Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/WkBybn5y_zzILfghfheQstbKe2Y.roa
File: WkBybn5y_zzILfghfheQstbKe2Y.roa (raw, json)
Hash identifier: 7DyBUEoPsSAMb897pLKGQQWmY22KbnfGL8KyTSxMLMk=
Subject key identifier: 5A:40:72:6E:7E:72:FF:3C:C8:2D:F8:21:7E:17:90:B2:D6:CA:7B:66
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 018C5D1CA10EE656DD9FF120C3CF856B0672
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/WkBybn5y_zzILfghfheQstbKe2Y.roa
Signing time: Tue 12 Dec 2023 08:20:06 +0000
ROA not before: Tue 12 Dec 2023 08:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39120
IP address blocks: 5.56.8.0/22 maxlen: 22
5.56.12.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
5.83.120.0/22 maxlen: 22
5.83.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:1c:a1:0e:e6:56:dd:9f:f1:20:c3:cf:85:6b:06:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Dec 12 08:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a40726e7e72ff3cc82df8217e1790b2d6ca7b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fa:de:17:48:cb:78:4a:d9:22:31:7c:b3:a9:
85:31:df:e7:9d:24:04:e3:b3:de:14:70:3d:5e:20:
4e:d0:20:53:e5:19:e4:a5:10:25:82:69:59:46:df:
30:b7:9e:a7:bc:18:f0:4c:b6:9b:5c:65:67:6a:34:
cf:5b:b7:ba:9e:ec:8f:6d:75:14:5e:33:a0:47:1f:
eb:ba:1c:d9:50:b7:6a:2a:95:3d:01:24:56:dc:94:
02:a6:8f:8d:05:9a:5b:78:c1:63:6b:b3:9c:3b:42:
ef:06:57:f5:12:ac:2b:32:37:89:44:02:46:b2:39:
92:e3:97:84:fc:ce:c8:bb:b6:0d:e8:db:15:3c:e8:
ec:8f:23:36:18:ce:b8:c1:e5:84:17:8f:70:3e:0a:
50:9f:8f:de:13:dd:a5:99:95:4c:66:f9:38:30:a4:
1f:f1:48:f3:b6:8e:94:06:b0:0d:ef:6f:6c:85:03:
45:c4:64:82:54:47:6b:6f:b2:52:10:ac:d9:44:56:
82:da:e8:65:03:9c:a7:96:9d:78:5f:c8:c8:c5:bb:
04:34:f9:f5:ee:4d:ba:e0:c4:ab:bf:d4:e8:85:79:
4d:7e:44:a4:cb:02:75:17:f7:35:89:8f:8b:19:00:
86:ed:ee:99:f3:4b:40:05:8b:e1:c7:6a:02:c7:de:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:40:72:6E:7E:72:FF:3C:C8:2D:F8:21:7E:17:90:B2:D6:CA:7B:66
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/WkBybn5y_zzILfghfheQstbKe2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.8.0/21
5.83.120.0/21
185.29.248.0/22
Signature Algorithm: sha256WithRSAEncryption
78:c3:be:f0:d4:a6:59:38:81:22:34:a0:cb:ee:bc:87:58:9d:
17:6e:41:a0:84:73:26:50:c1:5a:9b:4f:48:2d:fd:e5:52:d1:
59:f1:ef:84:5a:2f:a1:c4:73:bc:dd:26:a2:a7:11:f6:02:2a:
d4:99:81:6f:62:47:38:61:63:04:3f:52:d0:96:12:35:59:a3:
6e:3f:c9:31:9e:76:f4:2d:35:df:67:24:7d:c7:f7:82:f9:31:
17:7a:69:3b:4c:5d:cc:ae:04:7c:65:9f:b3:78:4e:e6:7b:79:
13:cb:33:9c:3a:70:d0:e3:a3:8f:03:d8:41:4f:dc:62:99:16:
40:f9:8c:bb:68:64:3c:91:a6:c2:75:99:e2:19:33:e9:6f:9b:
21:ac:65:91:f8:04:d4:4d:68:db:7c:8c:1f:37:1f:4e:63:2d:
87:6e:39:87:b0:98:a4:3b:f3:0b:92:19:21:89:dd:71:fb:ad:
03:9a:11:72:5f:26:d3:f3:ba:0f:ea:c1:ee:a8:37:bf:65:16:
ee:e8:90:ce:97:29:7f:94:63:12:ad:6f:30:16:6c:9a:8b:80:
21:9d:02:4c:e8:b0:cd:7e:53:e6:81:8f:86:e9:1f:96:1b:df:
bb:bb:08:62:77:ab:10:38:da:19:fc:f6:7d:9f:af:88:e0:0c:
d0:64:fe:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxdHKEO5lbdn/Egw8+FawZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjMxMjEyMDgyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTQwNzI2ZTdlNzJmZjNjYzgyZGY4MjE3ZTE3OTBiMmQ2Y2E3YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/reF0jLeErZIjF8s6mFMd/nnSQE
47PeFHA9XiBO0CBT5RnkpRAlgmlZRt8wt56nvBjwTLabXGVnajTPW7e6nuyPbXUU
XjOgRx/ruhzZULdqKpU9ASRW3JQCpo+NBZpbeMFja7OcO0LvBlf1EqwrMjeJRAJG
sjmS45eE/M7Iu7YN6NsVPOjsjyM2GM64weWEF49wPgpQn4/eE92lmZVMZvk4MKQf
8Ujzto6UBrAN729shQNFxGSCVEdrb7JSEKzZRFaC2uhlA5ynlp14X8jIxbsENPn1
7k264MSrv9TohXlNfkSkywJ1F/c1iY+LGQCG7e6Z80tABYvhx2oCx96CVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFpAcm5+cv88yC34IX4XkLLWyntmMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvV2tCeWJuNXlfenpJTGZnaGZoZVFzdGJLZTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBTgIAwQD
BVN4AwQCuR34MA0GCSqGSIb3DQEBCwUAA4IBAQB4w77w1KZZOIEiNKDL7ryHWJ0X
bkGghHMmUMFam09ILf3lUtFZ8e+EWi+hxHO83SaipxH2AirUmYFvYkc4YWMEP1LQ
lhI1WaNuP8kxnnb0LTXfZyR9x/eC+TEXemk7TF3MrgR8ZZ+zeE7me3kTyzOcOnDQ
46OPA9hBT9ximRZA+Yy7aGQ8kabCdZniGTPpb5shrGWR+ATUTWjbfIwfNx9OYy2H
bjmHsJikO/MLkhkhid1x+60DmhFyXybT87oP6sHuqDe/ZRbu6JDOlyl/lGMSrW8w
Fmyai4AhnQJM6LDNflPmgY+G6R+WG9+7uwhid6sQONoZ/PZ9n6+I4AzQZP6z
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:51 2025 by rpki-client