Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/WUdfUQA5dA-5cjN65TkIJO_d6Sw.roa
File: WUdfUQA5dA-5cjN65TkIJO_d6Sw.roa (raw, json)
Hash identifier: coTZSSwnnjXqVO0w7qlrLeQ/ziDKW01C6rBJGvF0Izo=
Subject key identifier: 59:47:5F:51:00:39:74:0F:B9:72:33:7A:E5:39:08:24:EF:DD:E9:2C
Certificate issuer: /CN=4709b8553b8679edb4238505d23e460e65ece5a3
Certificate serial: 01856D5D2AF0D45C97B84A8C479FEBC10FAE
Authority key identifier: 47:09:B8:55:3B:86:79:ED:B4:23:85:05:D2:3E:46:0E:65:EC:E5:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rwm4VTuGee20I4UF0j5GDmXs5aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/WUdfUQA5dA-5cjN65TkIJO_d6Sw.roa
Signing time: Sun 01 Jan 2023 12:45:00 +0000
ROA not before: Sun 01 Jan 2023 12:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47891
IP address blocks: 185.90.98.0/24 maxlen: 24
185.90.96.0/24 maxlen: 24
185.90.97.0/24 maxlen: 24
91.206.156.0/24 maxlen: 24
185.90.99.0/24 maxlen: 24
91.206.157.0/24 maxlen: 24
91.229.231.0/24 maxlen: 24
91.229.230.0/24 maxlen: 24
2a05:df00::/29 maxlen: 29
2a05:df01:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:2a:f0:d4:5c:97:b8:4a:8c:47:9f:eb:c1:0f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4709b8553b8679edb4238505d23e460e65ece5a3
Validity
Not Before: Jan 1 12:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59475f510039740fb972337ae5390824efdde92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:bd:ce:a4:87:ec:d8:67:a8:0c:c6:9b:00:
fa:a6:36:42:b5:de:c5:b1:2a:89:b3:d2:b4:b8:fc:
1d:74:9f:ff:31:38:29:33:f3:f5:31:4d:e4:63:7a:
ba:8f:6e:a3:3e:5f:41:30:a3:c9:6c:1f:f4:2c:b7:
a2:65:26:d3:14:62:45:c0:ab:0f:75:4c:33:c8:63:
a3:dd:66:6a:58:35:2f:df:38:3d:08:98:6f:be:a8:
1c:17:0a:94:52:a4:75:75:c1:46:99:ac:db:57:dd:
b7:4f:fa:77:bc:03:34:ea:be:0f:77:0b:b8:8b:24:
d6:19:8c:88:00:09:7a:0a:69:52:07:75:fb:ce:c1:
0d:71:29:dc:25:1e:93:cb:cc:d4:2d:1a:22:5a:1f:
57:8c:39:01:95:d5:33:24:8d:de:65:5b:0b:5e:22:
d8:b3:a4:7c:bb:69:b8:03:97:1c:a8:ac:f7:9f:04:
8c:02:9e:65:e4:6a:3e:b4:53:a1:2c:fb:8f:7e:b3:
9e:62:22:a3:28:f6:fb:64:ba:7a:cc:e2:d2:13:7d:
d2:00:8e:a0:6d:64:c0:b1:d4:7d:e6:69:b0:39:95:
65:bc:f2:67:a2:31:40:2c:35:2a:60:4b:f1:2b:4a:
b1:91:1f:e2:d2:9f:10:5f:c5:db:a4:f6:f5:4a:db:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:47:5F:51:00:39:74:0F:B9:72:33:7A:E5:39:08:24:EF:DD:E9:2C
X509v3 Authority Key Identifier:
keyid:47:09:B8:55:3B:86:79:ED:B4:23:85:05:D2:3E:46:0E:65:EC:E5:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rwm4VTuGee20I4UF0j5GDmXs5aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/WUdfUQA5dA-5cjN65TkIJO_d6Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/Rwm4VTuGee20I4UF0j5GDmXs5aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.156.0/23
91.229.230.0/23
185.90.96.0/22
IPv6:
2a05:df00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:e6:5a:97:31:a8:50:00:80:4b:af:c3:e7:2f:06:29:3e:22:
d9:c8:7f:19:0a:a1:f5:15:85:87:bf:08:d1:c3:6b:91:28:d3:
76:f7:37:4a:20:f0:f4:4f:6f:51:37:f7:48:32:04:80:5f:1f:
68:86:85:2e:a7:63:d3:08:5c:7a:9e:32:4e:c7:e7:60:2a:87:
78:d1:bd:5e:33:cd:41:8f:83:76:dd:57:3f:a2:0c:c8:ce:af:
24:52:7e:18:40:6c:ec:ca:db:1f:82:2b:14:8a:c1:94:ca:3c:
d0:34:08:86:9e:02:2a:55:02:56:ef:45:1b:f7:2c:f3:f9:eb:
d4:96:a1:c7:0d:b0:96:e2:ca:85:1a:eb:5e:5a:8b:1e:87:63:
1a:da:c6:9e:6e:3d:7d:b8:19:d6:d6:59:e0:6d:37:ee:a0:bf:
53:1f:60:a2:ef:d4:5a:82:43:ce:f6:9c:b5:c7:bc:d5:bd:d0:
bf:29:68:70:02:59:fc:f2:13:10:87:79:ca:fb:15:4b:e8:1e:
ad:58:d9:fb:8b:d1:36:44:80:b2:b2:74:1e:70:41:79:4a:69:
e3:99:4d:4f:8a:2b:5a:d2:62:2e:ff:a3:73:ce:af:5e:99:65:
6f:28:00:2e:0f:5a:9e:67:8e:dd:87:47:a7:e1:d3:cf:0d:ed:
bc:45:43:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtXSrw1FyXuEqMR5/rwQ+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MDliODU1M2I4Njc5ZWRiNDIzODUwNWQyM2U0NjBlNjVl
Y2U1YTMwHhcNMjMwMTAxMTI0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQ3NWY1MTAwMzk3NDBmYjk3MjMzN2FlNTM5MDgyNGVmZGRlOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo+9zqSH7NhnqAzGmwD6pjZCtd7F
sSqJs9K0uPwddJ//MTgpM/P1MU3kY3q6j26jPl9BMKPJbB/0LLeiZSbTFGJFwKsP
dUwzyGOj3WZqWDUv3zg9CJhvvqgcFwqUUqR1dcFGmazbV923T/p3vAM06r4Pdwu4
iyTWGYyIAAl6CmlSB3X7zsENcSncJR6Ty8zULRoiWh9XjDkBldUzJI3eZVsLXiLY
s6R8u2m4A5ccqKz3nwSMAp5l5Go+tFOhLPuPfrOeYiKjKPb7ZLp6zOLSE33SAI6g
bWTAsdR95mmwOZVlvPJnojFALDUqYEvxK0qxkR/i0p8QX8XbpPb1StvcYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFlHX1EAOXQPuXIzeuU5CCTv3eksMB8GA1UdIwQY
MBaAFEcJuFU7hnnttCOFBdI+Rg5l7OWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUndtNFZUdUdlZTIwSTRVRjBqNUdEbVhzNWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMGIyOWEtNTZjZi00ZTE3LTkzNDEt
Yzk3YzExZDMxMmZhLzEvV1VkZlVRQTVkQS01Y2pONjVUa0lKT19kNlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMGIyOWEtNTZjZi00ZTE3LTkzNDEtYzk3YzExZDMxMmZh
LzEvUndtNFZUdUdlZTIwSTRVRjBqNUdEbVhzNWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW86cAwQB
W+XmAwQCuVpgMA0EAgACMAcDBQMqBd8AMA0GCSqGSIb3DQEBCwUAA4IBAQA/5lqX
MahQAIBLr8PnLwYpPiLZyH8ZCqH1FYWHvwjRw2uRKNN29zdKIPD0T29RN/dIMgSA
Xx9ohoUup2PTCFx6njJOx+dgKod40b1eM81Bj4N23Vc/ogzIzq8kUn4YQGzsytsf
gisUisGUyjzQNAiGngIqVQJW70Ub9yzz+evUlqHHDbCW4sqFGuteWoseh2Ma2sae
bj19uBnW1lngbTfuoL9TH2Ci79RagkPO9py1x7zVvdC/KWhwAln88hMQh3nK+xVL
6B6tWNn7i9E2RICysnQecEF5SmnjmU1Piita0mIu/6Nzzq9emWVvKAAuD1qeZ47d
h0en4dPPDe28RUPi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:36 2025 by rpki-client