76:57:c9:80:f5:25:5f:20:c2:03:42:
bc:8d:02:98:31:f6:ff:30:b8:e6:7d:c6:50:43:2c:55:b7:1b:
8d:8c:68:6d:e4:14:a6:96:b1:7b:d4:b8:0c:80:26:d0:96:3e:
6d:58:de:df:98:ea:46:75:1e:2a:25:21:41:fc:b2:57:8c:5c:
f5:0a:95:e2
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQhsavL8+pEgr3DVSj1f8Q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjUwMTAxMTE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDY4M2MzNGEwNzIzZmUxN2NmYjhmNDljMGFiMDcyNWU4ZmVkMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjX6kmZCj9R8LoU6n/NqCZ1B+lhL
vhUbza/URxpXoHuFy3G9TdSG7xqvwkGq+JtUJFV8IiLnk4Z3UqVPSIOQUAVj9m3X
iW2g9O4N/m/oUFjLpAEdOU+L01lpFBtbdnFeqoPndwt/lzLt0mp0dhbaKoj4kUFE
Wc2LHwsv9udI5OdDSd/qIoouLHvkT6dyLXTt4O5d1EigLYxwWyqrnxq6Qd+zdjk6
WkM7ZI5fEmyH2oTrPRGIR8Ylay3J7K71tNpAfOwol/26xQD7MhKlpjihF1wj4liB
2Dmvxvnhe5gobplcDc5YD8zKEqwesMJUlsbkmwCbk1kUIMqx4Z+6uAhbsQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFMBoPDSgcj/hfPuPScCrByXo/tJLMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvd0dnOE5LQnlQLUY4LTQ5SndLc0hKZWotMGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQCLYT4AwQA
Lvf1AwQALvf3AwQAT4SRAwQAT4SXMAwDBABPhJkDBABPhJoDBABVcNMDBABWaVsD
BANWa/gDBAJZK5wDBAC5tz8DBAC535QwDQYJKoZIhvcNAQELBQADggEBAAzneIhZ
akXFYb3iPap/kFVaEzRHRhIYIQvDHSDsbzuUvws4tXDpY9/8CKJ9OCZaVXxtdVIP
d0x6Av/AD9sWiKydZU1I2YSK7RiNQ9sR0MI4221IIg6Pnvr8DkF9cTVMcEiNMVSU
XeOwYa9GCM3WteOIn4zsmZHEP6HBPpNXZzLq9eXppfoTRHEfRhaXsz1He8WQuFBx
0kkuaN/carHXqs/7coYRHJCnpTvbZu6KWzmx+cMxNvN/yt3Y2bh2V8mA9SVfIMID
QryNApgx9v8wuOZ9xlBDLFW3G42MaG3kFKaWsXvUuAyAJtCWPm1Y3t+Y6kZ1Hiol
IUH8sleMXPUKleI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:48:58 2025 by rpki-client