Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WGckarb0HwAUBHlBta8iRiXXLg0.roa
File: WGckarb0HwAUBHlBta8iRiXXLg0.roa (raw, json)
Hash identifier: sOFhmSphRIhNK43RFImV44dP/VOn1U+gmZdHSwc64ps=
Subject key identifier: 58:67:24:6A:B6:F4:1F:00:14:04:79:41:B5:AF:22:46:25:D7:2E:0D
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01952F436D3F6F50C42C0695C670B845BFF4
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WGckarb0HwAUBHlBta8iRiXXLg0.roa
Signing time: Sat 22 Feb 2025 20:05:02 +0000
ROA not before: Sat 22 Feb 2025 20:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:2f42:f25e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2f:43:6d:3f:6f:50:c4:2c:06:95:c6:70:b8:45:bf:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 22 20:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5867246ab6f41f0014047941b5af224625d72e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:da:8c:d1:ea:2d:b1:e6:17:90:e0:a0:fe:
ea:6d:b8:3f:27:9f:c2:72:f0:62:06:3b:59:9e:2a:
33:55:7f:4e:e0:c4:59:4c:7e:a6:e6:98:6e:1e:6a:
67:c4:93:54:ae:d8:13:13:94:4a:ac:2d:80:ae:7e:
c9:ea:3b:d8:e8:d9:88:13:20:00:35:87:12:ea:46:
27:5e:5f:84:f4:b6:6d:b7:39:6b:8b:c1:b9:0f:02:
68:96:d8:6a:23:e4:d8:26:bc:32:1f:52:81:ba:55:
f5:8d:1b:02:a1:88:a7:cf:23:12:b3:93:c8:41:2b:
a8:75:cf:fd:cb:fa:8d:59:cf:66:c9:33:67:20:0d:
95:6e:35:ec:8b:55:76:4d:1f:e8:a6:db:d4:f7:f0:
95:9f:c5:d3:a7:8b:20:15:1c:c8:48:ee:3d:e0:d4:
cc:cf:54:37:72:62:85:b9:eb:a1:09:c4:ed:5c:75:
4c:4c:c4:5d:aa:08:39:e2:50:93:55:c6:75:1e:20:
67:7d:da:51:da:71:b8:3b:ea:f7:50:df:76:59:02:
7c:1a:c9:03:ef:88:36:6a:7d:7f:6b:b5:0f:0d:0f:
fc:81:b1:d4:3a:36:06:f9:d8:77:a4:cd:3b:f5:c3:
43:a9:11:c2:10:3d:ee:e1:bf:67:1d:02:55:6a:8a:
d8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:67:24:6A:B6:F4:1F:00:14:04:79:41:B5:AF:22:46:25:D7:2E:0D
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WGckarb0HwAUBHlBta8iRiXXLg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:2f42:f25e/128
Signature Algorithm: sha256WithRSAEncryption
7c:b0:a0:bb:37:72:0b:6c:32:e3:13:e7:0e:dc:67:23:0f:7d:
fd:d5:fb:b0:63:ae:c8:98:62:3a:8d:0e:d7:03:aa:cc:d7:3f:
fd:97:61:e0:d2:55:82:52:c1:e8:9c:1f:68:6e:14:9b:3d:f4:
14:8e:14:f3:8b:7f:90:91:96:4c:dc:7b:5c:9d:47:cc:ff:3d:
be:0a:66:fc:4f:a5:b6:d1:2c:63:cf:dc:2c:c3:44:50:fc:04:
3d:e0:4a:9e:b3:0c:53:2b:ec:aa:12:90:9d:93:ef:fd:3c:52:
12:d0:a1:49:41:e1:a0:e4:b9:fb:5f:de:75:5b:c9:4a:cf:27:
6f:3c:e1:ac:93:3b:11:21:1e:de:29:78:6f:78:b5:ab:48:1a:
f6:12:a0:6d:ab:9d:b5:8d:40:2f:22:d3:3d:9c:ae:01:7c:d1:
85:00:8b:92:55:d6:2a:d8:d6:e0:45:c3:a6:28:64:ac:f3:28:
60:ef:c1:d8:6c:b5:ff:2b:dd:6c:e9:18:47:f9:0e:de:b4:53:
ab:95:66:67:97:f2:a1:5d:bb:f0:c8:a2:52:c9:23:f4:5a:56:
1b:f5:b4:3a:6d:6c:2f:0f:00:24:4f:34:92:08:5f:9e:4a:05:
c7:17:8c:3a:4f:89:41:4b:4f:8a:77:2e:67:a5:1f:a5:5f:5a:
4b:cd:55:03
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZUvQ20/b1DELAaVxnC4Rb/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjIyMjAwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODY3MjQ2YWI2ZjQxZjAwMTQwNDc5NDFiNWFmMjI0NjI1ZDcyZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskrajNHqLbHmF5DgoP7qbbg/J5/C
cvBiBjtZniozVX9O4MRZTH6m5phuHmpnxJNUrtgTE5RKrC2Arn7J6jvY6NmIEyAA
NYcS6kYnXl+E9LZttzlri8G5DwJolthqI+TYJrwyH1KBulX1jRsCoYinzyMSs5PI
QSuodc/9y/qNWc9myTNnIA2VbjXsi1V2TR/optvU9/CVn8XTp4sgFRzISO494NTM
z1Q3cmKFueuhCcTtXHVMTMRdqgg54lCTVcZ1HiBnfdpR2nG4O+r3UN92WQJ8GskD
74g2an1/a7UPDQ/8gbHUOjYG+dh3pM079cNDqRHCED3u4b9nHQJVaorYwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFhnJGq29B8AFAR5QbWvIkYl1y4NMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV0dja2FyYjBId0FVQkhsQnRhOGlSaVhYTGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVL0LyXjANBgkqhkiG9w0BAQsFAAOCAQEAfLCguzdyC2wy4xPnDtxnIw99
/dX7sGOuyJhiOo0O1wOqzNc//Zdh4NJVglLB6JwfaG4Umz30FI4U84t/kJGWTNx7
XJ1HzP89vgpm/E+lttEsY8/cLMNEUPwEPeBKnrMMUyvsqhKQnZPv/TxSEtChSUHh
oOS5+1/edVvJSs8nbzzhrJM7ESEe3il4b3i1q0ga9hKgbaudtY1ALyLTPZyuAXzR
hQCLklXWKtjW4EXDpihkrPMoYO/B2Gy1/yvdbOkYR/kO3rRTq5VmZ5fyoV278Mii
Uskj9FpWG/W0Om1sLw8AJE80kghfnkoFxxeMOk+JQUtPincuZ6UfpV9aS81VAw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:53:48 2025 by rpki-client