Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/wdcRzGakLe3jtYKRAcXH-gjC00w.roa
File: wdcRzGakLe3jtYKRAcXH-gjC00w.roa (raw, json)
Hash identifier: duKEk5GHM/r1VrV4PFuMXDPuM6unFH0pIjUwPANnOzU=
Subject key identifier: C1:D7:11:CC:66:A4:2D:ED:E3:B5:82:91:01:C5:C7:FA:08:C2:D3:4C
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B6877F23392582A1260BAA88371FB5
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/wdcRzGakLe3jtYKRAcXH-gjC00w.roa
Signing time: Thu 02 Jan 2025 15:51:01 +0000
ROA not before: Thu 02 Jan 2025 15:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200612
IP address blocks: 2.23.168.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:87:7f:23:39:25:82:a1:26:0b:aa:88:37:1f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1d711cc66a42dede3b5829101c5c7fa08c2d34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:26:44:e0:0f:0d:5b:6d:ba:ed:1b:dd:c9:
30:c6:06:b0:58:1b:58:41:c3:2b:1b:cf:00:d4:37:
3a:a8:2d:8a:23:b2:23:a6:81:a0:4e:44:77:ec:2a:
43:8c:fd:a2:52:c8:dc:a8:c2:2b:c9:28:38:e7:1c:
89:c6:31:2c:93:4b:ab:1e:64:35:e9:ff:29:fd:60:
8d:65:6e:34:41:d3:07:0c:b1:7a:35:e9:71:bd:5c:
39:41:10:18:25:19:80:89:4b:15:b0:79:34:44:6e:
06:7e:51:df:5c:c8:cb:0e:b1:56:b4:b9:97:37:c4:
e2:fd:21:41:66:6d:54:17:e0:5b:d1:b9:83:42:0c:
82:e1:24:e8:8d:d2:ba:a6:0d:45:fc:49:5f:17:43:
b4:13:b4:d8:e6:17:a9:80:ee:36:32:c4:e7:c6:c3:
8e:03:3b:3a:18:9c:fd:f9:94:ac:40:f5:71:3f:fc:
b7:36:10:3f:56:f7:8e:a3:08:47:d3:8c:8f:36:6a:
a6:3b:90:f1:22:92:5f:fa:75:9b:2a:34:5e:43:f8:
60:01:1c:f8:1c:86:40:cb:d6:c3:49:8f:46:97:1a:
29:4f:fc:63:6a:21:f5:ef:b3:b3:e0:02:a0:ca:0c:
f5:54:bc:39:fe:bb:ee:70:97:a6:0d:e4:60:2f:90:
06:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D7:11:CC:66:A4:2D:ED:E3:B5:82:91:01:C5:C7:FA:08:C2:D3:4C
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/wdcRzGakLe3jtYKRAcXH-gjC00w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.23.168.0/22
Signature Algorithm: sha256WithRSAEncryption
08:15:06:dc:a3:a6:d2:29:8a:07:16:88:dd:af:b4:e6:e7:12:
cf:70:ac:e6:af:9b:3f:0b:89:49:20:c2:fd:76:2f:6f:e4:6e:
57:90:49:16:4d:f8:ab:6c:46:f5:6a:ff:ef:29:e2:f8:41:9f:
3f:2a:cd:8c:d6:a2:b5:81:9e:2f:09:04:a7:9c:b5:5d:83:f7:
27:0c:a6:d4:7a:f1:4a:fb:4e:b2:91:bd:7d:fe:c2:98:f4:b5:
39:21:c3:23:07:5c:52:83:0a:6b:71:87:a0:f5:af:e5:a6:4d:
61:48:7a:d9:2e:7f:af:f1:71:43:26:16:a1:44:8d:f1:f6:e8:
a5:14:a2:ac:da:88:6c:d4:28:6d:da:e0:65:36:1a:8e:d1:91:
80:99:be:e9:cc:17:6d:ef:d4:09:58:75:2c:9c:87:14:ca:a4:
14:81:6b:4d:0b:33:1b:b3:14:2f:d1:7e:47:9f:81:c5:5d:24:
5c:b7:6f:54:e3:87:67:ff:6c:cc:8b:c1:bb:bb:29:9d:da:e4:
cd:b2:3c:46:c8:12:af:00:e8:53:c5:62:da:5a:d2:47:19:c8:
69:26:38:94:96:0c:28:53:b8:90:bd:29:00:3b:c5:70:cf:51:
b3:3a:2a:7b:d6:a2:08:30:46:9a:6c:65:51:d1:ba:f2:d4:c5:
19:ab:67:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntod/IzklgqEmC6qINx+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQ3MTFjYzY2YTQyZGVkZTNiNTgyOTEwMWM1YzdmYTA4YzJkMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL4mROAPDVttuu0b3ckwxgawWBtY
QcMrG88A1Dc6qC2KI7IjpoGgTkR37CpDjP2iUsjcqMIrySg45xyJxjEsk0urHmQ1
6f8p/WCNZW40QdMHDLF6NelxvVw5QRAYJRmAiUsVsHk0RG4GflHfXMjLDrFWtLmX
N8Ti/SFBZm1UF+Bb0bmDQgyC4STojdK6pg1F/ElfF0O0E7TY5hepgO42MsTnxsOO
Azs6GJz9+ZSsQPVxP/y3NhA/VveOowhH04yPNmqmO5DxIpJf+nWbKjReQ/hgARz4
HIZAy9bDSY9GlxopT/xjaiH177Oz4AKgygz1VLw5/rvucJemDeRgL5AGnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHXEcxmpC3t47WCkQHFx/oIwtNMMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvd2RjUnpHYWtMZTNqdFlLUkFjWEgtZ2pDMDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAheoMA0G
CSqGSIb3DQEBCwUAA4IBAQAIFQbco6bSKYoHFojdr7Tm5xLPcKzmr5s/C4lJIML9
di9v5G5XkEkWTfirbEb1av/vKeL4QZ8/Ks2M1qK1gZ4vCQSnnLVdg/cnDKbUevFK
+06ykb19/sKY9LU5IcMjB1xSgwprcYeg9a/lpk1hSHrZLn+v8XFDJhahRI3x9uil
FKKs2ohs1Cht2uBlNhqO0ZGAmb7pzBdt79QJWHUsnIcUyqQUgWtNCzMbsxQv0X5H
n4HFXSRct29U44dn/2zMi8G7uymd2uTNsjxGyBKvAOhTxWLaWtJHGchpJjiUlgwo
U7iQvSkAO8Vwz1GzOip71qIIMEaabGVR0bry1MUZq2de
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:25:05 2025 by rpki-client