Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/54fd84-6e96-47b2-97a5-f2b556ed6990/1/whcvZpTpzvlbrJt7O3nmd0nRfXA.roa
File: whcvZpTpzvlbrJt7O3nmd0nRfXA.roa (raw, json)
Hash identifier: uHBrfBFZVuPLEmFMxJBXGMMbHMabPdSiEixhmy3o8Bs=
Subject key identifier: C2:17:2F:66:94:E9:CE:F9:5B:AC:9B:7B:3B:79:E6:77:49:D1:7D:70
Certificate issuer: /CN=5a8655ebf944500025a5f075ba7bde641584fda6
Certificate serial: 019428268C8465E3F6EA25101A498E640724
Authority key identifier: 5A:86:55:EB:F9:44:50:00:25:A5:F0:75:BA:7B:DE:64:15:84:FD:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WoZV6_lEUAAlpfB1unveZBWE_aY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/54fd84-6e96-47b2-97a5-f2b556ed6990/1/whcvZpTpzvlbrJt7O3nmd0nRfXA.roa
Signing time: Thu 02 Jan 2025 17:53:22 +0000
ROA not before: Thu 02 Jan 2025 17:53:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212274
IP address blocks: 195.144.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:8c:84:65:e3:f6:ea:25:10:1a:49:8e:64:07:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a8655ebf944500025a5f075ba7bde641584fda6
Validity
Not Before: Jan 2 17:53:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2172f6694e9cef95bac9b7b3b79e67749d17d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:0d:28:b3:d5:9e:07:0c:d9:fe:2b:84:54:
65:92:a1:1b:bd:a7:c8:41:0e:73:5d:04:bc:c2:a5:
82:94:7a:5c:e3:22:a7:1a:3f:61:ce:61:1a:1f:e5:
19:2a:45:c3:aa:f6:db:84:de:c8:cd:61:92:a2:3a:
cb:0c:e5:26:ec:93:04:45:fc:62:ff:0d:41:6e:15:
b5:e3:aa:22:86:a6:d1:66:d5:85:31:de:3e:8a:5a:
07:cf:d3:4a:da:08:5f:06:af:6c:bd:ba:c6:b1:82:
11:68:9e:92:81:2d:db:46:f7:94:05:d8:3f:79:a5:
d8:08:21:7d:70:26:cc:5b:fc:8a:4d:72:22:60:74:
9a:01:61:a0:a3:d3:08:f3:09:f3:90:a0:4b:90:5b:
6b:27:e5:53:04:e1:0b:2e:b8:a2:16:82:a9:e1:0a:
c6:56:b1:3c:57:90:af:9f:f7:e8:7e:a3:71:fa:50:
3b:ce:2d:21:b2:5f:ff:55:be:7e:b5:10:e1:98:8a:
ed:34:ea:5c:58:48:93:1e:26:62:a5:5b:c7:be:6d:
2f:31:4e:5d:0f:77:94:b3:c6:f4:4e:d8:4d:65:8e:
b8:1d:67:87:54:bb:af:d9:85:c2:e6:b6:1a:fc:8a:
c6:89:71:07:57:ea:82:47:51:06:f7:26:df:99:83:
3d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:17:2F:66:94:E9:CE:F9:5B:AC:9B:7B:3B:79:E6:77:49:D1:7D:70
X509v3 Authority Key Identifier:
keyid:5A:86:55:EB:F9:44:50:00:25:A5:F0:75:BA:7B:DE:64:15:84:FD:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WoZV6_lEUAAlpfB1unveZBWE_aY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/54fd84-6e96-47b2-97a5-f2b556ed6990/1/whcvZpTpzvlbrJt7O3nmd0nRfXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/54fd84-6e96-47b2-97a5-f2b556ed6990/1/WoZV6_lEUAAlpfB1unveZBWE_aY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:36:fa:b0:a5:60:5d:4a:f8:e3:6b:0a:8f:ce:7b:40:60:91:
1d:69:d6:ce:d4:07:06:a4:55:1b:c4:20:15:6a:85:df:04:24:
cd:a4:bb:56:e3:ff:35:7e:b9:48:ea:97:b0:16:72:88:d4:e8:
43:60:7f:74:a7:ee:14:26:e6:8e:47:ad:f5:37:31:4d:63:11:
7b:4f:47:c6:e0:77:00:d0:2a:be:99:30:0e:8e:22:67:40:5a:
6b:d1:79:ad:5a:ab:6e:8b:b7:b3:c3:32:6b:fc:d6:db:23:8d:
f6:5e:22:d3:61:6b:d4:9f:02:dd:e2:fc:ff:d6:83:22:b8:45:
35:3e:37:f2:61:69:24:0e:9b:79:21:a3:66:7a:8f:5b:43:67:
c9:fe:55:ba:ed:5d:98:d9:9a:8e:8a:14:d0:ff:1e:ad:e5:34:
27:7f:3b:7d:28:fb:89:48:91:15:ee:ed:49:c3:17:04:9c:01:
1c:8f:3c:03:08:9b:35:19:e4:04:82:b6:13:12:b4:05:74:f2:
71:9c:ff:f6:2b:c0:c9:ba:b4:98:29:b6:a9:f6:fb:e6:e0:25:
57:65:cf:28:57:cb:a3:3a:44:2e:31:87:d6:b6:73:e8:c9:11:
60:92:1c:09:4c:78:79:dd:17:8a:18:f8:3b:67:3f:36:ea:11:
9b:b6:0b:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJoyEZeP26iUQGkmOZAckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhODY1NWViZjk0NDUwMDAyNWE1ZjA3NWJhN2JkZTY0MTU4
NGZkYTYwHhcNMjUwMTAyMTc1MzIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjE3MmY2Njk0ZTljZWY5NWJhYzliN2IzYjc5ZTY3NzQ5ZDE3ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDINKLPVngcM2f4rhFRlkqEbvafI
QQ5zXQS8wqWClHpc4yKnGj9hzmEaH+UZKkXDqvbbhN7IzWGSojrLDOUm7JMERfxi
/w1BbhW146oihqbRZtWFMd4+iloHz9NK2ghfBq9svbrGsYIRaJ6SgS3bRveUBdg/
eaXYCCF9cCbMW/yKTXIiYHSaAWGgo9MI8wnzkKBLkFtrJ+VTBOELLriiFoKp4QrG
VrE8V5Cvn/fofqNx+lA7zi0hsl//Vb5+tRDhmIrtNOpcWEiTHiZipVvHvm0vMU5d
D3eUs8b0TthNZY64HWeHVLuv2YXC5rYa/IrGiXEHV+qCR1EG9ybfmYM9+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIXL2aU6c75W6ybezt55ndJ0X1wMB8GA1UdIwQY
MBaAFFqGVev5RFAAJaXwdbp73mQVhP2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV29aVjZfbEVVQUFscGZCMXVudmVaQldFX2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC81NGZkODQtNmU5Ni00N2IyLTk3YTUt
ZjJiNTU2ZWQ2OTkwLzEvd2hjdlpwVHB6dmxickp0N08zbm1kMG5SZlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC81NGZkODQtNmU5Ni00N2IyLTk3YTUtZjJiNTU2ZWQ2OTkw
LzEvV29aVjZfbEVVQUFscGZCMXVudmVaQldFX2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5AQMA0G
CSqGSIb3DQEBCwUAA4IBAQCaNvqwpWBdSvjjawqPzntAYJEdadbO1AcGpFUbxCAV
aoXfBCTNpLtW4/81frlI6pewFnKI1OhDYH90p+4UJuaOR631NzFNYxF7T0fG4HcA
0Cq+mTAOjiJnQFpr0XmtWqtui7ezwzJr/NbbI432XiLTYWvUnwLd4vz/1oMiuEU1
PjfyYWkkDpt5IaNmeo9bQ2fJ/lW67V2Y2ZqOihTQ/x6t5TQnfzt9KPuJSJEV7u1J
wxcEnAEcjzwDCJs1GeQEgrYTErQFdPJxnP/2K8DJurSYKbap9vvm4CVXZc8oV8uj
OkQuMYfWtnPoyRFgkhwJTHh53ReKGPg7Zz826hGbtgts
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:55:32 2025 by rpki-client