Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/wnaVByUU9rLY0lixJG-AIxAIIKk.roa
File: wnaVByUU9rLY0lixJG-AIxAIIKk.roa (raw, json)
Hash identifier: uZB4+jtFO740w1LWkNgD8gNKmUM01C7fhf/4nIXCJmw=
Subject key identifier: C2:76:95:07:25:14:F6:B2:D8:D2:58:B1:24:6F:80:23:10:08:20:A9
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 019427B489CB6D1E2F1AC2DF8BBEE4AD8C41
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/wnaVByUU9rLY0lixJG-AIxAIIKk.roa
Signing time: Thu 02 Jan 2025 15:48:50 +0000
ROA not before: Thu 02 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 91.204.131.0/24 maxlen: 24
94.141.160.0/24 maxlen: 24
94.141.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:89:cb:6d:1e:2f:1a:c2:df:8b:be:e4:ad:8c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Jan 2 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c27695072514f6b2d8d258b1246f8023100820a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:bb:ed:a2:b6:cf:8a:66:ff:e1:35:9c:64:
a5:86:c1:91:1b:09:fe:3f:73:f9:9f:d4:30:91:ff:
37:b8:84:2b:0e:dd:7d:db:39:93:1f:77:c3:7d:00:
de:06:4d:15:a4:28:ca:fb:95:03:95:51:67:50:dc:
82:a5:05:e2:35:b8:1d:d9:1a:a5:69:03:96:0e:de:
c1:d3:5e:41:76:70:83:59:cd:04:2f:46:d1:ee:f4:
54:81:4c:01:a9:09:d5:00:39:8c:59:87:75:de:8f:
1a:89:62:d2:91:5e:75:87:3b:c1:f9:3e:1a:39:1d:
f0:e9:fb:9f:de:1e:ac:3f:5a:ea:77:bf:38:c6:98:
74:b1:a8:36:53:83:82:58:06:e4:af:c8:99:c6:37:
cd:91:4e:15:c1:26:27:14:89:b5:24:42:45:be:fc:
ff:76:cc:27:f6:48:3e:b4:c8:ee:54:eb:fe:ba:d9:
56:b7:4d:f9:1e:cc:3e:aa:8c:c4:b5:bd:95:a3:07:
c0:04:e1:37:90:f0:6f:18:69:34:39:99:a0:99:fd:
69:79:ce:e8:6e:87:66:86:ee:b8:c3:4f:1a:c4:38:
f7:fa:34:ad:65:66:20:32:bf:24:f3:b9:c8:77:76:
80:2a:c4:fa:fc:e1:e0:01:62:93:2e:96:60:4e:55:
3c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:76:95:07:25:14:F6:B2:D8:D2:58:B1:24:6F:80:23:10:08:20:A9
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/wnaVByUU9rLY0lixJG-AIxAIIKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.131.0/24
94.141.160.0/23
Signature Algorithm: sha256WithRSAEncryption
67:c3:43:55:ea:9d:48:a1:c8:59:26:5f:c3:82:44:2b:2a:9d:
46:a0:07:0e:8a:36:09:04:e9:c3:92:c3:26:ea:dc:b1:cf:f9:
e0:21:cf:ea:e8:bc:b2:22:c3:78:25:7d:a8:44:4b:8f:d4:b8:
82:dd:7e:a8:8f:75:f7:f3:19:02:0e:7c:5e:60:84:ce:13:68:
6b:51:d6:93:73:f3:aa:91:90:fe:e0:6e:23:4f:bc:0d:2f:03:
db:ac:2e:d7:6c:db:68:a4:76:81:77:e5:11:a5:ba:a8:4a:1b:
7a:1a:31:47:73:70:42:a7:1b:05:3f:da:b1:cb:92:97:8c:c4:
89:d9:c8:19:e9:69:06:68:c3:ce:7a:44:78:4d:45:f0:16:b5:
1b:ea:2b:6e:9c:38:83:2f:64:90:39:18:13:59:cc:48:59:66:
2d:c8:76:dc:9f:a4:e3:41:6b:aa:78:59:12:48:02:a3:a8:fd:
57:e9:4e:a8:88:c2:ef:ee:df:aa:32:be:cb:5b:76:2b:e6:2a:
1a:36:5b:7f:a4:21:c0:1a:73:a1:8b:53:4f:bf:90:fa:7b:75:
0b:71:f5:c3:c4:83:1a:f5:fb:1d:d0:48:4f:c9:17:13:ed:ce:
5f:4e:27:64:80:32:ce:fa:c7:a0:3c:d8:8a:64:d2:43:8c:80:
7a:c6:19:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntInLbR4vGsLfi77krYxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjUwMTAyMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc2OTUwNzI1MTRmNmIyZDhkMjU4YjEyNDZmODAyMzEwMDgyMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGO77aK2z4pm/+E1nGSlhsGRGwn+
P3P5n9Qwkf83uIQrDt192zmTH3fDfQDeBk0VpCjK+5UDlVFnUNyCpQXiNbgd2Rql
aQOWDt7B015BdnCDWc0EL0bR7vRUgUwBqQnVADmMWYd13o8aiWLSkV51hzvB+T4a
OR3w6fuf3h6sP1rqd784xph0sag2U4OCWAbkr8iZxjfNkU4VwSYnFIm1JEJFvvz/
dswn9kg+tMjuVOv+utlWt035Hsw+qozEtb2VowfABOE3kPBvGGk0OZmgmf1pec7o
bodmhu64w08axDj3+jStZWYgMr8k87nId3aAKsT6/OHgAWKTLpZgTlU8bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMJ2lQclFPay2NJYsSRvgCMQCCCpMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvd25hVkJ5VVU5ckxZMGxpeEpHLUFJeEFJSUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8yDAwQB
Xo2gMA0GCSqGSIb3DQEBCwUAA4IBAQBnw0NV6p1IochZJl/DgkQrKp1GoAcOijYJ
BOnDksMm6tyxz/ngIc/q6LyyIsN4JX2oREuP1LiC3X6oj3X38xkCDnxeYITOE2hr
UdaTc/OqkZD+4G4jT7wNLwPbrC7XbNtopHaBd+URpbqoSht6GjFHc3BCpxsFP9qx
y5KXjMSJ2cgZ6WkGaMPOekR4TUXwFrUb6itunDiDL2SQORgTWcxIWWYtyHbcn6Tj
QWuqeFkSSAKjqP1X6U6oiMLv7t+qMr7LW3Yr5ioaNlt/pCHAGnOhi1NPv5D6e3UL
cfXDxIMa9fsd0EhPyRcT7c5fTidkgDLO+segPNiKZNJDjIB6xhm9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:52 2025 by rpki-client