Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/wmP5bMOGyarS60pVYUn3YSNOkzU.roa
File: wmP5bMOGyarS60pVYUn3YSNOkzU.roa (raw, json)
Hash identifier: dH7mhtw2CqlUgKyAjfzIndFqDCSJYD0W6bKpYCAp4x8=
Subject key identifier: C2:63:F9:6C:C3:86:C9:AA:D2:EB:4A:55:61:49:F7:61:23:4E:93:35
Certificate issuer: /CN=a4fd7836d71308c42d0f9d168ffd4c5816714459
Certificate serial: 019426D91501DDBC1F039FDC1DE7AD7081A8
Authority key identifier: A4:FD:78:36:D7:13:08:C4:2D:0F:9D:16:8F:FD:4C:58:16:71:44:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pP14NtcTCMQtD50Wj_1MWBZxRFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/wmP5bMOGyarS60pVYUn3YSNOkzU.roa
Signing time: Thu 02 Jan 2025 11:49:08 +0000
ROA not before: Thu 02 Jan 2025 11:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207202
IP address blocks: 185.163.12.0/24 maxlen: 24
2a0a:6800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:15:01:dd:bc:1f:03:9f:dc:1d:e7:ad:70:81:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4fd7836d71308c42d0f9d168ffd4c5816714459
Validity
Not Before: Jan 2 11:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c263f96cc386c9aad2eb4a556149f761234e9335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e2:53:ab:66:d6:4f:52:5a:0e:81:3d:e5:2e:
43:78:7a:dd:36:6b:40:8e:87:c5:bc:82:8a:68:45:
04:e4:57:a1:e8:0a:0f:e7:d7:cf:11:3a:9f:2e:5c:
47:90:f1:37:76:3d:dc:aa:28:5c:c5:61:2f:e9:c0:
94:96:2b:0c:b1:b4:d2:70:08:75:7a:f8:24:66:27:
15:01:d8:10:01:30:d3:d7:b2:53:47:fe:06:e4:9a:
bd:84:46:0b:e5:39:bf:d7:68:f4:78:d5:47:86:e7:
ca:78:32:ff:26:dd:e2:26:78:13:dc:56:9f:54:f3:
6b:c3:e7:80:10:0c:14:17:17:43:a5:31:af:a1:1c:
7d:7c:eb:9d:7b:90:d7:6a:15:9f:a7:6b:fe:3d:1e:
bf:d0:c7:2a:1b:df:fe:18:77:1d:9f:39:32:2e:10:
d8:8c:7e:1a:8e:3a:16:62:91:ed:40:85:ab:77:5f:
d1:98:e5:05:23:50:2e:20:80:a2:f6:03:99:e9:34:
9e:f1:b3:5b:5f:d5:a3:70:f8:45:bc:67:d4:17:ea:
f6:ef:02:fd:df:1c:34:01:cf:63:f0:a9:03:53:36:
fb:f1:91:ea:da:33:4c:d8:50:8e:fc:82:7a:f2:ae:
03:b7:84:38:c5:08:7c:47:4c:ca:b9:a3:54:50:d2:
88:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:63:F9:6C:C3:86:C9:AA:D2:EB:4A:55:61:49:F7:61:23:4E:93:35
X509v3 Authority Key Identifier:
keyid:A4:FD:78:36:D7:13:08:C4:2D:0F:9D:16:8F:FD:4C:58:16:71:44:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pP14NtcTCMQtD50Wj_1MWBZxRFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/wmP5bMOGyarS60pVYUn3YSNOkzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/pP14NtcTCMQtD50Wj_1MWBZxRFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.12.0/24
IPv6:
2a0a:6800::/29
Signature Algorithm: sha256WithRSAEncryption
75:8e:e9:f4:29:a0:dc:2c:37:a9:f1:48:70:29:7a:b8:d4:14:
5c:c1:33:88:5c:9c:6d:0d:88:22:e8:f3:a1:db:da:d7:17:e0:
1a:e6:89:53:7f:82:4c:ed:95:3e:d6:61:b2:e6:56:fd:a7:1f:
f7:ba:8f:13:eb:03:5e:d4:6e:5a:99:f9:b3:b2:2a:65:7d:09:
7b:60:79:c1:53:c4:ac:63:36:78:5e:a9:c5:33:cc:f9:1c:b8:
3c:dc:f1:37:16:69:89:4b:23:03:7a:88:3b:37:f9:4b:4c:7a:
44:c9:73:67:f0:c0:c1:87:b9:85:8d:4f:d5:84:84:7d:53:41:
c9:0a:9e:23:a2:5c:85:8e:18:0b:81:ab:e7:22:eb:28:4d:07:
65:71:05:03:17:af:4d:c3:ed:bc:02:d6:6b:4e:6d:1c:c4:d0:
60:10:f1:dd:b4:45:06:36:c0:9d:48:97:19:45:61:d2:97:10:
fb:e4:68:b6:f5:39:98:af:dc:f9:24:c9:3b:29:98:de:ae:9e:
45:3e:19:bf:39:7d:ed:0c:bc:32:aa:eb:97:8e:91:5b:51:0f:
cd:05:18:f9:95:48:d0:56:f9:9f:f5:0f:c6:9f:47:43:98:ee:
88:4b:db:05:78:7b:f4:38:8f:4e:94:2a:4b:c1:56:13:9d:24:
c0:7b:e9:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2RUB3bwfA5/cHeetcIGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZmQ3ODM2ZDcxMzA4YzQyZDBmOWQxNjhmZmQ0YzU4MTY3
MTQ0NTkwHhcNMjUwMTAyMTE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjYzZjk2Y2MzODZjOWFhZDJlYjRhNTU2MTQ5Zjc2MTIzNGU5MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOJTq2bWT1JaDoE95S5DeHrdNmtA
jofFvIKKaEUE5Feh6AoP59fPETqfLlxHkPE3dj3cqihcxWEv6cCUlisMsbTScAh1
evgkZicVAdgQATDT17JTR/4G5Jq9hEYL5Tm/12j0eNVHhufKeDL/Jt3iJngT3Faf
VPNrw+eAEAwUFxdDpTGvoRx9fOude5DXahWfp2v+PR6/0McqG9/+GHcdnzkyLhDY
jH4ajjoWYpHtQIWrd1/RmOUFI1AuIICi9gOZ6TSe8bNbX9WjcPhFvGfUF+r27wL9
3xw0Ac9j8KkDUzb78ZHq2jNM2FCO/IJ68q4Dt4Q4xQh8R0zKuaNUUNKIJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMJj+WzDhsmq0utKVWFJ92EjTpM1MB8GA1UdIwQY
MBaAFKT9eDbXEwjELQ+dFo/9TFgWcURZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFAxNE50Y1RDTVF0RDUwV2pfMU1XQlp4UkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lMzI0OTQtODRlNS00ZDdlLWI3OTMt
OWQxMzBkNDhiZTM0LzEvd21QNWJNT0d5YXJTNjBwVllVbjNZU05Pa3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lMzI0OTQtODRlNS00ZDdlLWI3OTMtOWQxMzBkNDhiZTM0
LzEvcFAxNE50Y1RDTVF0RDUwV2pfMU1XQlp4UkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaMMMA0E
AgACMAcDBQMqCmgAMA0GCSqGSIb3DQEBCwUAA4IBAQB1jun0KaDcLDep8UhwKXq4
1BRcwTOIXJxtDYgi6POh29rXF+Aa5olTf4JM7ZU+1mGy5lb9px/3uo8T6wNe1G5a
mfmzsiplfQl7YHnBU8SsYzZ4XqnFM8z5HLg83PE3FmmJSyMDeog7N/lLTHpEyXNn
8MDBh7mFjU/VhIR9U0HJCp4jolyFjhgLgavnIusoTQdlcQUDF69Nw+28AtZrTm0c
xNBgEPHdtEUGNsCdSJcZRWHSlxD75Gi29TmYr9z5JMk7KZjerp5FPhm/OX3tDLwy
quuXjpFbUQ/NBRj5lUjQVvmf9Q/Gn0dDmO6IS9sFeHv0OI9OlCpLwVYTnSTAe+k2
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:36 2025 by rpki-client