Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/11e050-c5d5-4a9d-b498-83c168b2c071/1/WhtfNl4kPsvSKKPK4a5edmJqBO0.roa
File: WhtfNl4kPsvSKKPK4a5edmJqBO0.roa (raw, json)
Hash identifier: fLmSne41hG7wjVHW396uQUWjNlIxQRVkrNFvdbSceKE=
Subject key identifier: 5A:1B:5F:36:5E:24:3E:CB:D2:28:A3:CA:E1:AE:5E:76:62:6A:04:ED
Certificate issuer: /CN=041c46fe63d6f8641df608cd21abda3ebc1ae4c7
Certificate serial: 01942748012E739A642239011A3E1FA25592
Authority key identifier: 04:1C:46:FE:63:D6:F8:64:1D:F6:08:CD:21:AB:DA:3E:BC:1A:E4:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BBxG_mPW-GQd9gjNIavaPrwa5Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/11e050-c5d5-4a9d-b498-83c168b2c071/1/WhtfNl4kPsvSKKPK4a5edmJqBO0.roa
Signing time: Thu 02 Jan 2025 13:50:17 +0000
ROA not before: Thu 02 Jan 2025 13:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 2a13:c380::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:01:2e:73:9a:64:22:39:01:1a:3e:1f:a2:55:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=041c46fe63d6f8641df608cd21abda3ebc1ae4c7
Validity
Not Before: Jan 2 13:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a1b5f365e243ecbd228a3cae1ae5e76626a04ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5a:55:e3:1f:77:88:e8:81:88:20:b1:9c:d9:
22:72:d4:10:c1:ea:12:ca:dc:69:d5:d9:87:7d:2f:
2f:79:77:f6:b4:f6:04:ba:dd:68:64:66:ab:99:bc:
55:2d:07:03:f0:61:0d:bb:af:47:18:37:3e:a4:de:
11:c9:52:85:d7:9c:2f:99:2b:fc:8e:b2:2b:54:12:
15:2f:e7:fc:d1:99:1c:bd:7c:b8:6e:ee:40:3c:8b:
e6:e2:db:35:7c:59:7b:60:bc:03:fc:f5:fc:03:d1:
05:7b:0e:69:77:52:a1:f3:fe:13:00:bd:8c:c3:d9:
75:16:da:58:1c:db:f9:91:a9:21:7f:b2:6a:84:2d:
d7:f1:60:34:10:11:8e:b9:a2:4d:11:07:01:e9:27:
3e:10:ff:65:51:a0:e6:45:cb:23:c4:8a:0b:0d:56:
66:1b:af:ba:3c:cd:b1:c1:68:de:bb:7b:16:c1:2b:
46:05:3b:36:c0:81:62:b5:d1:af:8d:d7:a5:c6:a1:
d3:7d:0d:8f:f7:01:77:10:e4:b0:03:c2:cb:59:fa:
30:16:5b:d4:ea:2f:3e:0f:2d:45:9d:e6:de:98:81:
59:af:dd:ba:69:9e:57:b5:f7:e0:3f:d4:f7:27:0c:
a5:ac:67:af:bc:2c:8c:50:df:ea:70:48:de:9b:bd:
4f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1B:5F:36:5E:24:3E:CB:D2:28:A3:CA:E1:AE:5E:76:62:6A:04:ED
X509v3 Authority Key Identifier:
keyid:04:1C:46:FE:63:D6:F8:64:1D:F6:08:CD:21:AB:DA:3E:BC:1A:E4:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BBxG_mPW-GQd9gjNIavaPrwa5Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/11e050-c5d5-4a9d-b498-83c168b2c071/1/WhtfNl4kPsvSKKPK4a5edmJqBO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/11e050-c5d5-4a9d-b498-83c168b2c071/1/BBxG_mPW-GQd9gjNIavaPrwa5Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c380::/32
Signature Algorithm: sha256WithRSAEncryption
5b:f2:b0:ad:fb:19:6c:5c:cd:aa:64:c3:e9:d0:68:68:ce:60:
54:e2:d3:28:b8:c7:6e:75:24:df:0c:78:44:41:32:50:12:94:
14:76:56:69:b4:98:72:4b:d0:5d:8f:ad:11:a6:ca:52:ad:9d:
e1:b1:64:c3:26:4f:1d:00:63:d6:09:e6:fc:d0:ba:4e:62:52:
6c:ad:9f:c0:15:3c:ef:89:06:de:ae:a1:48:18:af:c2:20:49:
23:9e:e6:ec:dc:e7:eb:d1:77:59:69:b1:64:a9:18:79:fc:71:
14:54:53:7f:a0:eb:22:2c:55:b4:d5:a5:46:72:56:e1:02:ed:
0f:77:46:ec:71:6a:f1:03:3f:00:63:36:1a:c3:43:d8:c0:14:
55:8a:5f:33:1b:11:05:f1:40:02:69:0e:9b:78:5a:d3:3a:88:
2b:f9:5e:b1:31:c8:9a:65:13:cf:73:36:72:ae:9d:55:88:8d:
8a:e6:4a:e6:e2:26:74:7b:da:77:70:9c:95:7b:9d:c4:9d:bc:
b5:5d:fa:64:ea:cb:9b:dc:60:a9:b3:e0:86:43:0c:e4:65:45:
b8:e5:23:31:d0:7b:96:2d:ef:bb:bc:96:11:9c:10:41:d5:5e:
b4:c5:2c:1d:07:97:14:24:1d:8c:74:b8:66:7f:6b:b7:a7:ce:
30:e0:83:76
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSAEuc5pkIjkBGj4folWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MWM0NmZlNjNkNmY4NjQxZGY2MDhjZDIxYWJkYTNlYmMx
YWU0YzcwHhcNMjUwMTAyMTM1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFiNWYzNjVlMjQzZWNiZDIyOGEzY2FlMWFlNWU3NjYyNmEwNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1pV4x93iOiBiCCxnNkictQQweoS
ytxp1dmHfS8veXf2tPYEut1oZGarmbxVLQcD8GENu69HGDc+pN4RyVKF15wvmSv8
jrIrVBIVL+f80ZkcvXy4bu5APIvm4ts1fFl7YLwD/PX8A9EFew5pd1Kh8/4TAL2M
w9l1FtpYHNv5kakhf7JqhC3X8WA0EBGOuaJNEQcB6Sc+EP9lUaDmRcsjxIoLDVZm
G6+6PM2xwWjeu3sWwStGBTs2wIFitdGvjdelxqHTfQ2P9wF3EOSwA8LLWfowFlvU
6i8+Dy1FnebemIFZr926aZ5XtffgP9T3JwylrGevvCyMUN/qcEjem71PkQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFobXzZeJD7L0iijyuGuXnZiagTtMB8GA1UdIwQY
MBaAFAQcRv5j1vhkHfYIzSGr2j68GuTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkJ4R19tUFctR1FkOWdqTklhdmFQcndhNU1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMWUwNTAtYzVkNS00YTlkLWI0OTgt
ODNjMTY4YjJjMDcxLzEvV2h0Zk5sNGtQc3ZTS0tQSzRhNWVkbUpxQk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xMWUwNTAtYzVkNS00YTlkLWI0OTgtODNjMTY4YjJjMDcx
LzEvQkJ4R19tUFctR1FkOWdqTklhdmFQcndhNU1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPDgDAN
BgkqhkiG9w0BAQsFAAOCAQEAW/KwrfsZbFzNqmTD6dBoaM5gVOLTKLjHbnUk3wx4
REEyUBKUFHZWabSYckvQXY+tEabKUq2d4bFkwyZPHQBj1gnm/NC6TmJSbK2fwBU8
74kG3q6hSBivwiBJI57m7Nzn69F3WWmxZKkYefxxFFRTf6DrIixVtNWlRnJW4QLt
D3dG7HFq8QM/AGM2GsND2MAUVYpfMxsRBfFAAmkOm3ha0zqIK/lesTHImmUTz3M2
cq6dVYiNiuZK5uImdHvad3CclXudxJ28tV36ZOrLm9xgqbPghkMM5GVFuOUjMdB7
li3vu7yWEZwQQdVetMUsHQeXFCQdjHS4Zn9rt6fOMOCDdg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:57 2025 by rpki-client