Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/W8cH_RfNNK2PVtZ4dkQnNuqrxnc.roa
File: W8cH_RfNNK2PVtZ4dkQnNuqrxnc.roa (raw, json)
Hash identifier: 7tsNb5ZcCAlwiASwz40Hk6RbBRk52zjaoiAuvE/+RQ0=
Subject key identifier: 5B:C7:07:FD:17:CD:34:AD:8F:56:D6:78:76:44:27:36:EA:AB:C6:77
Certificate issuer: /CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Certificate serial: 019422204028E6C29CFE975F5FF858A94DD8
Authority key identifier: 2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/W8cH_RfNNK2PVtZ4dkQnNuqrxnc.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58109
IP address blocks: 37.235.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:40:28:e6:c2:9c:fe:97:5f:5f:f8:58:a9:4d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bc707fd17cd34ad8f56d67876442736eaabc677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d6:22:db:17:39:6c:6c:5b:46:75:38:2e:4d:
3a:db:ce:94:5c:8b:2e:07:40:52:9d:7c:93:8f:71:
88:23:41:49:dc:4d:bb:a5:e1:7d:60:dd:c6:d0:86:
a4:51:97:a7:11:1c:9f:9b:47:cf:52:8d:68:fc:e9:
e5:42:b0:63:2f:31:70:2f:be:71:a1:d7:9c:91:12:
01:da:19:65:c5:62:6b:da:3b:ac:f7:99:09:a4:ee:
1e:98:52:8d:b7:a8:ee:5d:38:21:7c:1b:50:64:7d:
1b:ad:cc:13:c8:d5:e2:da:be:25:a0:aa:04:a1:08:
b2:d2:b7:31:c6:58:d8:c5:a1:83:3c:1b:f5:7c:57:
51:12:97:9f:fb:6b:ac:93:9d:c6:bf:98:c0:21:ee:
28:31:d9:93:2b:b8:5c:dc:ec:c5:9c:b0:aa:3a:7e:
04:3b:e6:dc:9b:1a:a7:e6:d1:f8:87:04:30:31:97:
cc:d2:bd:d7:92:fa:13:af:1c:38:e0:ff:07:f4:57:
37:79:7b:5b:f9:1a:34:06:f4:eb:ce:88:3a:57:e6:
62:c0:9e:ff:e8:5d:6c:38:38:16:c0:f6:08:2c:2d:
a2:da:e9:96:32:c5:60:65:f3:d0:aa:68:86:b8:a7:
ba:65:9f:77:07:be:4e:fd:be:c6:c7:33:87:7b:39:
17:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C7:07:FD:17:CD:34:AD:8F:56:D6:78:76:44:27:36:EA:AB:C6:77
X509v3 Authority Key Identifier:
keyid:2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/W8cH_RfNNK2PVtZ4dkQnNuqrxnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/KseP1RenX3fz9P0imsXmcyVgxuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.72.0/24
Signature Algorithm: sha256WithRSAEncryption
24:fa:e9:c9:d2:6f:05:f3:c5:05:f1:31:fa:2f:64:4b:4b:de:
51:f2:96:df:98:4a:9a:a2:4b:34:a6:99:82:43:f1:69:47:4c:
29:26:ec:58:49:ae:eb:ba:17:37:7b:6a:91:d4:a1:28:38:5f:
03:17:4b:0d:a7:01:72:14:b5:35:a9:5a:05:3a:f2:03:60:ca:
fe:ce:ae:17:fa:f5:4a:20:3e:38:5e:ef:91:15:31:f5:8c:dd:
6e:b8:09:42:56:df:f2:a9:59:6c:d8:fb:d6:ab:34:f1:49:6e:
0c:75:61:e5:6d:16:ad:2b:78:d9:1a:fb:3f:a4:a5:8f:18:af:
e0:93:19:44:b0:6a:0a:a7:2f:45:82:99:b6:41:12:1a:fe:44:
05:7b:a7:13:c0:dd:36:9e:6a:67:2d:6d:79:f9:90:cd:26:71:
ca:15:10:f7:4f:13:1f:14:2d:15:70:e4:94:8b:81:28:59:71:
23:f6:32:d8:bf:ec:cb:f9:49:e6:ab:e5:b8:bb:d4:b1:22:73:
be:91:e4:27:32:2c:e3:bb:b0:0f:77:ce:87:bd:57:80:af:98:
92:69:c9:9a:07:57:ee:5f:eb:ef:e0:66:4b:3a:2f:24:f8:28:
53:cb:25:c8:c2:51:4a:94:88:ae:04:ce:e8:06:4e:d7:18:47:
e8:63:b5:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIEAo5sKc/pdfX/hYqU3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzc4ZmQ1MTdhNzVmNzdmM2Y0ZmQyMjlhYzVlNjczMjU2
MGM2ZTEwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM3MDdmZDE3Y2QzNGFkOGY1NmQ2Nzg3NjQ0MjczNmVhYWJjNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dYi2xc5bGxbRnU4Lk06286UXIsu
B0BSnXyTj3GII0FJ3E27peF9YN3G0IakUZenERyfm0fPUo1o/OnlQrBjLzFwL75x
odeckRIB2hllxWJr2jus95kJpO4emFKNt6juXTghfBtQZH0brcwTyNXi2r4loKoE
oQiy0rcxxljYxaGDPBv1fFdREpef+2usk53Gv5jAIe4oMdmTK7hc3OzFnLCqOn4E
O+bcmxqn5tH4hwQwMZfM0r3XkvoTrxw44P8H9Fc3eXtb+Ro0BvTrzog6V+ZiwJ7/
6F1sODgWwPYILC2i2umWMsVgZfPQqmiGuKe6ZZ93B75O/b7GxzOHezkXDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvHB/0XzTStj1bWeHZEJzbqq8Z3MB8GA1UdIwQY
MBaAFCrHj9UXp1938/T9IprF5nMlYMbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NlUDFSZW5YM2Z6OVAwaW1zWG1jeVZneHVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jOGYwMmItMGFiYy00MWZlLWJjNTQt
YWM4MDBjNmQ5NzZmLzEvVzhjSF9SZk5OSzJQVnRaNGRrUW5OdXFyeG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jOGYwMmItMGFiYy00MWZlLWJjNTQtYWM4MDBjNmQ5NzZm
LzEvS3NlUDFSZW5YM2Z6OVAwaW1zWG1jeVZneHVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJetIMA0G
CSqGSIb3DQEBCwUAA4IBAQAk+unJ0m8F88UF8TH6L2RLS95R8pbfmEqaoks0ppmC
Q/FpR0wpJuxYSa7ruhc3e2qR1KEoOF8DF0sNpwFyFLU1qVoFOvIDYMr+zq4X+vVK
ID44Xu+RFTH1jN1uuAlCVt/yqVls2PvWqzTxSW4MdWHlbRatK3jZGvs/pKWPGK/g
kxlEsGoKpy9Fgpm2QRIa/kQFe6cTwN02nmpnLW15+ZDNJnHKFRD3TxMfFC0VcOSU
i4EoWXEj9jLYv+zL+Unmq+W4u9SxInO+keQnMizju7APd86HvVeAr5iSacmaB1fu
X+vv4GZLOi8k+ChTyyXIwlFKlIiuBM7oBk7XGEfoY7VD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:40 2025 by rpki-client