Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/WRS-brAFG-by_C9RjsMMrEx9vXI.roa
File: WRS-brAFG-by_C9RjsMMrEx9vXI.roa (raw, json)
Hash identifier: IP1dzMDGQpK+WL176hU7nbKRTUB6In+5oZ5uKr4NAoo=
Subject key identifier: 59:14:BE:6E:B0:05:1B:E6:F2:FC:2F:51:8E:C3:0C:AC:4C:7D:BD:72
Certificate issuer: /CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Certificate serial: 01856D0183B2FDB86C7CDEB39B38FEF32A08
Authority key identifier: 3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/WRS-brAFG-by_C9RjsMMrEx9vXI.roa
Signing time: Sun 01 Jan 2023 11:04:53 +0000
ROA not before: Sun 01 Jan 2023 11:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 185.10.112.0/22 maxlen: 24
178.20.144.0/21 maxlen: 24
88.85.224.0/19 maxlen: 24
46.235.88.0/21 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.160.0/24 maxlen: 24
176.241.184.0/21 maxlen: 24
212.12.178.0/24 maxlen: 24
212.12.182.0/24 maxlen: 24
88.85.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:83:b2:fd:b8:6c:7c:de:b3:9b:38:fe:f3:2a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Validity
Not Before: Jan 1 11:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5914be6eb0051be6f2fc2f518ec30cac4c7dbd72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:99:ca:3c:7a:e1:70:f7:2a:f0:c8:5a:8e:56:
9d:58:e5:07:48:7b:09:22:a7:8a:df:13:71:bc:0a:
74:a7:dd:f2:b0:60:e9:e0:74:08:af:c5:7c:19:36:
a9:2f:b5:ec:35:c8:4c:8c:98:3d:86:56:ce:55:6e:
c6:86:a5:4d:6f:54:05:11:ab:33:69:f0:b6:43:d8:
a8:97:1a:5b:55:16:f5:f6:97:aa:5d:2b:55:47:42:
b0:69:5c:3e:c6:79:f4:aa:71:0d:b4:35:fc:4c:0b:
42:e4:3f:66:44:85:69:6a:dc:5c:4b:52:45:4a:8f:
52:37:34:f4:8a:6d:73:df:1c:ba:b0:d3:b6:ec:a5:
4e:a3:88:a4:76:ef:f0:f8:f5:d4:02:3f:17:6f:0c:
7d:b4:0c:01:51:fe:b5:b6:74:b7:ff:8d:87:6c:d0:
c5:06:fb:d9:6a:31:ab:a3:40:50:7e:21:78:54:98:
47:98:11:51:a2:d6:2d:4f:51:2e:72:65:dc:c5:20:
65:b7:e6:7c:4f:74:e8:f8:eb:c6:9c:8f:8c:26:ee:
85:a4:24:43:1e:a6:fe:cc:a0:6f:48:a6:d8:3e:bf:
71:16:c9:7e:05:b6:0d:61:72:78:89:06:8b:04:75:
f6:19:75:27:45:4e:4d:dd:69:e9:5b:dc:d9:f4:d8:
9a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:14:BE:6E:B0:05:1B:E6:F2:FC:2F:51:8E:C3:0C:AC:4C:7D:BD:72
X509v3 Authority Key Identifier:
keyid:3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/WRS-brAFG-by_C9RjsMMrEx9vXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/OxFYOsoegFn9MeJn6DAtDC_gCNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
88.85.224.0/19
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
212.12.160.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:ee:c7:a2:2a:5d:48:06:be:e5:7c:43:4e:9c:a7:d8:23:f5:
17:db:07:fb:5f:51:9e:fc:19:54:6c:9e:ba:d3:9b:b1:fa:ba:
aa:d4:e5:a2:1e:55:93:fe:09:b9:f9:84:03:13:2a:9c:42:72:
80:11:81:50:21:53:3d:fe:b2:de:83:47:ae:98:b5:45:5b:3e:
63:76:5e:e1:c8:5c:26:bf:e2:44:db:c0:cc:92:14:21:7e:5e:
8f:ac:a3:15:3c:fc:4d:f0:a8:77:d9:17:24:54:a5:18:8b:d9:
fe:36:1b:98:fd:24:45:d0:a3:c9:7d:dd:50:8d:a0:65:90:1c:
1b:f6:a1:7d:09:22:e6:f2:de:a1:1e:53:14:30:33:a3:b7:7b:
1e:cb:c2:04:2b:c1:58:f8:99:d2:41:04:eb:e8:54:97:12:22:
f7:cb:48:ba:6f:11:d3:eb:e0:13:75:bb:47:6f:63:56:ea:3c:
b9:67:e6:bd:ff:49:97:a9:de:ba:22:c4:66:dc:38:7a:c7:0e:
77:d8:76:0a:2a:02:69:7a:2d:22:30:e8:92:f6:59:b3:53:42:
4c:42:8c:05:c8:72:dd:f6:c6:61:b3:21:0e:04:c5:49:eb:c0:
da:34:86:5c:69:14:e8:0e:5d:68:b9:aa:b3:b1:48:40:ee:b9:
78:b5:9d:db
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtAYOy/bhsfN6zmzj+8yoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTE1ODNhY2ExZTgwNTlmZDMxZTI2N2U4MzAyZDBjMmZl
MDA4ZDYwHhcNMjMwMTAxMTEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTE0YmU2ZWIwMDUxYmU2ZjJmYzJmNTE4ZWMzMGNhYzRjN2RiZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5nKPHrhcPcq8MhajladWOUHSHsJ
IqeK3xNxvAp0p93ysGDp4HQIr8V8GTapL7XsNchMjJg9hlbOVW7GhqVNb1QFEasz
afC2Q9iolxpbVRb19peqXStVR0KwaVw+xnn0qnENtDX8TAtC5D9mRIVpatxcS1JF
So9SNzT0im1z3xy6sNO27KVOo4ikdu/w+PXUAj8Xbwx9tAwBUf61tnS3/42HbNDF
BvvZajGro0BQfiF4VJhHmBFRotYtT1EucmXcxSBlt+Z8T3To+OvGnI+MJu6FpCRD
Hqb+zKBvSKbYPr9xFsl+BbYNYXJ4iQaLBHX2GXUnRU5N3WnpW9zZ9NiaDQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFkUvm6wBRvm8vwvUY7DDKxMfb1yMB8GA1UdIwQY
MBaAFDsRWDrKHoBZ/THiZ+gwLQwv4AjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEt
ZGNlMGQwYWU2NzAzLzEvV1JTLWJyQUZHLWJ5X0M5UmpzTU1yRXg5dlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEtZGNlMGQwYWU2NzAz
LzEvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLutYAwQF
WFXgAwQDsPG4AwQDshSQAwQCuQpwAwQF1AygMA0GCSqGSIb3DQEBCwUAA4IBAQCK
7seiKl1IBr7lfENOnKfYI/UX2wf7X1Ge/BlUbJ6605ux+rqq1OWiHlWT/gm5+YQD
EyqcQnKAEYFQIVM9/rLeg0eumLVFWz5jdl7hyFwmv+JE28DMkhQhfl6PrKMVPPxN
8Kh32RckVKUYi9n+NhuY/SRF0KPJfd1QjaBlkBwb9qF9CSLm8t6hHlMUMDOjt3se
y8IEK8FY+JnSQQTr6FSXEiL3y0i6bxHT6+ATdbtHb2NW6jy5Z+a9/0mXqd66IsRm
3Dh6xw532HYKKgJpei0iMOiS9lmzU0JMQowFyHLd9sZhsyEOBMVJ68DaNIZcaRTo
Dl1ouaqzsUhA7rl4tZ3b
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:06 2025 by rpki-client