Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/WkET5-vOeTE1y9efY86I3Blguow.roa
File: WkET5-vOeTE1y9efY86I3Blguow.roa (raw, json)
Hash identifier: txYbvR2C9z8rKdBy8VX5xhP1rVzUMWtTzNa4pxz5aX4=
Subject key identifier: 5A:41:13:E7:EB:CE:79:31:35:CB:D7:9F:63:CE:88:DC:19:60:BA:8C
Certificate issuer: /CN=ac21a0182d6664a8cff9e9e0170b692168cef950
Certificate serial: 018682F0F674977273A91F26B23ACA83791D
Authority key identifier: AC:21:A0:18:2D:66:64:A8:CF:F9:E9:E0:17:0B:69:21:68:CE:F9:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCGgGC1mZKjP-engFwtpIWjO-VA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/WkET5-vOeTE1y9efY86I3Blguow.roa
Signing time: Fri 24 Feb 2023 10:21:14 +0000
ROA not before: Fri 24 Feb 2023 10:21:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136923
IP address blocks: 213.173.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:f0:f6:74:97:72:73:a9:1f:26:b2:3a:ca:83:79:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac21a0182d6664a8cff9e9e0170b692168cef950
Validity
Not Before: Feb 24 10:21:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a4113e7ebce793135cbd79f63ce88dc1960ba8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3b:76:3e:db:94:1d:4a:69:47:fb:87:02:ff:
86:06:4f:11:8b:7a:77:b4:2d:c6:97:74:c3:d1:b8:
62:ad:d3:6c:74:65:fc:9c:8b:46:6d:7e:c5:b3:a6:
71:4a:65:c9:86:a2:24:ea:ff:39:e7:c3:76:90:c6:
dc:4a:85:25:d6:1a:bd:81:fa:e3:ae:e3:81:97:ab:
90:8c:ea:5f:f3:0d:a2:27:61:2b:2b:39:81:b6:c8:
9c:45:90:f5:c0:b4:35:92:2a:b7:38:8d:31:d7:1b:
b7:9b:14:a9:c5:d7:76:ec:ea:0d:86:a1:f3:d4:49:
c3:eb:eb:6f:52:48:48:cf:aa:60:95:fc:55:d5:f8:
5d:7d:18:d7:cd:36:b4:6a:66:8f:be:6a:f6:2d:34:
a9:79:74:60:23:b3:01:0e:37:17:2b:bc:43:ff:9d:
08:57:54:14:cd:81:30:f1:ee:b0:a7:17:b1:3e:d0:
b4:15:36:5c:d1:ae:74:e6:d4:e9:03:b4:5a:3c:75:
1c:cf:3d:fd:e6:fc:09:32:95:6a:78:f6:a1:08:b1:
7a:be:92:8d:13:9d:31:ac:75:44:a6:e8:7c:5c:49:
25:31:59:8a:55:ca:d6:e1:29:e5:e6:e9:4d:9a:f3:
d4:6f:3f:c8:ed:cf:3d:d5:59:96:ed:57:cb:83:be:
45:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:41:13:E7:EB:CE:79:31:35:CB:D7:9F:63:CE:88:DC:19:60:BA:8C
X509v3 Authority Key Identifier:
keyid:AC:21:A0:18:2D:66:64:A8:CF:F9:E9:E0:17:0B:69:21:68:CE:F9:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCGgGC1mZKjP-engFwtpIWjO-VA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/WkET5-vOeTE1y9efY86I3Blguow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/8628b1-4a97-483e-a420-f8ebc42c6691/1/rCGgGC1mZKjP-engFwtpIWjO-VA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.173.38.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:a7:c6:51:11:e8:c1:cc:1a:dc:60:80:dd:ec:6c:50:58:54:
bc:85:bc:4a:49:0c:f7:29:ce:97:1d:b8:9d:0d:43:ad:49:6f:
25:45:5d:28:cb:0a:85:46:7d:35:e0:ac:76:14:14:85:37:51:
2b:84:86:68:d4:9a:d0:d5:33:38:96:7b:4d:78:34:01:2f:94:
63:c2:77:e9:80:e3:6b:a1:fa:7d:b1:5d:d6:02:75:8b:00:d9:
33:eb:fe:23:c6:e5:95:5f:26:24:96:02:5d:1c:c8:05:b8:02:
fd:e6:a5:94:36:01:40:2f:1b:dd:0c:c8:dd:92:30:fb:76:7c:
86:ee:ae:10:1f:cd:24:9a:02:51:39:fb:d2:a5:bb:c5:54:cd:
d3:a7:d7:86:fd:dd:84:c9:db:cd:32:aa:ee:95:ab:38:e2:48:
94:ec:60:30:fc:c5:71:c5:17:77:81:f7:10:e5:e1:80:2a:98:
5d:ff:03:d9:15:89:19:60:0e:45:50:7e:7a:fa:3f:96:1a:ab:
ef:28:58:17:ec:d4:11:ce:18:e9:10:2f:72:02:08:bf:72:57:
08:18:d3:a6:92:de:51:fb:39:cf:a3:0d:fb:93:36:10:98:59:
b5:34:c3:01:fe:ea:6c:6c:3f:9d:d0:5e:38:6f:91:5b:b1:52:
e7:86:c6:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaC8PZ0l3JzqR8msjrKg3kdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjFhMDE4MmQ2NjY0YThjZmY5ZTllMDE3MGI2OTIxNjhj
ZWY5NTAwHhcNMjMwMjI0MTAyMTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQxMTNlN2ViY2U3OTMxMzVjYmQ3OWY2M2NlODhkYzE5NjBiYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDt2PtuUHUppR/uHAv+GBk8Ri3p3
tC3Gl3TD0bhirdNsdGX8nItGbX7Fs6ZxSmXJhqIk6v8558N2kMbcSoUl1hq9gfrj
ruOBl6uQjOpf8w2iJ2ErKzmBtsicRZD1wLQ1kiq3OI0x1xu3mxSpxdd27OoNhqHz
1EnD6+tvUkhIz6pglfxV1fhdfRjXzTa0amaPvmr2LTSpeXRgI7MBDjcXK7xD/50I
V1QUzYEw8e6wpxexPtC0FTZc0a505tTpA7RaPHUczz395vwJMpVqePahCLF6vpKN
E50xrHVEpuh8XEklMVmKVcrW4Snl5ulNmvPUbz/I7c891VmW7VfLg75FewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpBE+frznkxNcvXn2POiNwZYLqMMB8GA1UdIwQY
MBaAFKwhoBgtZmSoz/np4BcLaSFozvlQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNHZ0dDMW1aS2pQLWVuZ0Z3dHBJV2pPLVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS84NjI4YjEtNGE5Ny00ODNlLWE0MjAt
ZjhlYmM0MmM2NjkxLzEvV2tFVDUtdk9lVEUxeTllZlk4NkkzQmxndW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS84NjI4YjEtNGE5Ny00ODNlLWE0MjAtZjhlYmM0MmM2Njkx
LzEvckNHZ0dDMW1aS2pQLWVuZ0Z3dHBJV2pPLVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1a0mMA0G
CSqGSIb3DQEBCwUAA4IBAQCwp8ZREejBzBrcYIDd7GxQWFS8hbxKSQz3Kc6XHbid
DUOtSW8lRV0oywqFRn014Kx2FBSFN1ErhIZo1JrQ1TM4lntNeDQBL5RjwnfpgONr
ofp9sV3WAnWLANkz6/4jxuWVXyYklgJdHMgFuAL95qWUNgFALxvdDMjdkjD7dnyG
7q4QH80kmgJROfvSpbvFVM3Tp9eG/d2EydvNMqrulas44kiU7GAw/MVxxRd3gfcQ
5eGAKphd/wPZFYkZYA5FUH56+j+WGqvvKFgX7NQRzhjpEC9yAgi/clcIGNOmkt5R
+znPow37kzYQmFm1NMMB/upsbD+d0F44b5FbsVLnhsYQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:55 2025 by rpki-client