Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/wxRtFa54V_vU8mgLHIqlXUzZMOc.roa
File: wxRtFa54V_vU8mgLHIqlXUzZMOc.roa (raw, json)
Hash identifier: PMULlzIWB9KqtKOtRO+7MsiWSaPQynQGmN9eXMu6mPc=
Subject key identifier: C3:14:6D:15:AE:78:57:FB:D4:F2:68:0B:1C:8A:A5:5D:4C:D9:30:E7
Certificate issuer: /CN=9c620f31b4997c7345bc66b46b43d686bf00931a
Certificate serial: 01942143F1C521FAB8005303D7D63313F948
Authority key identifier: 9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/wxRtFa54V_vU8mgLHIqlXUzZMOc.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20618
IP address blocks: 213.132.0.0/19 maxlen: 19
2a02:4bc0::/29 maxlen: 29
2a02:4bc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f1:c5:21:fa:b8:00:53:03:d7:d6:33:13:f9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c620f31b4997c7345bc66b46b43d686bf00931a
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3146d15ae7857fbd4f2680b1c8aa55d4cd930e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:fd:5d:ea:49:8a:f5:70:bd:46:10:fa:db:
2e:6d:b6:be:36:f0:66:d4:ab:e7:aa:24:e3:79:9e:
55:68:15:ca:8c:8a:8b:62:e3:3e:4f:c5:bd:32:c3:
58:b7:8b:10:9f:1a:c4:2d:5b:fe:3f:8a:83:78:be:
f9:1e:ff:24:fc:0c:1e:f0:53:97:f2:e6:95:a5:a2:
42:5e:ee:c6:35:21:ab:2e:dc:45:19:a8:64:11:b1:
da:b1:5f:cf:d0:af:d6:c8:2d:7b:2a:1a:2d:f7:48:
37:39:0a:75:1c:38:4a:c9:8e:82:da:44:10:f3:9f:
17:fd:b7:06:61:75:05:b7:fc:2c:a5:2a:95:86:91:
c8:24:ef:f8:71:a8:8f:9b:cb:23:cf:90:b2:74:b4:
99:bc:ca:00:53:4a:e4:22:89:0e:25:78:b3:03:f3:
21:66:bd:ae:84:41:eb:4e:c2:ec:36:92:13:ea:c3:
bf:d0:48:74:27:dd:89:a4:0b:f0:17:04:cc:21:3f:
69:7c:07:c1:01:3b:6b:4b:25:85:9a:19:cc:25:f8:
8f:ca:77:de:ba:ee:78:cf:4f:0e:e2:11:4f:ef:f7:
ee:43:f6:70:10:66:f8:aa:c6:11:72:bd:57:a0:05:
4f:06:04:7e:fa:b2:61:04:cb:cb:60:f0:5c:2d:40:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:14:6D:15:AE:78:57:FB:D4:F2:68:0B:1C:8A:A5:5D:4C:D9:30:E7
X509v3 Authority Key Identifier:
keyid:9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/wxRtFa54V_vU8mgLHIqlXUzZMOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/nGIPMbSZfHNFvGa0a0PWhr8Akxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.132.0.0/19
IPv6:
2a02:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:7a:f6:5e:3e:21:6d:09:4e:3f:bb:73:74:02:5a:00:1b:10:
6a:21:1a:4d:42:04:cd:2b:45:87:b3:4f:4e:f7:a5:03:2b:e3:
c5:e0:e2:30:27:32:94:b5:a4:f6:bf:00:da:8e:e6:16:4c:3d:
3c:f4:ba:84:53:33:1e:16:5c:29:a2:82:6f:f6:1f:75:e9:10:
80:65:75:fc:de:6c:d2:b7:95:ef:2a:94:e0:fb:1a:05:39:d8:
b0:f3:e3:7f:d8:32:1c:98:0b:79:b7:00:73:0d:b6:82:f4:c6:
eb:0e:d5:02:22:a9:26:ae:53:cd:5d:52:5e:71:0c:9e:99:4b:
23:2a:8f:71:0c:7a:88:45:5a:fd:89:7b:3d:15:91:7e:a6:06:
40:87:7f:6a:30:e9:6f:93:d8:cb:2a:dc:47:76:d2:b8:65:db:
ed:14:e1:7e:ae:cf:ba:94:51:b0:10:02:84:3c:87:5e:0e:54:
80:1b:11:d4:0a:67:df:1f:cc:4a:55:1e:3f:1f:5d:0d:47:a6:
a6:eb:15:5e:d6:41:4d:d9:c7:f4:51:12:c3:32:24:e5:0d:a5:
13:d4:5e:aa:ec:51:de:50:e5:98:1d:e4:61:7f:3d:18:dd:c0:
35:31:6e:44:e5:c0:65:c3:34:7c:55:2b:80:04:38:9a:af:9b:
39:47:cf:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ/HFIfq4AFMD19YzE/lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjIwZjMxYjQ5OTdjNzM0NWJjNjZiNDZiNDNkNjg2YmYw
MDkzMWEwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzE0NmQxNWFlNzg1N2ZiZDRmMjY4MGIxYzhhYTU1ZDRjZDkzMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq39XepJivVwvUYQ+tsubba+NvBm
1KvnqiTjeZ5VaBXKjIqLYuM+T8W9MsNYt4sQnxrELVv+P4qDeL75Hv8k/Awe8FOX
8uaVpaJCXu7GNSGrLtxFGahkEbHasV/P0K/WyC17Khot90g3OQp1HDhKyY6C2kQQ
858X/bcGYXUFt/wspSqVhpHIJO/4caiPm8sjz5CydLSZvMoAU0rkIokOJXizA/Mh
Zr2uhEHrTsLsNpIT6sO/0Eh0J92JpAvwFwTMIT9pfAfBATtrSyWFmhnMJfiPynfe
uu54z08O4hFP7/fuQ/ZwEGb4qsYRcr1XoAVPBgR++rJhBMvLYPBcLUBgcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMMUbRWueFf71PJoCxyKpV1M2TDnMB8GA1UdIwQY
MBaAFJxiDzG0mXxzRbxmtGtD1oa/AJMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdJUE1iU1pmSE5GdkdhMGEwUFdocjhBa3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84OTI4ZjEtODYxOC00YzE5LTlmM2Qt
NGI4NzkzZGI3NDYwLzEvd3hSdEZhNTRWX3ZVOG1nTEhJcWxYVXpaTU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84OTI4ZjEtODYxOC00YzE5LTlmM2QtNGI4NzkzZGI3NDYw
LzEvbkdJUE1iU1pmSE5GdkdhMGEwUFdocjhBa3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1YQAMA0E
AgACMAcDBQMqAkvAMA0GCSqGSIb3DQEBCwUAA4IBAQBrevZePiFtCU4/u3N0AloA
GxBqIRpNQgTNK0WHs09O96UDK+PF4OIwJzKUtaT2vwDajuYWTD089LqEUzMeFlwp
ooJv9h916RCAZXX83mzSt5XvKpTg+xoFOdiw8+N/2DIcmAt5twBzDbaC9MbrDtUC
IqkmrlPNXVJecQyemUsjKo9xDHqIRVr9iXs9FZF+pgZAh39qMOlvk9jLKtxHdtK4
ZdvtFOF+rs+6lFGwEAKEPIdeDlSAGxHUCmffH8xKVR4/H10NR6am6xVe1kFN2cf0
URLDMiTlDaUT1F6q7FHeUOWYHeRhfz0Y3cA1MW5E5cBlwzR8VSuABDiar5s5R8+z
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:59:59 2025 by rpki-client