Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/wjy1-qmg6rYR0UilXbPOrktmKnc.roa
File: wjy1-qmg6rYR0UilXbPOrktmKnc.roa (raw, json)
Hash identifier: OCHLZL4VOIDtWxajhki14b+EkeW6juZq6cOYKpzs8QI=
Subject key identifier: C2:3C:B5:FA:A9:A0:EA:B6:11:D1:48:A5:5D:B3:CE:AE:4B:66:2A:77
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 01942825560B0209B7F9B188FB5495BBD57A
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/wjy1-qmg6rYR0UilXbPOrktmKnc.roa
Signing time: Thu 02 Jan 2025 17:52:03 +0000
ROA not before: Thu 02 Jan 2025 17:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3209
IP address blocks: 2a01:800::/24 maxlen: 24
2a01:860::/32 maxlen: 32
2a01:860:1::/48 maxlen: 48
2a01:860:2::/48 maxlen: 48
2a01:860:3::/48 maxlen: 48
2a01:860:4::/48 maxlen: 48
2a01:860:5::/48 maxlen: 48
2a01:860:6::/48 maxlen: 48
2a01:860:7::/48 maxlen: 48
2a01:860:8::/48 maxlen: 48
2a01:860:9::/48 maxlen: 48
2a01:860:a::/48 maxlen: 48
2a01:867::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:56:0b:02:09:b7:f9:b1:88:fb:54:95:bb:d5:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 17:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c23cb5faa9a0eab611d148a55db3ceae4b662a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:a1:f2:4e:c5:82:cf:0a:4f:16:b9:71:28:
2c:76:2e:e4:df:3e:f1:34:df:b6:5c:a9:b5:0d:a6:
1c:c2:ae:9d:d3:eb:bc:b8:aa:bc:a3:75:2e:e6:4b:
36:99:ec:dc:d1:77:29:64:f4:51:ec:9b:51:f8:cc:
7c:ed:c9:45:b6:6a:99:67:e3:13:ac:b1:5c:54:2e:
87:da:ee:69:73:34:0b:20:0a:6a:20:28:00:29:fa:
fa:cf:49:34:c1:28:93:3c:86:79:3a:44:2a:11:4c:
35:04:c2:ad:2a:78:cb:3d:87:93:82:db:dd:78:bd:
0d:64:96:88:02:8a:2f:e5:72:f8:7c:da:4b:d1:0e:
59:d5:d2:3d:14:37:0b:c4:76:e8:28:f5:52:31:ad:
ca:9e:d9:29:bb:bf:2e:58:6b:2f:2d:1c:9a:0e:1a:
73:ef:63:e6:29:91:ec:b5:4e:60:89:aa:bc:49:86:
56:a2:08:db:89:83:00:b0:72:b4:72:7b:88:ff:e7:
52:10:29:6d:cb:ab:89:1a:e4:dc:31:6b:f3:7c:59:
48:15:6b:06:a7:fe:6f:23:a8:8d:3f:2f:f9:70:b0:
a9:85:47:d8:60:fd:bd:e5:02:5b:2b:5e:6b:d2:c4:
d6:84:7f:2a:07:ce:96:82:7f:fe:db:4a:2b:91:d9:
e5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3C:B5:FA:A9:A0:EA:B6:11:D1:48:A5:5D:B3:CE:AE:4B:66:2A:77
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/wjy1-qmg6rYR0UilXbPOrktmKnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:800::/24
Signature Algorithm: sha256WithRSAEncryption
bd:fc:a0:f4:c1:fb:67:3f:d9:7b:df:ae:ad:f4:fc:fd:09:29:
4a:3f:a6:b4:3a:15:4f:0b:57:96:27:6d:89:ce:5f:e8:cd:e1:
56:d6:fa:23:8a:1e:47:5d:7a:7a:3b:46:77:a5:5a:8c:6e:c6:
78:ac:0c:2c:0c:aa:72:7d:9a:11:0e:32:2c:61:73:d5:54:a6:
b3:3c:6f:e1:e2:dd:48:ec:37:8b:f1:08:b8:5c:04:05:02:53:
7b:87:65:1d:59:26:5e:7b:8c:ce:32:0a:aa:2b:bf:87:b6:f1:
88:00:8d:07:1f:c6:b8:dc:af:83:3a:2b:64:2b:ce:12:7e:8d:
e5:d6:10:e6:77:b9:41:63:c5:3f:54:ed:44:96:1d:f5:3a:70:
09:d7:f6:e0:b9:10:80:9e:ea:c2:7c:2e:5f:10:1e:39:e4:be:
1f:30:92:4d:8c:aa:63:42:e9:40:f8:f3:46:2d:34:65:fe:9e:
65:e2:b3:e6:86:7a:c4:d5:85:f2:b8:12:8f:7e:1b:b0:50:f8:
4b:26:25:2b:41:6f:7b:63:eb:96:e7:99:c7:05:55:3e:18:2f:
93:23:45:fc:22:b9:94:20:83:ff:be:a7:91:be:95:21:8c:71:
cc:fa:be:7f:87:7f:46:67:79:a8:54:25:1a:3d:9a:20:71:b9:
a8:3f:d8:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJVYLAgm3+bGI+1SVu9V6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwMTAyMTc1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjNjYjVmYWE5YTBlYWI2MTFkMTQ4YTU1ZGIzY2VhZTRiNjYyYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ah8k7Fgs8KTxa5cSgsdi7k3z7x
NN+2XKm1DaYcwq6d0+u8uKq8o3Uu5ks2mezc0XcpZPRR7JtR+Mx87clFtmqZZ+MT
rLFcVC6H2u5pczQLIApqICgAKfr6z0k0wSiTPIZ5OkQqEUw1BMKtKnjLPYeTgtvd
eL0NZJaIAoov5XL4fNpL0Q5Z1dI9FDcLxHboKPVSMa3Kntkpu78uWGsvLRyaDhpz
72PmKZHstU5giaq8SYZWogjbiYMAsHK0cnuI/+dSEClty6uJGuTcMWvzfFlIFWsG
p/5vI6iNPy/5cLCphUfYYP295QJbK15r0sTWhH8qB86Wgn/+20orkdnlewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMI8tfqpoOq2EdFIpV2zzq5LZip3MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvd2p5MS1xbWc2cllSMFVpbFhiUE9ya3RtS25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQAKgEIMA0G
CSqGSIb3DQEBCwUAA4IBAQC9/KD0wftnP9l7366t9Pz9CSlKP6a0OhVPC1eWJ22J
zl/ozeFW1vojih5HXXp6O0Z3pVqMbsZ4rAwsDKpyfZoRDjIsYXPVVKazPG/h4t1I
7DeL8Qi4XAQFAlN7h2UdWSZee4zOMgqqK7+HtvGIAI0HH8a43K+DOitkK84Sfo3l
1hDmd7lBY8U/VO1Elh31OnAJ1/bguRCAnurCfC5fEB455L4fMJJNjKpjQulA+PNG
LTRl/p5l4rPmhnrE1YXyuBKPfhuwUPhLJiUrQW97Y+uW55nHBVU+GC+TI0X8IrmU
IIP/vqeRvpUhjHHM+r5/h39GZ3moVCUaPZogcbmoP9ja
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:40:32 2025 by rpki-client