Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/wnsrTtgZ6WhtxGnx8RjcLau3SrM.roa
File: wnsrTtgZ6WhtxGnx8RjcLau3SrM.roa (raw, json)
Hash identifier: QKSLYpPwO1WhDS36CccFidt7rWMqu+1eMLyyl0Mqn3g=
Subject key identifier: C2:7B:2B:4E:D8:19:E9:68:6D:C4:69:F1:F1:18:DC:2D:AB:B7:4A:B3
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 0194B7C98C43426FC637BCE86E63C56D1244
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/wnsrTtgZ6WhtxGnx8RjcLau3SrM.roa
Signing time: Thu 30 Jan 2025 15:17:06 +0000
ROA not before: Thu 30 Jan 2025 15:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 114.69.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:c9:8c:43:42:6f:c6:37:bc:e8:6e:63:c5:6d:12:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 30 15:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c27b2b4ed819e9686dc469f1f118dc2dabb74ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3f:b5:eb:b1:e2:39:e1:61:68:58:bb:94:5c:
06:4c:f9:c0:52:e3:e5:74:1d:87:1b:e8:5a:d1:f4:
ce:e5:b4:5a:3f:aa:04:21:05:2c:52:78:c9:bb:c4:
d2:31:4b:36:54:3f:2e:eb:37:04:f2:2c:e9:3b:36:
16:d5:95:d6:b5:74:ea:73:14:35:7f:eb:d6:4d:34:
60:e1:ea:63:c0:49:de:68:7c:d2:7d:f6:f9:01:55:
c9:36:d1:7d:ed:4e:b2:fd:c6:5f:ff:41:86:e2:a2:
2b:af:de:52:a9:5f:cd:d1:d4:c5:37:7e:0e:06:2a:
80:54:f5:d0:67:18:49:d1:1e:bb:0c:63:df:ec:bc:
51:e0:98:98:54:79:d9:fa:22:34:ab:ba:09:15:b4:
00:65:1d:bd:72:c7:6a:3d:d0:1f:80:ed:d4:f2:93:
81:39:74:69:0c:e2:65:f9:8d:6c:79:bc:07:94:98:
54:77:5b:46:cb:4c:6e:57:c5:f2:17:20:ec:2b:e1:
c3:d9:df:5e:f6:50:82:5a:70:a7:13:60:ed:9d:d9:
28:31:21:f0:8a:56:bb:12:58:96:be:97:a4:83:a7:
4d:17:12:d3:8c:8c:b2:4d:ab:43:7f:df:b5:38:01:
68:eb:87:47:a3:54:50:17:e8:28:1e:09:47:a8:5b:
25:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:7B:2B:4E:D8:19:E9:68:6D:C4:69:F1:F1:18:DC:2D:AB:B7:4A:B3
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/wnsrTtgZ6WhtxGnx8RjcLau3SrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.69.245.0/24
Signature Algorithm: sha256WithRSAEncryption
93:8c:c1:5d:42:76:5b:9d:0f:37:5e:50:6c:a2:0c:c4:8c:da:
30:84:17:34:75:0a:dd:7b:86:e8:82:e8:42:c4:9c:3a:ad:d3:
50:82:db:c6:91:b1:80:ae:d8:51:4d:36:70:3e:8d:f6:52:cd:
c6:96:ae:f2:b0:19:ac:24:3f:97:dc:fd:fc:db:d3:e7:ee:a4:
61:3b:eb:3b:38:30:bf:18:43:9b:7c:79:c4:cf:9d:99:0c:5a:
30:ce:5c:aa:46:6f:6c:a3:41:3f:2a:b1:9c:72:f6:9d:f1:e8:
7d:1f:8f:de:d2:3a:68:d6:68:2f:f5:8e:d0:0a:2f:48:76:c7:
06:2f:aa:7c:ff:0b:1c:c6:a9:ea:7b:1b:e9:87:39:58:a0:9c:
ee:60:7c:ff:9c:f8:41:66:3e:d8:74:12:d6:03:e9:2e:3c:d9:
53:0e:ef:e1:d3:3e:db:b9:24:48:96:8b:57:fa:16:f8:cc:2f:
1f:ab:63:bf:47:49:7a:20:78:76:73:8d:a7:d5:7f:28:93:c2:
fc:a5:ed:57:0f:78:10:77:1a:e3:37:9b:14:6f:82:56:f8:0b:
8d:6f:1a:88:a4:c7:81:31:99:6f:7e:7e:68:4f:0c:f6:b2:4b:
c7:74:0e:0b:63:ea:63:15:02:a4:b4:73:61:94:cc:a3:e7:47:
8e:91:e2:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS3yYxDQm/GN7zobmPFbRJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjUwMTMwMTUxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjdiMmI0ZWQ4MTllOTY4NmRjNDY5ZjFmMTE4ZGMyZGFiYjc0YWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz+167HiOeFhaFi7lFwGTPnAUuPl
dB2HG+ha0fTO5bRaP6oEIQUsUnjJu8TSMUs2VD8u6zcE8izpOzYW1ZXWtXTqcxQ1
f+vWTTRg4epjwEneaHzSffb5AVXJNtF97U6y/cZf/0GG4qIrr95SqV/N0dTFN34O
BiqAVPXQZxhJ0R67DGPf7LxR4JiYVHnZ+iI0q7oJFbQAZR29csdqPdAfgO3U8pOB
OXRpDOJl+Y1sebwHlJhUd1tGy0xuV8XyFyDsK+HD2d9e9lCCWnCnE2DtndkoMSHw
ila7EliWvpekg6dNFxLTjIyyTatDf9+1OAFo64dHo1RQF+goHglHqFslwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJ7K07YGelobcRp8fEY3C2rt0qzMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvd25zclR0Z1o2V2h0eEdueDhSamNMYXUzU3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAckX1MA0G
CSqGSIb3DQEBCwUAA4IBAQCTjMFdQnZbnQ83XlBsogzEjNowhBc0dQrde4boguhC
xJw6rdNQgtvGkbGArthRTTZwPo32Us3Glq7ysBmsJD+X3P3829Pn7qRhO+s7ODC/
GEObfHnEz52ZDFowzlyqRm9so0E/KrGccvad8eh9H4/e0jpo1mgv9Y7QCi9IdscG
L6p8/wscxqnqexvphzlYoJzuYHz/nPhBZj7YdBLWA+kuPNlTDu/h0z7buSRIlotX
+hb4zC8fq2O/R0l6IHh2c42n1X8ok8L8pe1XD3gQdxrjN5sUb4JW+AuNbxqIpMeB
MZlvfn5oTwz2skvHdA4LY+pjFQKktHNhlMyj50eOkeKK
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:13:10 2025 by rpki-client