Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/WOmDR0gkDYsuG9Soke-w2reYe2g.roa
File: WOmDR0gkDYsuG9Soke-w2reYe2g.roa (raw, json)
Hash identifier: qNbo7JrQ2MwJmZEbIhGXbA+hRsU9tW8mGt+CExNZuso=
Subject key identifier: 58:E9:83:47:48:24:0D:8B:2E:1B:D4:A8:91:EF:B0:DA:B7:98:7B:68
Certificate issuer: /CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Certificate serial: 019423D7C5750F4AF70A4D08209D7B0CBB79
Authority key identifier: 97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/WOmDR0gkDYsuG9Soke-w2reYe2g.roa
Signing time: Wed 01 Jan 2025 21:48:50 +0000
ROA not before: Wed 01 Jan 2025 21:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a0f:4bc0::/29 maxlen: 29
2a0f:5080::/29 maxlen: 29
2a0f:e100::/29 maxlen: 29
2a11:1780::/29 maxlen: 29
2a11:2540::/29 maxlen: 29
2a11:3e40::/29 maxlen: 29
2a11:4100::/29 maxlen: 29
2a11:5480::/29 maxlen: 29
2a11:6640::/29 maxlen: 29
2a12:19c0::/29 maxlen: 29
2a12:2bc0::/29 maxlen: 29
2a12:3940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:c5:75:0f:4a:f7:0a:4d:08:20:9d:7b:0c:bb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Validity
Not Before: Jan 1 21:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58e9834748240d8b2e1bd4a891efb0dab7987b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:95:b5:15:88:dd:88:fe:13:f0:e6:1b:24:19:
4a:fe:d3:cf:2e:c7:e5:dd:63:c0:ff:97:af:3a:0c:
6d:fa:fb:55:ce:1c:4b:fd:bb:fd:5f:7e:1b:32:a9:
9d:9b:e4:52:6e:7c:61:9e:e9:98:e5:4d:72:0f:bf:
95:da:94:d2:a8:50:aa:c5:ef:0a:7c:0b:0c:41:99:
80:c2:35:92:3b:bc:46:9b:83:12:62:30:2d:b7:d9:
c6:00:81:81:20:4b:fd:9c:1d:cb:e7:eb:43:e7:7b:
af:6b:2a:cd:f1:41:2c:44:13:6e:21:81:9e:67:63:
e7:2f:12:be:d9:e7:45:8e:91:c7:60:20:e1:f9:23:
20:bc:51:d6:94:ac:86:2d:5b:84:b0:ee:c0:a7:36:
ee:0c:b7:3a:31:f2:08:46:de:61:54:fd:a3:5a:a8:
5c:63:c8:c1:bc:bf:87:70:44:54:2a:08:d8:32:25:
73:24:08:b9:dd:f7:c3:f0:91:0b:cd:cc:78:d1:83:
53:d3:76:49:08:e3:c6:18:d8:99:cb:68:70:54:62:
a6:05:b8:ab:94:2e:9b:16:db:2e:6b:c9:9f:f0:07:
e5:90:be:27:22:37:44:d1:1c:93:93:f1:5e:fc:46:
ff:cf:08:6f:9b:35:4e:33:71:5e:67:f7:35:e3:0c:
c3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E9:83:47:48:24:0D:8B:2E:1B:D4:A8:91:EF:B0:DA:B7:98:7B:68
X509v3 Authority Key Identifier:
keyid:97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/WOmDR0gkDYsuG9Soke-w2reYe2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4bc0::/29
2a0f:5080::/29
2a0f:e100::/29
2a11:1780::/29
2a11:2540::/29
2a11:3e40::/29
2a11:4100::/29
2a11:5480::/29
2a11:6640::/29
2a12:19c0::/29
2a12:2bc0::/29
2a12:3940::/29
Signature Algorithm: sha256WithRSAEncryption
5b:59:6a:61:74:76:60:a8:00:d1:d9:9a:04:70:ed:21:1f:13:
22:c2:c6:84:f3:3c:b0:b7:e6:f5:de:df:a2:20:51:ba:97:87:
c1:18:53:ed:ab:e6:81:b9:8e:0f:2d:ad:2e:6e:89:57:3d:02:
00:4a:a9:f7:16:f0:26:95:95:26:c2:3b:83:ed:a3:dd:14:9b:
d1:d7:6f:f6:b1:de:2b:9b:76:c3:e2:20:24:34:0e:d0:c9:28:
25:ce:fe:71:4f:40:06:fe:52:fe:87:7c:46:19:c9:97:ce:5d:
43:47:0a:e6:c7:02:40:30:cb:2f:14:b0:cf:e2:3d:29:ca:17:
52:8d:56:e1:86:b3:c0:f6:4c:9d:ec:8a:cf:c6:f3:2c:08:09:
b7:b5:7f:67:95:75:2e:36:c8:08:de:eb:05:f0:e9:75:ee:9a:
d8:69:53:ac:d1:68:25:15:b3:85:9b:a5:4b:74:11:19:44:63:
b2:88:83:da:83:2c:f5:2f:78:b3:fd:c0:7e:59:57:3a:ff:28:
5d:ab:8c:b9:0c:47:ae:c7:13:de:71:ea:e9:07:fa:24:bc:b3:
97:cf:8f:9b:4a:09:3a:f7:03:18:db:f2:e7:1e:2a:19:11:28:
a9:32:3f:d0:09:7a:61:a2:1d:38:98:dd:c0:50:b5:fb:9f:2f:
14:15:cb:10
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQj18V1D0r3Ck0IIJ17DLt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWJmMTRhOGU1NGYxMmRkOGIyNDUzNTNkZjY4M2UxODJh
MDk2YzUwHhcNMjUwMTAxMjE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGU5ODM0NzQ4MjQwZDhiMmUxYmQ0YTg5MWVmYjBkYWI3OTg3YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJW1FYjdiP4T8OYbJBlK/tPPLsfl
3WPA/5evOgxt+vtVzhxL/bv9X34bMqmdm+RSbnxhnumY5U1yD7+V2pTSqFCqxe8K
fAsMQZmAwjWSO7xGm4MSYjAtt9nGAIGBIEv9nB3L5+tD53uvayrN8UEsRBNuIYGe
Z2PnLxK+2edFjpHHYCDh+SMgvFHWlKyGLVuEsO7ApzbuDLc6MfIIRt5hVP2jWqhc
Y8jBvL+HcERUKgjYMiVzJAi53ffD8JELzcx40YNT03ZJCOPGGNiZy2hwVGKmBbir
lC6bFtsua8mf8AflkL4nIjdE0RyTk/Fe/Eb/zwhvmzVOM3FeZ/c14wzDlwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFjpg0dIJA2LLhvUqJHvsNq3mHtoMB8GA1UdIwQY
MBaAFJfr8UqOVPEt2LJFNT32g+GCoJbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUt
MjQwOWFhZDA4MWQyLzEvV09tRFIwZ2tEWXN1RzlTb2tlLXcycmVZZTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUtMjQwOWFhZDA4MWQy
LzEvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUDKg9LwAMF
AyoPUIADBQMqD+EAAwUDKhEXgAMFAyoRJUADBQMqET5AAwUDKhFBAAMFAyoRVIAD
BQMqEWZAAwUDKhIZwAMFAyoSK8ADBQMqEjlAMA0GCSqGSIb3DQEBCwUAA4IBAQBb
WWphdHZgqADR2ZoEcO0hHxMiwsaE8zywt+b13t+iIFG6l4fBGFPtq+aBuY4PLa0u
bolXPQIASqn3FvAmlZUmwjuD7aPdFJvR12/2sd4rm3bD4iAkNA7QySglzv5xT0AG
/lL+h3xGGcmXzl1DRwrmxwJAMMsvFLDP4j0pyhdSjVbhhrPA9kyd7IrPxvMsCAm3
tX9nlXUuNsgI3usF8Ol17prYaVOs0WglFbOFm6VLdBEZRGOyiIPagyz1L3iz/cB+
WVc6/yhdq4y5DEeuxxPecerpB/okvLOXz4+bSgk69wMY2/LnHioZESipMj/QCXph
oh04mN3AULX7ny8UFcsQ
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:56:00 2025 by rpki-client