Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/a715ce-410d-4390-8e8c-8b2379eba13e/1/WK3H-x4lvtSz5PAYVzf83jx6Xhg.roa
File: WK3H-x4lvtSz5PAYVzf83jx6Xhg.roa (raw, json)
Hash identifier: IHyV2nIBoBadJ+LZrUqe4zccqPuVek6+/UVCrBQ/9jA=
Subject key identifier: 58:AD:C7:FB:1E:25:BE:D4:B3:E4:F0:18:57:37:FC:DE:3C:7A:5E:18
Certificate issuer: /CN=de3e0167bf582cece48d6c6d029a82cde272a9d5
Certificate serial: 019422FC3D095C584470B625F09AEBCE8877
Authority key identifier: DE:3E:01:67:BF:58:2C:EC:E4:8D:6C:6D:02:9A:82:CD:E2:72:A9:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3j4BZ79YLOzkjWxtApqCzeJyqdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/a715ce-410d-4390-8e8c-8b2379eba13e/1/WK3H-x4lvtSz5PAYVzf83jx6Xhg.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15598
IP address blocks: 91.206.152.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3d:09:5c:58:44:70:b6:25:f0:9a:eb:ce:88:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de3e0167bf582cece48d6c6d029a82cde272a9d5
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58adc7fb1e25bed4b3e4f0185737fcde3c7a5e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:18:3c:f0:f6:a9:5f:24:df:4a:fd:8b:87:9e:
3f:35:0b:ea:af:4c:44:e2:f0:97:c8:a8:45:7b:5c:
dd:2c:43:ad:19:ab:60:37:8b:c0:dc:a9:17:33:be:
f8:6b:82:e6:77:2b:b1:74:5e:82:95:1d:35:3d:59:
14:cc:d9:25:08:27:20:c1:87:8d:99:8e:c3:9d:54:
0f:3d:dd:41:7c:45:94:4f:8e:65:d4:fd:bb:c7:85:
b9:14:90:fa:0f:29:ab:e4:4d:54:04:0a:4a:0a:e9:
a4:df:a4:93:99:a4:4d:ce:a5:5a:e1:7e:36:c7:78:
b9:72:fb:59:57:57:44:9f:b1:e8:ec:dc:2b:d6:fe:
96:c9:5d:89:73:72:dd:70:e4:f9:70:be:09:db:41:
ea:33:09:7e:e3:b9:89:0c:be:4b:22:3a:d5:f4:8a:
6d:58:ac:6c:0e:97:74:c7:da:4e:74:96:3c:fd:cf:
9f:cd:03:d0:c5:90:4f:7c:95:e0:60:57:49:d1:b5:
11:4d:22:ab:5b:85:c4:31:71:1a:d6:2b:03:49:7c:
14:c1:49:17:6a:6e:ed:55:27:4e:43:94:68:7f:9a:
df:4c:7e:b4:30:ea:7c:f0:50:33:2d:c2:64:44:08:
13:5d:27:ff:6a:51:ba:69:94:14:b5:4e:3b:77:48:
c5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AD:C7:FB:1E:25:BE:D4:B3:E4:F0:18:57:37:FC:DE:3C:7A:5E:18
X509v3 Authority Key Identifier:
keyid:DE:3E:01:67:BF:58:2C:EC:E4:8D:6C:6D:02:9A:82:CD:E2:72:A9:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j4BZ79YLOzkjWxtApqCzeJyqdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/a715ce-410d-4390-8e8c-8b2379eba13e/1/WK3H-x4lvtSz5PAYVzf83jx6Xhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/a715ce-410d-4390-8e8c-8b2379eba13e/1/3j4BZ79YLOzkjWxtApqCzeJyqdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.152.0/23
Signature Algorithm: sha256WithRSAEncryption
e7:9b:ea:79:b3:c0:5a:38:a5:b9:85:f6:05:b9:a3:09:ee:b9:
c9:cc:25:49:9b:20:c6:16:59:a7:c5:2b:33:cc:0a:87:06:99:
4b:fd:a0:6b:09:f1:03:49:14:a9:89:03:f3:ed:bd:e3:d4:91:
4c:14:c8:ba:3c:8d:e8:70:ea:76:9f:fb:ad:ea:e1:8e:62:25:
42:f4:69:0d:8e:fc:89:c5:7f:74:8a:1a:21:a4:d0:f3:4c:19:
19:ad:76:8d:b9:32:2a:3e:73:df:58:50:bc:f3:00:78:f8:7c:
cb:a9:12:3f:8a:e8:17:e7:69:cd:b8:0d:d1:63:d0:10:56:ca:
05:09:df:90:0f:e4:c4:07:33:e8:dd:01:6e:12:3d:f3:c7:20:
38:00:ed:0e:66:36:c5:cc:b1:aa:95:28:a0:d2:7c:08:de:06:
67:32:7f:97:32:fd:d1:bb:c5:1a:f1:d2:4f:91:7c:ae:7a:71:
25:ab:86:d0:6b:67:f5:ba:ba:50:54:c5:03:57:28:ec:d8:47:
36:07:a5:0d:86:98:25:e2:97:78:bb:cb:f4:41:a3:78:c1:a5:
79:df:03:5f:ff:b1:f9:f3:a1:ab:ad:5e:c3:0e:eb:ec:25:78:
e7:17:9f:a4:37:a3:67:e9:1d:bd:d0:41:74:06:90:e3:d4:9b:
f3:41:9f:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/D0JXFhEcLYl8Jrrzoh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2UwMTY3YmY1ODJjZWNlNDhkNmM2ZDAyOWE4MmNkZTI3
MmE5ZDUwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGFkYzdmYjFlMjViZWQ0YjNlNGYwMTg1NzM3ZmNkZTNjN2E1ZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBg88PapXyTfSv2Lh54/NQvqr0xE
4vCXyKhFe1zdLEOtGatgN4vA3KkXM774a4LmdyuxdF6ClR01PVkUzNklCCcgwYeN
mY7DnVQPPd1BfEWUT45l1P27x4W5FJD6Dymr5E1UBApKCumk36STmaRNzqVa4X42
x3i5cvtZV1dEn7Ho7Nwr1v6WyV2Jc3LdcOT5cL4J20HqMwl+47mJDL5LIjrV9Ipt
WKxsDpd0x9pOdJY8/c+fzQPQxZBPfJXgYFdJ0bURTSKrW4XEMXEa1isDSXwUwUkX
am7tVSdOQ5Rof5rfTH60MOp88FAzLcJkRAgTXSf/alG6aZQUtU47d0jFZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFitx/seJb7Us+TwGFc3/N48el4YMB8GA1UdIwQY
MBaAFN4+AWe/WCzs5I1sbQKags3icqnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2o0Qlo3OVlMT3prald4dEFwcUN6ZUp5cWRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9hNzE1Y2UtNDEwZC00MzkwLThlOGMt
OGIyMzc5ZWJhMTNlLzEvV0szSC14NGx2dFN6NVBBWVZ6Zjgzang2WGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9hNzE1Y2UtNDEwZC00MzkwLThlOGMtOGIyMzc5ZWJhMTNl
LzEvM2o0Qlo3OVlMT3prald4dEFwcUN6ZUp5cWRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86YMA0G
CSqGSIb3DQEBCwUAA4IBAQDnm+p5s8BaOKW5hfYFuaMJ7rnJzCVJmyDGFlmnxSsz
zAqHBplL/aBrCfEDSRSpiQPz7b3j1JFMFMi6PI3ocOp2n/ut6uGOYiVC9GkNjvyJ
xX90ihohpNDzTBkZrXaNuTIqPnPfWFC88wB4+HzLqRI/iugX52nNuA3RY9AQVsoF
Cd+QD+TEBzPo3QFuEj3zxyA4AO0OZjbFzLGqlSig0nwI3gZnMn+XMv3Ru8Ua8dJP
kXyuenElq4bQa2f1urpQVMUDVyjs2Ec2B6UNhpgl4pd4u8v0QaN4waV53wNf/7H5
86GrrV7DDuvsJXjnF5+kN6Nn6R290EF0BpDj1JvzQZ9G
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:19:44 2025 by rpki-client