Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/wPNMxy1HP_1cYFy7utzNj0qnsDA.roa
File: wPNMxy1HP_1cYFy7utzNj0qnsDA.roa (raw, json)
Hash identifier: yEdNFFWb7AqdqiQvhXrarz8nG5eHA1sOBjlHc/SL+pI=
Subject key identifier: C0:F3:4C:C7:2D:47:3F:FD:5C:60:5C:BB:BA:DC:CD:8F:4A:A7:B0:30
Certificate issuer: /CN=a8305c6e58294ad0ed5162fa8429da5165653930
Certificate serial: 019421B1DD47A1F06AA4C34CD9B8E872B2B6
Authority key identifier: A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/wPNMxy1HP_1cYFy7utzNj0qnsDA.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57118
IP address blocks: 91.199.218.0/24 maxlen: 24
2001:67c:2d70::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:dd:47:a1:f0:6a:a4:c3:4c:d9:b8:e8:72:b2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8305c6e58294ad0ed5162fa8429da5165653930
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0f34cc72d473ffd5c605cbbbadccd8f4aa7b030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5e:48:30:56:1b:f3:c7:8e:de:f7:b6:24:72:
4c:3a:0b:0d:45:86:51:c0:f8:ea:51:34:0e:93:cb:
02:f6:14:07:af:0e:12:f6:f7:01:ee:8e:44:7c:4a:
9f:16:51:34:3d:d8:7e:29:22:ec:f1:df:7b:54:db:
fb:12:62:95:bc:04:63:7c:e8:c5:05:dc:6a:10:84:
15:0c:d5:73:92:cb:02:79:15:1c:e2:11:f3:33:9f:
4e:bf:15:91:f8:a3:e2:e2:ae:62:15:31:8d:89:93:
c9:33:1e:a4:a6:d9:f6:b6:9d:b0:95:e4:b5:94:a5:
a2:5c:b2:ed:d0:59:ed:f1:dc:86:f2:f8:c3:7a:a7:
34:ae:24:ea:2d:68:ae:d0:73:2f:2a:16:cb:51:c5:
57:4a:8b:dc:10:a0:dd:d4:27:23:63:e6:0f:e0:32:
70:79:43:b5:9f:63:3d:99:af:59:bd:62:d9:31:00:
58:1b:d6:8c:e0:50:32:35:73:17:84:45:ab:d6:96:
92:17:de:83:9b:ea:38:3b:8e:96:92:d4:21:c2:3d:
f4:4d:fd:49:00:f2:72:08:0e:7c:a8:a9:c1:6f:2a:
66:0c:20:fc:ba:91:fc:32:b0:17:85:aa:bd:b8:f3:
16:f9:b0:17:ed:d7:d1:b0:ff:0a:dc:2e:7d:5d:ef:
23:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F3:4C:C7:2D:47:3F:FD:5C:60:5C:BB:BA:DC:CD:8F:4A:A7:B0:30
X509v3 Authority Key Identifier:
keyid:A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/wPNMxy1HP_1cYFy7utzNj0qnsDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.218.0/24
IPv6:
2001:67c:2d70::/48
Signature Algorithm: sha256WithRSAEncryption
67:b0:f3:18:e6:4e:6c:d3:7f:9f:8a:19:4c:e6:6e:7d:27:84:
38:cc:de:cd:f3:1c:15:a9:59:14:9c:97:0f:38:37:22:18:7f:
c0:c5:c3:47:2e:38:e7:21:c8:37:85:0b:49:fe:f0:2c:62:19:
fe:e1:1b:61:2a:0d:06:44:6d:47:cc:77:95:ac:09:cc:ba:b5:
f9:f4:69:5d:da:11:a0:36:6e:0a:29:01:c8:e6:ef:32:99:94:
e0:fe:66:54:4e:e3:c4:37:95:0f:dd:5e:c0:dc:77:8b:75:d8:
7b:d3:9e:4e:b2:ce:1b:69:7b:1b:34:1c:13:7a:cd:0a:13:14:
01:a4:57:33:cd:2d:cb:91:5e:65:90:2a:0a:08:96:e9:09:77:
7d:a5:ad:46:43:8a:9f:d3:46:59:08:73:06:7e:57:69:10:3d:
9a:f7:84:02:01:bd:ac:eb:88:ff:85:a0:b3:04:cd:1b:b5:c0:
31:7a:b6:9c:24:eb:66:c0:8e:42:08:22:6d:7d:fa:46:98:fc:
e3:c6:01:17:cd:c8:79:4d:94:f7:df:a6:19:02:7e:f3:ba:63:
0f:50:e5:33:e8:94:05:d6:41:36:dc:19:a0:60:dc:98:cb:a0:
8b:3f:53:a9:77:77:7e:5e:7f:dc:a5:c7:e2:f8:5c:b0:fa:d9:
f8:b2:67:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhsd1HofBqpMNM2bjocrK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MzA1YzZlNTgyOTRhZDBlZDUxNjJmYTg0MjlkYTUxNjU2
NTM5MzAwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGYzNGNjNzJkNDczZmZkNWM2MDVjYmJiYWRjY2Q4ZjRhYTdiMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F5IMFYb88eO3ve2JHJMOgsNRYZR
wPjqUTQOk8sC9hQHrw4S9vcB7o5EfEqfFlE0Pdh+KSLs8d97VNv7EmKVvARjfOjF
BdxqEIQVDNVzkssCeRUc4hHzM59OvxWR+KPi4q5iFTGNiZPJMx6kptn2tp2wleS1
lKWiXLLt0Fnt8dyG8vjDeqc0riTqLWiu0HMvKhbLUcVXSovcEKDd1CcjY+YP4DJw
eUO1n2M9ma9ZvWLZMQBYG9aM4FAyNXMXhEWr1paSF96Dm+o4O46WktQhwj30Tf1J
APJyCA58qKnBbypmDCD8upH8MrAXhaq9uPMW+bAX7dfRsP8K3C59Xe8jHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMDzTMctRz/9XGBcu7rczY9Kp7AwMB8GA1UdIwQY
MBaAFKgwXG5YKUrQ7VFi+oQp2lFlZTkwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzIt
MDJkYjhiNzdkMDg3LzEvd1BOTXh5MUhQXzFjWUZ5N3V0ek5qMHFuc0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzItMDJkYjhiNzdkMDg3
LzEvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8faMA8E
AgACMAkDBwAgAQZ8LXAwDQYJKoZIhvcNAQELBQADggEBAGew8xjmTmzTf5+KGUzm
bn0nhDjM3s3zHBWpWRSclw84NyIYf8DFw0cuOOchyDeFC0n+8CxiGf7hG2EqDQZE
bUfMd5WsCcy6tfn0aV3aEaA2bgopAcjm7zKZlOD+ZlRO48Q3lQ/dXsDcd4t12HvT
nk6yzhtpexs0HBN6zQoTFAGkVzPNLcuRXmWQKgoIlukJd32lrUZDip/TRlkIcwZ+
V2kQPZr3hAIBvazriP+FoLMEzRu1wDF6tpwk62bAjkIIIm19+kaY/OPGARfNyHlN
lPffphkCfvO6Yw9Q5TPolAXWQTbcGaBg3JjLoIs/U6l3d35ef9ylx+L4XLD62fiy
Z1k=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:40:40 2025 by rpki-client