Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/wfzCH1I_jaacEoQG0qX5DBfYP5Q.roa
File: wfzCH1I_jaacEoQG0qX5DBfYP5Q.roa (raw, json)
Hash identifier: lkjeD8VK2uApBBO5OoQq9Fe2IWIHnY1S+YXHFJmJj3M=
Subject key identifier: C1:FC:C2:1F:52:3F:8D:A6:9C:12:84:06:D2:A5:F9:0C:17:D8:3F:94
Certificate issuer: /CN=07733fc63b8f1880e5c0af6b4643d1e32181d7a5
Certificate serial: 01941F8C5B369243CC1F90D80A26E1113054
Authority key identifier: 07:73:3F:C6:3B:8F:18:80:E5:C0:AF:6B:46:43:D1:E3:21:81:D7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3M_xjuPGIDlwK9rRkPR4yGB16U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/wfzCH1I_jaacEoQG0qX5DBfYP5Q.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28932
IP address blocks: 194.113.176.0/24 maxlen: 32
194.113.177.0/24 maxlen: 32
194.113.178.0/24 maxlen: 32
194.113.179.0/24 maxlen: 32
195.22.136.0/24 maxlen: 32
195.22.137.0/24 maxlen: 32
195.49.156.0/24 maxlen: 32
195.49.157.0/24 maxlen: 32
195.49.158.0/24 maxlen: 32
195.49.159.0/24 maxlen: 32
195.238.160.0/24 maxlen: 32
195.238.161.0/24 maxlen: 32
195.238.162.0/24 maxlen: 32
195.238.163.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5b:36:92:43:cc:1f:90:d8:0a:26:e1:11:30:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07733fc63b8f1880e5c0af6b4643d1e32181d7a5
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1fcc21f523f8da69c128406d2a5f90c17d83f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ac:31:23:ab:04:b6:4d:88:36:b1:d6:08:f7:
dd:b0:3b:0d:e5:a0:18:60:79:b8:aa:99:ca:f7:e5:
2e:9c:c3:ce:c9:3e:be:28:9c:cd:24:d8:14:a4:34:
e2:79:77:90:df:7d:d5:4f:ec:f9:04:43:ab:b0:e4:
a4:2f:4d:fd:ad:d0:e0:ec:04:12:c1:e0:51:c5:90:
81:73:ca:d2:fc:ec:c2:c7:5f:92:b8:dd:27:56:7b:
5b:4c:c8:6f:3b:ff:62:9c:f2:74:9c:4d:bc:d6:d3:
a2:95:4f:0c:a1:1e:18:4b:ea:d8:d1:bc:94:ca:37:
23:37:de:a6:ea:59:4a:85:1d:67:e4:5c:75:1c:c9:
e5:9a:70:86:1c:76:26:f9:8c:cf:84:13:70:6e:3c:
00:f3:84:fa:9a:18:79:ce:1f:d0:82:25:95:01:02:
fd:c4:e8:a2:e8:67:a7:4c:c0:48:24:27:7d:b2:74:
38:63:63:c3:32:25:da:95:16:c8:e5:fc:58:6a:46:
09:c9:db:1a:0e:50:8d:c7:b9:f5:e3:6a:8f:6b:1f:
c2:af:ae:70:37:e5:15:ac:c1:10:fd:aa:75:e4:0a:
9e:c1:12:3a:1d:4f:79:97:11:12:9c:1a:e0:d6:53:
78:6a:f5:27:db:97:9d:1d:77:73:19:0b:d4:59:22:
db:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FC:C2:1F:52:3F:8D:A6:9C:12:84:06:D2:A5:F9:0C:17:D8:3F:94
X509v3 Authority Key Identifier:
keyid:07:73:3F:C6:3B:8F:18:80:E5:C0:AF:6B:46:43:D1:E3:21:81:D7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3M_xjuPGIDlwK9rRkPR4yGB16U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/wfzCH1I_jaacEoQG0qX5DBfYP5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/c383cb-33ea-43cf-8e2e-14d07bd1889c/1/B3M_xjuPGIDlwK9rRkPR4yGB16U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.176.0/22
195.22.136.0/23
195.49.156.0/22
195.238.160.0/22
Signature Algorithm: sha256WithRSAEncryption
93:ca:df:4b:f3:c7:46:aa:5d:32:09:02:28:05:cd:2c:76:dc:
84:07:9c:3f:14:8e:48:67:c4:72:9d:ad:dc:52:21:fc:3a:39:
f5:21:52:c4:5a:4d:7d:cc:2f:15:e5:20:3e:ca:24:b8:ff:26:
45:be:95:4e:b0:5f:4f:70:ab:92:db:67:ac:f8:1e:09:13:02:
bf:e2:6b:c6:c3:e8:1d:d7:11:b3:76:99:4b:44:52:65:5e:65:
2f:b6:5d:f2:80:93:90:38:34:a9:33:a8:7e:a9:46:5f:73:ce:
8b:9a:2d:85:5d:53:4a:5a:3a:e3:07:bc:99:25:f6:af:bf:8a:
f5:3b:d5:db:b7:4c:39:b0:53:56:36:27:15:9d:f4:44:bf:ad:
0f:46:5c:5c:52:b4:a8:fc:55:73:3f:e5:09:8d:5e:82:4e:f8:
d6:bf:f7:7b:0a:95:f4:77:5f:0b:ba:98:e1:b4:55:cf:04:26:
d8:0c:81:4e:f4:2f:ee:dd:d1:22:d4:c8:ea:98:bb:55:66:fc:
97:63:67:d2:d0:ec:0c:b8:77:fe:72:34:e5:61:4f:8e:c2:02:
bc:6a:94:b8:42:ec:04:f3:cc:a8:25:9b:5f:ad:41:53:93:84:
30:a5:69:e9:f2:a5:87:eb:5b:53:84:5d:3b:5c:97:33:1f:1f:
42:a7:74:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjFs2kkPMH5DYCibhETBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NzMzZmM2M2I4ZjE4ODBlNWMwYWY2YjQ2NDNkMWUzMjE4
MWQ3YTUwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZjYzIxZjUyM2Y4ZGE2OWMxMjg0MDZkMmE1ZjkwYzE3ZDgzZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qwxI6sEtk2INrHWCPfdsDsN5aAY
YHm4qpnK9+UunMPOyT6+KJzNJNgUpDTieXeQ333VT+z5BEOrsOSkL039rdDg7AQS
weBRxZCBc8rS/OzCx1+SuN0nVntbTMhvO/9inPJ0nE281tOilU8MoR4YS+rY0byU
yjcjN96m6llKhR1n5Fx1HMnlmnCGHHYm+YzPhBNwbjwA84T6mhh5zh/QgiWVAQL9
xOii6GenTMBIJCd9snQ4Y2PDMiXalRbI5fxYakYJydsaDlCNx7n142qPax/Cr65w
N+UVrMEQ/ap15AqewRI6HU95lxESnBrg1lN4avUn25edHXdzGQvUWSLbNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMH8wh9SP42mnBKEBtKl+QwX2D+UMB8GA1UdIwQY
MBaAFAdzP8Y7jxiA5cCva0ZD0eMhgdelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjNNX3hqdVBHSURsd0s5clJrUFI0eUdCMTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jMzgzY2ItMzNlYS00M2NmLThlMmUt
MTRkMDdiZDE4ODljLzEvd2Z6Q0gxSV9qYWFjRW9RRzBxWDVEQmZZUDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9jMzgzY2ItMzNlYS00M2NmLThlMmUtMTRkMDdiZDE4ODlj
LzEvQjNNX3hqdVBHSURsd0s5clJrUFI0eUdCMTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwnGwAwQB
wxaIAwQCwzGcAwQCw+6gMA0GCSqGSIb3DQEBCwUAA4IBAQCTyt9L88dGql0yCQIo
Bc0sdtyEB5w/FI5IZ8Ryna3cUiH8Ojn1IVLEWk19zC8V5SA+yiS4/yZFvpVOsF9P
cKuS22es+B4JEwK/4mvGw+gd1xGzdplLRFJlXmUvtl3ygJOQODSpM6h+qUZfc86L
mi2FXVNKWjrjB7yZJfavv4r1O9Xbt0w5sFNWNicVnfREv60PRlxcUrSo/FVzP+UJ
jV6CTvjWv/d7CpX0d18LupjhtFXPBCbYDIFO9C/u3dEi1MjqmLtVZvyXY2fS0OwM
uHf+cjTlYU+OwgK8apS4QuwE88yoJZtfrUFTk4QwpWnp8qWH61tThF07XJczHx9C
p3SR
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:02 2025 by rpki-client