Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/lwXNaXod425LZYgrYh4gZBb1l7A.roa
File: lwXNaXod425LZYgrYh4gZBb1l7A.roa (raw, json)
Hash identifier: xPJa4H0AiEaccJwObXy0o6a7JoSiYl8+9hHgmFuSLDg=
Subject key identifier: 97:05:CD:69:7A:1D:E3:6E:4B:65:88:2B:62:1E:20:64:16:F5:97:B0
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01942747C9809280DBE6522DFAD5545F7BE0
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/lwXNaXod425LZYgrYh4gZBb1l7A.roa
Signing time: Thu 02 Jan 2025 13:50:03 +0000
ROA not before: Thu 02 Jan 2025 13:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216398
IP address blocks: 2a05:b0c6:a600::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c9:80:92:80:db:e6:52:2d:fa:d5:54:5f:7b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 13:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9705cd697a1de36e4b65882b621e206416f597b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a6:17:78:6a:9c:bd:bc:77:06:67:00:6d:71:
9c:95:80:e3:23:d3:ca:bc:a3:82:7e:94:93:76:a5:
1d:c2:a6:6e:fe:15:5f:fb:ba:73:f2:7d:d1:68:18:
5a:da:a7:79:27:5b:7b:bf:96:81:fe:7e:6a:5e:2c:
61:d6:48:0d:57:2e:49:d2:83:cd:63:32:76:e6:ec:
a9:80:ea:f0:dd:2e:4e:ea:5f:33:29:4d:13:2b:31:
20:e3:80:43:fc:f3:dd:ba:20:a1:7f:52:32:5c:6f:
ee:d0:d6:6a:55:fb:ac:bc:a2:5b:08:34:96:d6:d9:
ec:90:54:62:33:ee:38:48:2f:44:49:96:fe:c6:95:
bb:e9:23:66:a5:9a:3c:71:a0:54:b2:c7:8a:d7:0d:
88:b8:5a:d5:f4:a1:3a:d4:a7:87:cb:b6:98:c1:41:
0f:f6:e1:b1:1c:e8:6a:2c:80:f6:41:d0:f1:5e:76:
d3:4b:ad:49:82:09:ac:ee:d9:66:c1:4d:76:dd:a9:
1a:f7:e1:32:ea:c3:5c:83:ff:a9:72:21:05:c5:4f:
d0:cc:b7:6c:6f:ac:9c:3d:c4:6d:db:3c:f8:06:bc:
d2:b4:e9:39:65:ff:8e:66:58:48:b3:e9:95:13:a0:
68:d9:2e:23:66:d3:d0:f2:9c:a0:2e:14:fb:28:77:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:05:CD:69:7A:1D:E3:6E:4B:65:88:2B:62:1E:20:64:16:F5:97:B0
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/lwXNaXod425LZYgrYh4gZBb1l7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:a600::/39
Signature Algorithm: sha256WithRSAEncryption
83:31:bb:cb:88:78:12:9e:90:ef:73:96:c0:bd:24:70:cf:53:
4e:48:bd:18:a8:f9:47:bb:af:38:78:9c:49:1d:53:96:0b:e7:
e6:e0:93:1a:71:51:48:de:71:d2:cb:9a:f8:f2:3e:30:f2:82:
7a:90:eb:78:eb:5e:28:f6:d2:ac:3b:cf:50:75:06:54:ac:8c:
28:e7:c5:40:63:08:63:80:7c:72:b1:85:20:ac:5e:e2:c4:f8:
4b:4f:86:42:7b:5e:49:b7:a6:d4:cb:a2:de:78:c3:b4:59:99:
40:d5:cb:2f:60:53:8f:e1:94:ae:e1:c9:ff:57:ef:53:ca:ee:
ce:ca:3e:56:62:31:12:e6:6c:fb:cd:82:18:78:48:12:40:99:
20:40:f7:58:6b:08:26:96:e2:6b:bf:e9:fa:6a:17:42:32:2e:
f9:1f:ce:8c:7a:93:f1:06:69:56:25:1e:d8:77:87:92:70:5a:
78:c2:91:fe:b8:22:ac:89:ef:b7:c9:2d:73:43:c4:f8:f9:aa:
17:d8:0f:62:ad:46:e1:3f:d4:8d:ea:7b:ea:33:97:af:0a:e0:
78:d4:31:2f:fa:cb:6f:49:16:11:08:05:8c:e2:f7:62:c4:f3:
b1:45:41:c6:9d:23:9d:47:19:bd:d2:0b:e7:56:72:bb:f9:71:
d0:f7:77:b9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnR8mAkoDb5lIt+tVUX3vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjUwMTAyMTM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA1Y2Q2OTdhMWRlMzZlNGI2NTg4MmI2MjFlMjA2NDE2ZjU5N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aYXeGqcvbx3BmcAbXGclYDjI9PK
vKOCfpSTdqUdwqZu/hVf+7pz8n3RaBha2qd5J1t7v5aB/n5qXixh1kgNVy5J0oPN
YzJ25uypgOrw3S5O6l8zKU0TKzEg44BD/PPduiChf1IyXG/u0NZqVfusvKJbCDSW
1tnskFRiM+44SC9ESZb+xpW76SNmpZo8caBUsseK1w2IuFrV9KE61KeHy7aYwUEP
9uGxHOhqLID2QdDxXnbTS61Jggms7tlmwU123aka9+Ey6sNcg/+pciEFxU/QzLds
b6ycPcRt2zz4BrzStOk5Zf+OZlhIs+mVE6Bo2S4jZtPQ8pygLhT7KHctlQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJcFzWl6HeNuS2WIK2IeIGQW9ZewMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvbHdYTmFYb2Q0MjVMWllnclloNGdaQmIxbDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYBKgWwxqYw
DQYJKoZIhvcNAQELBQADggEBAIMxu8uIeBKekO9zlsC9JHDPU05IvRio+Ue7rzh4
nEkdU5YL5+bgkxpxUUjecdLLmvjyPjDygnqQ63jrXij20qw7z1B1BlSsjCjnxUBj
CGOAfHKxhSCsXuLE+EtPhkJ7Xkm3ptTLot54w7RZmUDVyy9gU4/hlK7hyf9X71PK
7s7KPlZiMRLmbPvNghh4SBJAmSBA91hrCCaW4mu/6fpqF0IyLvkfzox6k/EGaVYl
Hth3h5JwWnjCkf64IqyJ77fJLXNDxPj5qhfYD2KtRuE/1I3qe+ozl68K4HjUMS/6
y29JFhEIBYzi92LE87FFQcadI51HGb3SC+dWcrv5cdD3d7k=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:56:04 2025 by rpki-client