Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WCWZ35RVZ9LjSl2NA91K-TSGhx8.roa
File: WCWZ35RVZ9LjSl2NA91K-TSGhx8.roa (raw, json)
Hash identifier: MkRIOis6bRjLrBCGYjALtnUn4oMJbtUzgkpoFGpYgXA=
Subject key identifier: 58:25:99:DF:94:55:67:D2:E3:4A:5D:8D:03:DD:4A:F9:34:86:87:1F
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01904268AC53C33B3A0AA25EEEC40F314D65
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WCWZ35RVZ9LjSl2NA91K-TSGhx8.roa
Signing time: Sun 23 Jun 2024 00:04:34 +0000
ROA not before: Sun 23 Jun 2024 00:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:4268:83ce/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:42:68:ac:53:c3:3b:3a:0a:a2:5e:ee:c4:0f:31:4d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 23 00:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=582599df945567d2e34a5d8d03dd4af93486871f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8f:8e:44:2d:a4:09:5d:43:d8:5f:96:e1:6b:
7b:f1:7b:b1:13:5e:72:30:0c:21:ad:cf:af:cc:05:
87:fe:90:a2:02:6a:d0:39:c0:ad:a9:cb:22:4d:a5:
2d:f2:58:a9:9f:29:3f:4b:3d:65:f4:74:3b:9c:bf:
27:65:74:df:61:22:0b:7a:42:cf:12:d4:6c:35:d8:
47:7e:d0:8c:ea:74:f7:ed:30:f4:8e:d0:e9:71:72:
e1:fd:2e:7e:b0:0c:e8:0f:29:1f:84:6c:50:cf:cf:
55:75:c4:12:a5:0f:b8:75:09:34:6f:83:7b:04:a6:
43:bd:d1:7e:35:7b:cb:dd:57:79:70:91:a9:cd:a9:
d7:80:0f:eb:5f:0d:32:09:4a:53:0c:eb:28:00:6f:
ae:9a:18:e5:63:70:e3:f3:30:8b:7c:46:e4:82:8b:
fd:cf:22:0a:42:c3:f8:01:39:8b:14:21:90:76:37:
9a:17:66:34:16:5a:05:06:9f:b4:08:43:d9:d0:24:
bc:e3:e7:4f:eb:22:73:4e:de:e6:c2:9e:4c:b4:ab:
4b:73:91:14:d3:0a:44:17:c4:51:21:af:44:2f:c5:
16:ed:6a:81:ba:0f:0e:55:c5:17:b3:5c:6d:cb:86:
16:20:34:80:cd:25:86:be:a0:b8:9d:36:62:1d:db:
65:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:25:99:DF:94:55:67:D2:E3:4A:5D:8D:03:DD:4A:F9:34:86:87:1F
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WCWZ35RVZ9LjSl2NA91K-TSGhx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:65:1d:cf:6d:5e:f0:2d:50:c7:07:9a:73:de:71:1d:7d:c3:
5b:78:bb:41:49:86:9d:ab:79:55:05:8d:5c:01:03:57:9c:99:
e1:e1:93:b5:39:17:cc:32:ce:43:a9:97:e0:a5:e1:96:a2:dc:
13:84:45:fe:3e:66:44:81:7b:7c:1b:b7:0d:83:77:79:38:8b:
2e:e7:a3:3c:2c:14:cf:b6:09:f5:55:7d:c0:44:5a:84:51:7d:
8e:5a:8a:f5:fc:d5:3f:2e:d7:46:b7:a4:0b:b5:4e:6d:84:af:
17:fd:c3:84:e8:d8:cb:2a:5e:b5:e3:41:40:61:b1:88:14:4f:
d6:1e:2c:ff:e2:db:cf:1c:89:fa:16:b3:ce:89:3b:96:86:5e:
41:bf:5f:a2:8b:71:8b:6a:36:d7:38:71:9c:5c:af:d5:d6:2a:
53:0f:59:a9:82:ee:8f:14:f7:6f:cd:18:c0:92:dd:5f:69:d4:
49:08:28:ab:9a:1c:0e:e5:41:96:b2:74:7e:6b:50:9a:0d:f7:
ba:95:33:d2:a9:3f:b3:bc:3d:eb:fd:66:83:05:11:f6:b3:2e:
5e:cf:fb:1c:9c:93:64:ce:d0:ce:3f:b9:e3:fd:df:04:ac:d4:
3b:4b:28:58:b5:09:cc:ed:2c:17:2f:81:fb:d6:e6:3e:39:52:
cd:2a:73:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBCaKxTwzs6CqJe7sQPMU1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIzMDAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODI1OTlkZjk0NTU2N2QyZTM0YTVkOGQwM2RkNGFmOTM0ODY4NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4+ORC2kCV1D2F+W4Wt78XuxE15y
MAwhrc+vzAWH/pCiAmrQOcCtqcsiTaUt8lipnyk/Sz1l9HQ7nL8nZXTfYSILekLP
EtRsNdhHftCM6nT37TD0jtDpcXLh/S5+sAzoDykfhGxQz89VdcQSpQ+4dQk0b4N7
BKZDvdF+NXvL3Vd5cJGpzanXgA/rXw0yCUpTDOsoAG+umhjlY3Dj8zCLfEbkgov9
zyIKQsP4ATmLFCGQdjeaF2Y0FloFBp+0CEPZ0CS84+dP6yJzTt7mwp5MtKtLc5EU
0wpEF8RRIa9EL8UW7WqBug8OVcUXs1xty4YWIDSAzSWGvqC4nTZiHdtl7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFglmd+UVWfS40pdjQPdSvk0hocfMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV0NXWjM1UlZaOUxqU2wyTkE5MUstVFNHaHg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH9lHc9tXvAtUMcHmnPe
cR19w1t4u0FJhp2reVUFjVwBA1ecmeHhk7U5F8wyzkOpl+Cl4Zai3BOERf4+ZkSB
e3wbtw2Dd3k4iy7nozwsFM+2CfVVfcBEWoRRfY5aivX81T8u10a3pAu1Tm2Erxf9
w4To2MsqXrXjQUBhsYgUT9YeLP/i288cifoWs86JO5aGXkG/X6KLcYtqNtc4cZxc
r9XWKlMPWamC7o8U92/NGMCS3V9p1EkIKKuaHA7lQZaydH5rUJoN97qVM9KpP7O8
Pev9ZoMFEfazLl7P+xyck2TO0M4/ueP93wSs1DtLKFi1CcztLBcvgfvW5j45Us0q
cxE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:14:32 2025 by rpki-client