Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/W2LXapGoERQMw6iqWO1z0Z9v9Yg.roa
File: W2LXapGoERQMw6iqWO1z0Z9v9Yg.roa (raw, json)
Hash identifier: V3esHTKU7mIEDXexZVKgv8wXRIIIp5oUXEY3BoyuLTM=
Subject key identifier: 5B:62:D7:6A:91:A8:11:14:0C:C3:A8:AA:58:ED:73:D1:9F:6F:F5:88
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01939CC0838973FD287988C35A8379808D20
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/W2LXapGoERQMw6iqWO1z0Z9v9Yg.roa
Signing time: Fri 06 Dec 2024 16:14:42 +0000
ROA not before: Fri 06 Dec 2024 16:14:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 185.236.8.0/24 maxlen: 24
185.236.9.0/24 maxlen: 24
193.38.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:c0:83:89:73:fd:28:79:88:c3:5a:83:79:80:8d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Dec 6 16:14:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b62d76a91a811140cc3a8aa58ed73d19f6ff588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2f:1d:77:1c:46:4e:4d:b2:6e:9c:ef:28:17:
e5:c2:f4:65:91:1f:6f:ea:90:69:04:68:38:d5:f7:
99:2d:bf:36:dd:e2:ee:0a:d8:45:2c:dc:28:9a:5a:
6d:76:c7:82:27:72:94:e0:4b:fe:ad:6b:b5:d8:06:
e4:dc:55:7a:d4:08:ba:ee:f2:9e:4c:b6:99:7a:52:
22:2a:2e:cc:5b:b3:4e:8e:91:74:6c:ba:01:b8:77:
fa:2a:72:a4:8a:cc:9d:ea:81:04:8d:46:fc:6b:fc:
58:ff:2a:24:51:74:e4:09:6d:cb:1d:04:60:3b:7f:
ea:8a:63:c8:c7:7d:67:59:e3:59:7b:49:77:eb:a7:
96:fb:28:d9:c7:8a:49:07:ce:48:ff:4a:d0:72:61:
91:e7:8f:02:fc:ff:46:d4:ae:12:62:04:c6:cc:f5:
56:54:55:0e:9e:28:17:3d:c6:a3:7a:47:2c:99:d6:
5c:ae:2f:bb:b3:52:b0:dc:2a:c7:7f:82:53:db:7b:
97:bc:3a:fb:ec:bf:d2:52:2c:72:b6:cc:70:21:1f:
16:bf:85:ed:dc:56:e5:38:35:65:5a:0b:bc:eb:c6:
d8:6e:d3:b3:2d:13:1d:4f:c1:6d:8c:37:c5:b1:ab:
78:6b:40:f2:3a:6a:52:e5:3d:15:d3:af:55:42:cd:
d2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:62:D7:6A:91:A8:11:14:0C:C3:A8:AA:58:ED:73:D1:9F:6F:F5:88
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/W2LXapGoERQMw6iqWO1z0Z9v9Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.8.0/23
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3b:85:38:ac:2a:d1:05:40:5a:82:fb:af:36:e9:1e:00:1c:
d6:14:cd:b5:22:e6:80:3a:9d:c6:f5:c2:80:ec:86:2d:36:ee:
e1:6e:d9:eb:25:ec:2d:a8:11:e3:a5:9f:31:13:f1:73:f5:dd:
b6:db:37:2f:c6:43:79:c4:31:24:23:4a:fe:a3:04:df:f5:2c:
5a:85:57:16:66:eb:3c:5e:f6:6c:98:3f:17:88:1c:4e:cf:bf:
55:e7:51:c8:ac:1a:56:d0:2d:0e:c3:84:f0:08:a8:3e:a4:71:
0b:7f:e3:71:23:eb:b6:40:80:0a:77:34:c9:d2:42:99:88:a2:
7a:47:46:73:4f:06:65:ae:41:a0:10:ce:a9:3f:f9:5a:fa:d3:
54:e9:61:e6:ae:34:aa:aa:fd:1c:df:67:4e:98:ce:1a:b7:72:
2e:77:72:8a:84:8f:a8:c6:ad:42:1f:95:04:b8:f4:2c:88:5e:
78:a9:ee:bd:22:a4:08:9f:72:d9:0a:9e:04:9e:83:2e:4b:c6:
e7:89:f8:aa:ab:aa:3b:26:f6:15:79:76:c5:d3:03:4b:43:eb:
de:60:26:0b:f9:00:70:de:bc:ff:21:e4:08:4f:bc:4e:4e:e1:
31:af:05:f5:6f:7a:e4:ec:4a:7d:a6:6f:bd:f6:50:30:34:90:
af:1e:7b:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOcwIOJc/0oeYjDWoN5gI0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMjA2MTYxNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYyZDc2YTkxYTgxMTE0MGNjM2E4YWE1OGVkNzNkMTlmNmZmNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6C8ddxxGTk2ybpzvKBflwvRlkR9v
6pBpBGg41feZLb823eLuCthFLNwomlptdseCJ3KU4Ev+rWu12Abk3FV61Ai67vKe
TLaZelIiKi7MW7NOjpF0bLoBuHf6KnKkisyd6oEEjUb8a/xY/yokUXTkCW3LHQRg
O3/qimPIx31nWeNZe0l366eW+yjZx4pJB85I/0rQcmGR548C/P9G1K4SYgTGzPVW
VFUOnigXPcajekcsmdZcri+7s1Kw3CrHf4JT23uXvDr77L/SUixytsxwIR8Wv4Xt
3FblODVlWgu868bYbtOzLRMdT8FtjDfFsat4a0DyOmpS5T0V069VQs3SPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFti12qRqBEUDMOoqljtc9Gfb/WIMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvVzJMWGFwR29FUlFNdzZpcVdPMXowWjl2OVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuewIAwQA
wSb5MA0GCSqGSIb3DQEBCwUAA4IBAQCeO4U4rCrRBUBagvuvNukeABzWFM21IuaA
Op3G9cKA7IYtNu7hbtnrJewtqBHjpZ8xE/Fz9d222zcvxkN5xDEkI0r+owTf9Sxa
hVcWZus8XvZsmD8XiBxOz79V51HIrBpW0C0Ow4TwCKg+pHELf+NxI+u2QIAKdzTJ
0kKZiKJ6R0ZzTwZlrkGgEM6pP/la+tNU6WHmrjSqqv0c32dOmM4at3Iud3KKhI+o
xq1CH5UEuPQsiF54qe69IqQIn3LZCp4EnoMuS8bnifiqq6o7JvYVeXbF0wNLQ+ve
YCYL+QBw3rz/IeQIT7xOTuExrwX1b3rk7Ep9pm+99lAwNJCvHns9
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:41:48 2025 by rpki-client