Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/wW2KE3gY8QjEsnXJFmwHDL7WH6g.roa
File: wW2KE3gY8QjEsnXJFmwHDL7WH6g.roa (raw, json)
Hash identifier: rYujNDXyFY6K7NmLNp1LWeOiCz0Qh+l0K7mCOQxVp3c=
Subject key identifier: C1:6D:8A:13:78:18:F1:08:C4:B2:75:C9:16:6C:07:0C:BE:D6:1F:A8
Certificate issuer: /CN=a5a1eabafe2de7038227a8593a7ac5cc392f374e
Certificate serial: 019425FDD8BF6C655AB0E4C9549A6F2E0024
Authority key identifier: A5:A1:EA:BA:FE:2D:E7:03:82:27:A8:59:3A:7A:C5:CC:39:2F:37:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/wW2KE3gY8QjEsnXJFmwHDL7WH6g.roa
Signing time: Thu 02 Jan 2025 07:49:40 +0000
ROA not before: Thu 02 Jan 2025 07:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12952
IP address blocks: 185.118.128.0/24 maxlen: 24
185.118.129.0/24 maxlen: 24
185.118.130.0/24 maxlen: 24
185.118.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d8:bf:6c:65:5a:b0:e4:c9:54:9a:6f:2e:00:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a1eabafe2de7038227a8593a7ac5cc392f374e
Validity
Not Before: Jan 2 07:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c16d8a137818f108c4b275c9166c070cbed61fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:46:7b:8b:03:9c:52:57:69:e2:ec:cf:36:be:
df:a6:9c:72:6c:a2:fa:86:5a:e7:52:22:6f:b6:1f:
c1:f7:93:b3:78:85:77:94:f0:9b:a3:35:fc:63:32:
82:bf:cb:e6:db:21:22:cb:6a:35:4f:89:8a:7b:c1:
7a:7a:dd:1b:47:1a:b8:91:db:80:16:a4:b5:a5:50:
d9:3b:85:19:33:ae:2f:52:e0:92:c4:0c:a7:b3:04:
f5:3f:1e:32:a0:53:b5:07:e3:1a:9e:97:95:bb:da:
b2:8e:bb:1d:09:3a:9b:8c:44:4b:b2:77:21:6f:24:
d0:1c:3c:fa:05:ca:c7:94:19:d5:a6:0f:c0:86:d7:
07:fd:d6:17:a6:d0:9f:e3:b4:c8:1f:d4:69:87:9d:
9a:5f:94:4b:e7:42:63:cd:c6:b6:7a:22:78:8c:84:
d5:bb:7b:57:fd:17:ee:18:24:eb:c8:01:b0:60:88:
ba:fd:2d:aa:a5:67:f6:c9:9e:f2:77:bf:ef:1a:0b:
9f:73:e1:88:0e:f1:b0:2c:1a:96:04:7a:2c:66:9f:
25:8c:41:84:ee:a0:18:49:22:9e:5c:47:cc:93:67:
67:14:c7:e9:f8:ff:e1:dc:bf:2c:21:88:9b:69:77:
4a:1a:cf:9b:aa:46:fc:52:6a:4a:4e:6e:5e:c5:ff:
1a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6D:8A:13:78:18:F1:08:C4:B2:75:C9:16:6C:07:0C:BE:D6:1F:A8
X509v3 Authority Key Identifier:
keyid:A5:A1:EA:BA:FE:2D:E7:03:82:27:A8:59:3A:7A:C5:CC:39:2F:37:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/wW2KE3gY8QjEsnXJFmwHDL7WH6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/paHquv4t5wOCJ6hZOnrFzDkvN04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.128.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:8f:90:d1:77:d8:d4:71:8f:0e:20:30:67:19:c6:2d:73:91:
da:18:9f:69:81:f0:a5:80:6b:9e:6e:89:8b:59:57:fc:bf:c7:
e3:bc:b0:81:ba:32:9c:d9:ac:e7:b6:1e:40:ec:b5:7f:04:7e:
75:1c:01:0c:82:0d:14:ea:51:e8:ca:f5:58:bd:30:7a:81:a3:
74:be:22:a9:28:65:74:a0:59:4c:26:94:25:9b:64:d4:c1:ff:
d7:66:1f:08:af:2e:31:a1:c5:28:00:59:91:e1:62:0e:a8:19:
94:fe:bd:91:12:17:89:6b:ba:03:d2:ea:2e:33:82:ed:95:14:
ad:1b:6d:e4:eb:f7:dc:0e:f5:3f:6d:d8:0b:3e:27:8d:98:e6:
a0:18:74:2a:92:80:2d:82:ba:42:47:75:bb:74:50:75:d1:aa:
1d:f0:9a:b9:5c:37:82:4d:c1:07:84:92:64:10:a3:db:d3:fa:
f7:69:42:b4:e7:6a:47:f1:e7:61:40:98:8d:58:8d:eb:af:4a:
4c:f3:80:c4:cb:08:06:ab:8e:29:8c:36:7e:d6:b6:dd:44:43:
42:e6:19:b6:01:8b:d9:56:87:3f:6f:fb:fb:1b:24:63:cf:2a:
3f:e5:2a:5b:6e:30:e7:e2:37:37:6c:e1:d8:e8:23:89:34:92:
3a:35:80:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/di/bGVasOTJVJpvLgAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTFlYWJhZmUyZGU3MDM4MjI3YTg1OTNhN2FjNWNjMzky
ZjM3NGUwHhcNMjUwMTAyMDc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZkOGExMzc4MThmMTA4YzRiMjc1YzkxNjZjMDcwY2JlZDYxZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kZ7iwOcUldp4uzPNr7fppxybKL6
hlrnUiJvth/B95OzeIV3lPCbozX8YzKCv8vm2yEiy2o1T4mKe8F6et0bRxq4kduA
FqS1pVDZO4UZM64vUuCSxAynswT1Px4yoFO1B+ManpeVu9qyjrsdCTqbjERLsnch
byTQHDz6BcrHlBnVpg/AhtcH/dYXptCf47TIH9Rph52aX5RL50Jjzca2eiJ4jITV
u3tX/RfuGCTryAGwYIi6/S2qpWf2yZ7yd7/vGgufc+GIDvGwLBqWBHosZp8ljEGE
7qAYSSKeXEfMk2dnFMfp+P/h3L8sIYibaXdKGs+bqkb8UmpKTm5exf8aoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFtihN4GPEIxLJ1yRZsBwy+1h+oMB8GA1UdIwQY
MBaAFKWh6rr+LecDgieoWTp6xcw5LzdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFIcXV2NHQ1d09DSjZoWk9uckZ6RGt2TjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80ZjRiNGUtMjNjYy00YzNhLTkwYWYt
NGVmMzk1MTRhYTQzLzEvd1cyS0UzZ1k4UWpFc25YSkZtd0hETDdXSDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80ZjRiNGUtMjNjYy00YzNhLTkwYWYtNGVmMzk1MTRhYTQz
LzEvcGFIcXV2NHQ1d09DSjZoWk9uckZ6RGt2TjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXaAMA0G
CSqGSIb3DQEBCwUAA4IBAQBfj5DRd9jUcY8OIDBnGcYtc5HaGJ9pgfClgGuebomL
WVf8v8fjvLCBujKc2aznth5A7LV/BH51HAEMgg0U6lHoyvVYvTB6gaN0viKpKGV0
oFlMJpQlm2TUwf/XZh8Iry4xocUoAFmR4WIOqBmU/r2REheJa7oD0uouM4LtlRSt
G23k6/fcDvU/bdgLPieNmOagGHQqkoAtgrpCR3W7dFB10aod8Jq5XDeCTcEHhJJk
EKPb0/r3aUK052pH8edhQJiNWI3rr0pM84DEywgGq44pjDZ+1rbdRENC5hm2AYvZ
Voc/b/v7GyRjzyo/5SpbbjDn4jc3bOHY6COJNJI6NYBL
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:21:38 2025 by rpki-client