Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/WponuMlWZtiFOUgzphoJZxWN_iw.roa
File: WponuMlWZtiFOUgzphoJZxWN_iw.roa (raw, json)
Hash identifier: UIQh/CuyVqeX7HcjhL38mDSrWztLseE4bJUkUTwxbUc=
Subject key identifier: 5A:9A:27:B8:C9:56:66:D8:85:39:48:33:A6:1A:09:67:15:8D:FE:2C
Certificate issuer: /CN=6d150b438cc68f62dc15d359593161f799de53af
Certificate serial: 0194258F276E0A37A6D6A63B6F1A642BF59E
Authority key identifier: 6D:15:0B:43:8C:C6:8F:62:DC:15:D3:59:59:31:61:F7:99:DE:53:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bRULQ4zGj2LcFdNZWTFh95neU68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/WponuMlWZtiFOUgzphoJZxWN_iw.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35258
IP address blocks: 46.254.120.0/21 maxlen: 21
83.143.208.0/21 maxlen: 21
83.143.208.0/23 maxlen: 24
83.143.210.0/24 maxlen: 24
87.253.184.0/22 maxlen: 22
91.208.244.0/24 maxlen: 24
185.6.252.0/22 maxlen: 22
185.102.104.0/22 maxlen: 22
185.102.105.0/24 maxlen: 24
185.102.106.0/23 maxlen: 23
195.85.38.0/24 maxlen: 24
195.85.72.0/23 maxlen: 23
213.238.48.0/23 maxlen: 23
2a00:e400::/29 maxlen: 29
2a06:23c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:27:6e:0a:37:a6:d6:a6:3b:6f:1a:64:2b:f5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d150b438cc68f62dc15d359593161f799de53af
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a9a27b8c95666d885394833a61a0967158dfe2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d4:5c:3d:9f:73:36:16:31:5f:1f:f1:1a:89:
69:7b:10:97:ca:8f:e7:02:e1:ab:11:21:93:59:0e:
86:b3:1e:bc:7f:7f:88:d6:1f:16:16:29:bd:80:3d:
70:b1:11:af:3f:a0:81:83:3e:fb:48:61:d2:b0:88:
40:01:87:4a:4c:08:00:10:71:58:c3:5f:ab:7d:e7:
f7:e0:a3:b4:8f:31:2a:ad:fc:ce:46:83:ef:13:0b:
5a:c9:b6:70:b6:dc:5e:d2:b2:c5:54:5d:ab:54:f8:
6e:a9:e6:5a:c9:4a:14:24:12:9b:9f:d6:f9:09:64:
ec:5c:df:16:39:5d:28:e4:7c:12:2c:ec:9f:e5:9c:
75:49:a5:9c:61:2c:e8:f8:7d:c7:70:a7:46:ef:35:
6e:92:07:92:f1:a8:4f:14:b6:39:42:39:8d:6c:64:
10:62:35:65:ee:ea:aa:34:fd:58:d8:e6:e1:ec:e6:
f4:00:3a:9b:9e:48:b4:b4:fd:77:5e:cb:30:38:b3:
b1:d9:88:3e:87:2b:c9:25:0d:9d:ee:f5:56:e2:fe:
db:70:36:27:63:1d:6f:90:f5:37:84:df:1f:5e:d7:
f9:59:c3:7b:49:9b:0d:83:3f:0c:f7:21:d9:64:85:
0f:57:fc:22:e8:af:a2:24:0f:b5:28:73:61:eb:3d:
64:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9A:27:B8:C9:56:66:D8:85:39:48:33:A6:1A:09:67:15:8D:FE:2C
X509v3 Authority Key Identifier:
keyid:6D:15:0B:43:8C:C6:8F:62:DC:15:D3:59:59:31:61:F7:99:DE:53:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bRULQ4zGj2LcFdNZWTFh95neU68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/WponuMlWZtiFOUgzphoJZxWN_iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/bRULQ4zGj2LcFdNZWTFh95neU68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.120.0/21
83.143.208.0/21
87.253.184.0/22
91.208.244.0/24
185.6.252.0/22
185.102.104.0/22
195.85.38.0/24
195.85.72.0/23
213.238.48.0/23
IPv6:
2a00:e400::/29
2a06:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:09:3e:e0:bb:bf:a5:5c:8e:e9:e9:17:0b:71:f9:aa:2f:83:
58:9f:03:1e:4a:78:c3:7f:3a:66:e6:73:28:41:f5:25:d3:5f:
09:a9:6b:35:d0:2e:8c:21:c9:7d:aa:b0:75:be:93:8a:f6:17:
31:0c:40:fa:cb:02:b4:f6:f7:ff:22:fa:b6:aa:3d:b9:be:d4:
f9:5c:2a:25:00:ff:36:5b:0b:71:69:38:fc:b7:38:81:a7:4a:
32:ec:15:b3:1e:37:f7:d3:10:33:a6:34:ff:76:2a:3b:50:45:
70:c4:a3:82:92:1c:ce:64:a5:ff:4d:50:be:71:b0:1c:57:df:
37:91:43:39:e5:70:cd:f0:c5:18:40:a1:c8:1d:27:58:36:40:
31:16:e6:6f:93:33:04:e3:a1:f1:df:69:c6:49:36:32:b8:9d:
92:a7:9b:0c:0d:01:24:e9:81:38:52:f0:b7:25:35:7d:18:21:
c6:fc:3b:2e:f6:6a:ff:69:78:83:d1:1f:79:9b:7f:2b:15:49:
5f:4c:01:eb:49:5e:b5:43:10:d9:6a:be:b2:80:16:57:28:d0:
1d:10:0d:ef:32:98:31:9c:d5:0f:84:98:ba:3c:89:96:1f:fb:
6d:72:74:66:f2:39:d4:5a:88:36:47:ca:6a:18:38:73:b7:99:
9e:bf:92:72
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQljyduCjem1qY7bxpkK/WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMTUwYjQzOGNjNjhmNjJkYzE1ZDM1OTU5MzE2MWY3OTlk
ZTUzYWYwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTlhMjdiOGM5NTY2NmQ4ODUzOTQ4MzNhNjFhMDk2NzE1OGRmZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9RcPZ9zNhYxXx/xGolpexCXyo/n
AuGrESGTWQ6Gsx68f3+I1h8WFim9gD1wsRGvP6CBgz77SGHSsIhAAYdKTAgAEHFY
w1+rfef34KO0jzEqrfzORoPvEwtaybZwttxe0rLFVF2rVPhuqeZayUoUJBKbn9b5
CWTsXN8WOV0o5HwSLOyf5Zx1SaWcYSzo+H3HcKdG7zVukgeS8ahPFLY5QjmNbGQQ
YjVl7uqqNP1Y2Obh7Ob0ADqbnki0tP13XsswOLOx2Yg+hyvJJQ2d7vVW4v7bcDYn
Yx1vkPU3hN8fXtf5WcN7SZsNgz8M9yHZZIUPV/wi6K+iJA+1KHNh6z1kXQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFqaJ7jJVmbYhTlIM6YaCWcVjf4sMB8GA1UdIwQY
MBaAFG0VC0OMxo9i3BXTWVkxYfeZ3lOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlJVTFE0ekdqMkxjRmROWldURmg5NW5lVTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yZmE4NmYtN2Y0ZS00YWFiLTlkZmQt
MWIzZDk4YmVmMWU5LzEvV3BvbnVNbFdadGlGT1VnenBob0paeFdOX2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yZmE4NmYtN2Y0ZS00YWFiLTlkZmQtMWIzZDk4YmVmMWU5
LzEvYlJVTFE0ekdqMkxjRmROWldURmg5NW5lVTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLv54AwQD
U4/QAwQCV/24AwQAW9D0AwQCuQb8AwQCuWZoAwQAw1UmAwQBw1VIAwQB1e4wMBQE
AgACMA4DBQMqAOQAAwUDKgYjwDANBgkqhkiG9w0BAQsFAAOCAQEAoAk+4Lu/pVyO
6ekXC3H5qi+DWJ8DHkp4w386ZuZzKEH1JdNfCalrNdAujCHJfaqwdb6TivYXMQxA
+ssCtPb3/yL6tqo9ub7U+VwqJQD/NlsLcWk4/Lc4gadKMuwVsx4399MQM6Y0/3Yq
O1BFcMSjgpIczmSl/01QvnGwHFffN5FDOeVwzfDFGEChyB0nWDZAMRbmb5MzBOOh
8d9pxkk2MridkqebDA0BJOmBOFLwtyU1fRghxvw7LvZq/2l4g9EfeZt/KxVJX0wB
60letUMQ2Wq+soAWVyjQHRAN7zKYMZzVD4SYujyJlh/7bXJ0ZvI51FqINkfKahg4
c7eZnr+Scg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:33 2025 by rpki-client