Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/Wwi6glxCUUOadZqgxrOkdmMrALQ.roa
File: Wwi6glxCUUOadZqgxrOkdmMrALQ.roa (raw, json)
Hash identifier: ojxf/c/q5Kwb/LwjbQGsJ4lb3PD40U6FhYMP3ryQG10=
Subject key identifier: 5B:08:BA:82:5C:42:51:43:9A:75:9A:A0:C6:B3:A4:76:63:2B:00:B4
Certificate issuer: /CN=ea8b2cd11f85987898547450c9217811fcdea28b
Certificate serial: 01942826916F2E328DEA748F2BAE8DE58326
Authority key identifier: EA:8B:2C:D1:1F:85:98:78:98:54:74:50:C9:21:78:11:FC:DE:A2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oss0R-FmHiYVHRQySF4Efzeoos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/Wwi6glxCUUOadZqgxrOkdmMrALQ.roa
Signing time: Thu 02 Jan 2025 17:53:23 +0000
ROA not before: Thu 02 Jan 2025 17:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15935
IP address blocks: 81.30.224.0/19 maxlen: 19
81.30.229.0/24 maxlen: 24
81.30.246.0/23 maxlen: 23
93.185.48.0/20 maxlen: 20
95.173.64.0/19 maxlen: 19
95.173.64.0/23 maxlen: 23
95.173.68.0/23 maxlen: 23
109.238.32.0/20 maxlen: 20
213.195.192.0/18 maxlen: 18
217.66.160.0/19 maxlen: 19
217.66.160.0/24 maxlen: 24
217.66.166.0/24 maxlen: 24
217.66.178.0/24 maxlen: 24
217.66.179.0/24 maxlen: 24
217.66.188.0/23 maxlen: 23
217.66.190.0/24 maxlen: 24
217.66.191.0/24 maxlen: 24
2a02:570::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:91:6f:2e:32:8d:ea:74:8f:2b:ae:8d:e5:83:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea8b2cd11f85987898547450c9217811fcdea28b
Validity
Not Before: Jan 2 17:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b08ba825c4251439a759aa0c6b3a476632b00b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8d:92:7d:9a:e7:d9:3d:1b:37:73:1f:09:8c:
b0:75:13:6e:89:cf:d6:ab:9a:c2:c4:5f:a3:c8:45:
a8:e9:1c:fe:db:b7:dc:53:98:92:67:70:7e:c4:f2:
e3:f5:d6:c9:c2:06:8a:88:48:c9:d7:53:01:ec:be:
ba:72:e8:28:9e:35:01:cc:7a:ee:00:36:54:e5:8c:
d7:bf:57:11:4a:5d:54:99:64:02:e2:23:45:37:36:
e5:d5:bf:04:54:e7:ef:36:8e:a9:44:81:78:49:a6:
d4:ef:63:7d:a7:d6:ec:bd:e4:6b:7a:80:36:e4:f5:
17:66:92:f4:96:5a:95:1e:23:f6:8a:70:d4:65:76:
86:2c:95:31:aa:5e:08:76:ed:52:d2:da:21:a1:8e:
34:42:76:3d:8d:0a:c0:c1:4a:6e:b9:67:76:eb:b4:
d4:b1:23:c1:51:5b:20:83:07:5d:8d:d7:0e:72:84:
55:66:19:0a:0c:b9:b5:1a:89:45:76:f8:23:05:1c:
b0:0c:b5:50:19:07:3c:ae:78:8a:9a:5c:03:cb:e4:
44:54:49:25:3d:6a:3c:46:42:f9:e2:50:2f:4b:23:
3a:1a:e5:85:ec:a0:e0:2d:1c:db:bd:bd:0e:db:49:
62:07:af:5d:be:c0:b9:56:f1:f4:11:9a:14:e0:c7:
57:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:08:BA:82:5C:42:51:43:9A:75:9A:A0:C6:B3:A4:76:63:2B:00:B4
X509v3 Authority Key Identifier:
keyid:EA:8B:2C:D1:1F:85:98:78:98:54:74:50:C9:21:78:11:FC:DE:A2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oss0R-FmHiYVHRQySF4Efzeoos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/Wwi6glxCUUOadZqgxrOkdmMrALQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/6oss0R-FmHiYVHRQySF4Efzeoos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.224.0/19
93.185.48.0/20
95.173.64.0/19
109.238.32.0/20
213.195.192.0/18
217.66.160.0/19
IPv6:
2a02:570::/32
Signature Algorithm: sha256WithRSAEncryption
27:9a:54:bd:17:58:83:fe:fc:81:a1:fb:77:c1:a8:aa:d9:1b:
49:4d:44:8f:ca:49:f7:ee:75:b9:a7:6f:b8:5b:5e:28:d3:15:
bc:b9:8d:58:9f:8a:10:9b:d2:a8:7a:d5:d6:c7:11:f3:17:8b:
60:5f:48:5e:3f:01:b0:b0:73:22:3d:ad:11:8e:a4:28:bd:cc:
e2:83:1d:e1:81:1d:af:93:9e:1e:7c:1c:92:ca:28:92:17:61:
59:cf:81:02:f2:89:89:e3:67:bd:4c:04:85:b1:8f:da:95:bf:
db:b9:45:8d:b5:15:dc:74:77:c6:4b:f6:56:f5:ae:7d:27:bb:
32:2c:c3:ed:1f:b4:1b:69:d4:a6:b7:4c:d5:7b:3b:02:d6:63:
db:50:1c:52:af:d3:9f:15:c9:8c:e7:bb:7c:59:50:5e:1b:f5:
4a:c5:d9:ad:7d:26:b6:03:f3:3c:89:88:3a:9b:d6:1a:b8:2a:
76:2c:79:a7:03:a4:8e:a8:cb:15:f7:84:ab:2a:52:6f:d5:1e:
94:53:92:4d:8b:5b:1a:cd:66:9c:2d:00:e5:aa:9c:e8:f4:77:
36:d8:71:97:ae:0d:8f:f2:79:50:ac:8e:e1:5e:ac:d3:63:66:
20:27:43:2c:40:24:ff:33:a0:e3:2c:6d:a5:32:55:13:95:e8:
dc:51:63:0c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQoJpFvLjKN6nSPK66N5YMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOGIyY2QxMWY4NTk4Nzg5ODU0NzQ1MGM5MjE3ODExZmNk
ZWEyOGIwHhcNMjUwMTAyMTc1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjA4YmE4MjVjNDI1MTQzOWE3NTlhYTBjNmIzYTQ3NjYzMmIwMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA242SfZrn2T0bN3MfCYywdRNuic/W
q5rCxF+jyEWo6Rz+27fcU5iSZ3B+xPLj9dbJwgaKiEjJ11MB7L66cugonjUBzHru
ADZU5YzXv1cRSl1UmWQC4iNFNzbl1b8EVOfvNo6pRIF4SabU72N9p9bsveRreoA2
5PUXZpL0llqVHiP2inDUZXaGLJUxql4Idu1S0tohoY40QnY9jQrAwUpuuWd267TU
sSPBUVsggwddjdcOcoRVZhkKDLm1GolFdvgjBRywDLVQGQc8rniKmlwDy+REVEkl
PWo8RkL54lAvSyM6GuWF7KDgLRzbvb0O20liB69dvsC5VvH0EZoU4MdXNQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFsIuoJcQlFDmnWaoMazpHZjKwC0MB8GA1UdIwQY
MBaAFOqLLNEfhZh4mFR0UMkheBH83qKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9zczBSLUZtSGlZVkhSUXlTRjRFZnplb29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8xZmY3ZWEtYmMxMy00YjU0LTg5OGQt
MWQxY2QyMTUyNzVkLzEvV3dpNmdseENVVU9hZFpxZ3hyT2tkbU1yQUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8xZmY3ZWEtYmMxMy00YjU0LTg5OGQtMWQxY2QyMTUyNzVk
LzEvNm9zczBSLUZtSGlZVkhSUXlTRjRFZnplb29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUR7gAwQE
XbkwAwQFX61AAwQEbe4gAwQG1cPAAwQF2UKgMA0EAgACMAcDBQAqAgVwMA0GCSqG
SIb3DQEBCwUAA4IBAQAnmlS9F1iD/vyBoft3waiq2RtJTUSPykn37nW5p2+4W14o
0xW8uY1Yn4oQm9KoetXWxxHzF4tgX0hePwGwsHMiPa0RjqQovczigx3hgR2vk54e
fBySyiiSF2FZz4EC8omJ42e9TASFsY/alb/buUWNtRXcdHfGS/ZW9a59J7syLMPt
H7QbadSmt0zVezsC1mPbUBxSr9OfFcmM57t8WVBeG/VKxdmtfSa2A/M8iYg6m9Ya
uCp2LHmnA6SOqMsV94SrKlJv1R6UU5JNi1sazWacLQDlqpzo9Hc22HGXrg2P8nlQ
rI7hXqzTY2YgJ0MsQCT/M6DjLG2lMlUTlejcUWMM
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:44:12 2025 by rpki-client