Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/WXzwl6dDgLLRTGjEWsJa-Mt4DFY.roa
File: WXzwl6dDgLLRTGjEWsJa-Mt4DFY.roa (raw, json)
Hash identifier: AsvwbpP9IRPmxXb+scTtlP8HJBrFwXPs3woICGrCIxY=
Subject key identifier: 59:7C:F0:97:A7:43:80:B2:D1:4C:68:C4:5A:C2:5A:F8:CB:78:0C:56
Certificate issuer: /CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Certificate serial: 019427481E0A28581645763576B13E601D35
Authority key identifier: 40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/WXzwl6dDgLLRTGjEWsJa-Mt4DFY.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58264
IP address blocks: 94.143.64.0/21 maxlen: 21
185.246.228.0/22 maxlen: 22
2a06:b140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1e:0a:28:58:16:45:76:35:76:b1:3e:60:1d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ee610bdcd23bad2b1192bd45ca8a976d3855da
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=597cf097a74380b2d14c68c45ac25af8cb780c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:99:41:cd:b6:fa:25:96:d8:de:25:17:c3:10:
0f:71:b7:71:a8:14:c5:0c:af:fd:31:c4:48:2f:66:
45:c7:ee:cd:23:7b:fd:55:3c:42:78:18:10:14:8c:
f3:c9:23:fc:2b:61:8a:bb:2d:72:d2:42:3c:c3:b9:
92:8c:ce:a7:72:e4:70:13:50:37:b8:a5:9c:e0:e0:
7b:98:e2:a0:06:51:1a:a0:1a:be:00:0f:f2:bc:e5:
5d:71:4d:f5:47:66:8a:3d:35:9e:cf:e1:fd:39:51:
dd:af:a5:8d:b2:d4:66:ef:21:11:92:7b:7f:63:86:
d6:57:cc:8d:c7:7b:89:11:03:f5:4f:bf:73:95:1b:
00:13:55:c5:43:43:c0:ca:2a:75:77:68:49:78:df:
22:ac:a4:c9:66:55:30:62:74:02:da:c3:1b:ce:92:
7c:72:35:41:43:64:58:7a:17:57:7a:8a:cf:25:22:
05:ee:31:e5:d0:09:07:7e:ad:01:22:17:0d:31:4d:
5b:d5:1d:63:e4:da:b2:a0:98:af:cb:4a:ab:01:6e:
10:2c:9f:ab:78:fe:9c:e8:62:8d:c9:6e:97:90:0f:
6c:e5:18:89:c4:b0:15:d7:52:34:ff:f6:08:9c:ec:
48:1f:09:e4:a3:d8:56:1a:1e:e2:69:62:46:8f:dd:
60:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7C:F0:97:A7:43:80:B2:D1:4C:68:C4:5A:C2:5A:F8:CB:78:0C:56
X509v3 Authority Key Identifier:
keyid:40:EE:61:0B:DC:D2:3B:AD:2B:11:92:BD:45:CA:8A:97:6D:38:55:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO5hC9zSO60rEZK9RcqKl204Vdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/WXzwl6dDgLLRTGjEWsJa-Mt4DFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/5efae5-2c92-40d0-a3b6-a6c17ce82d77/1/QO5hC9zSO60rEZK9RcqKl204Vdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.64.0/21
185.246.228.0/22
IPv6:
2a06:b140::/29
Signature Algorithm: sha256WithRSAEncryption
00:27:88:14:32:e4:16:2c:5b:fc:79:31:1e:9b:b7:c8:31:b0:
e5:be:91:a0:ca:2e:e5:b2:e7:50:4c:35:ff:b4:79:ea:84:8a:
6e:0c:87:9a:15:8e:46:cf:cf:5f:0a:8a:be:ec:97:48:69:e2:
c0:b9:8b:76:fe:e0:ca:83:62:30:d1:b4:24:0d:f8:5b:44:cb:
37:47:42:e6:fd:82:67:8b:e1:a8:f7:ec:7c:2a:a3:77:54:2b:
79:98:3f:7d:ac:20:36:d0:71:8f:48:bc:05:23:ce:ed:eb:1a:
a4:88:6c:d6:0c:1f:cf:76:3f:7a:d6:48:6f:98:78:11:fb:75:
00:7d:23:b7:d7:19:88:55:64:c7:7a:fb:8b:d2:36:1d:db:47:
14:03:31:cd:b4:16:0c:b9:d0:75:55:6c:72:b2:f7:53:5f:92:
9e:be:3c:fd:a4:f1:a8:54:e7:1a:6a:bb:39:92:da:b0:20:31:
4b:8c:ba:bc:b1:e2:a7:7b:3d:a3:cd:a6:a1:9b:c4:15:e2:d3:
d1:d7:8c:a4:28:a9:fc:61:59:a5:8f:50:79:df:52:7c:43:8c:
c6:f8:0d:51:f0:04:b6:6f:b0:89:f8:da:51:38:aa:ae:c9:f9:
98:95:36:1f:47:2e:1a:d7:8c:3a:b2:40:ba:8a:35:7c:9a:ff:
b4:26:f2:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSB4KKFgWRXY1drE+YB01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU2MTBiZGNkMjNiYWQyYjExOTJiZDQ1Y2E4YTk3NmQz
ODU1ZGEwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTdjZjA5N2E3NDM4MGIyZDE0YzY4YzQ1YWMyNWFmOGNiNzgwYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZlBzbb6JZbY3iUXwxAPcbdxqBTF
DK/9McRIL2ZFx+7NI3v9VTxCeBgQFIzzySP8K2GKuy1y0kI8w7mSjM6ncuRwE1A3
uKWc4OB7mOKgBlEaoBq+AA/yvOVdcU31R2aKPTWez+H9OVHdr6WNstRm7yERknt/
Y4bWV8yNx3uJEQP1T79zlRsAE1XFQ0PAyip1d2hJeN8irKTJZlUwYnQC2sMbzpJ8
cjVBQ2RYehdXeorPJSIF7jHl0AkHfq0BIhcNMU1b1R1j5NqyoJivy0qrAW4QLJ+r
eP6c6GKNyW6XkA9s5RiJxLAV11I0//YInOxIHwnko9hWGh7iaWJGj91gLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFl88JenQ4Cy0UxoxFrCWvjLeAxWMB8GA1UdIwQY
MBaAFEDuYQvc0jutKxGSvUXKipdtOFXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYt
YTZjMTdjZTgyZDc3LzEvV1h6d2w2ZERnTExSVEdqRVdzSmEtTXQ0REZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ZWZhZTUtMmM5Mi00MGQwLWEzYjYtYTZjMTdjZTgyZDc3
LzEvUU81aEM5elNPNjByRVpLOVJjcUtsMjA0VmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo9AAwQC
ufbkMA0EAgACMAcDBQMqBrFAMA0GCSqGSIb3DQEBCwUAA4IBAQAAJ4gUMuQWLFv8
eTEem7fIMbDlvpGgyi7lsudQTDX/tHnqhIpuDIeaFY5Gz89fCoq+7JdIaeLAuYt2
/uDKg2Iw0bQkDfhbRMs3R0Lm/YJni+Go9+x8KqN3VCt5mD99rCA20HGPSLwFI87t
6xqkiGzWDB/Pdj961khvmHgR+3UAfSO31xmIVWTHevuL0jYd20cUAzHNtBYMudB1
VWxysvdTX5Kevjz9pPGoVOcaars5ktqwIDFLjLq8seKnez2jzaahm8QV4tPR14yk
KKn8YVmlj1B531J8Q4zG+A1R8AS2b7CJ+NpROKquyfmYlTYfRy4a14w6skC6ijV8
mv+0JvI/
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:53 2025 by rpki-client