Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WK8JqOWgG8xni67LcqIJa2gLwsw.roa
File: WK8JqOWgG8xni67LcqIJa2gLwsw.roa (raw, json)
Hash identifier: 5maH9f3tD3hrjTJSr3U1OCwnbaKdkzOKOjkuMed86dg=
Subject key identifier: 58:AF:09:A8:E5:A0:1B:CC:67:8B:AE:CB:72:A2:09:6B:68:0B:C2:CC
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01945D000BEE8AE629F1F4BB0A2578F1195E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WK8JqOWgG8xni67LcqIJa2gLwsw.roa
Signing time: Mon 13 Jan 2025 00:11:11 +0000
ROA not before: Mon 13 Jan 2025 00:11:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5d:00:0b:ee:8a:e6:29:f1:f4:bb:0a:25:78:f1:19:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 13 00:11:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58af09a8e5a01bcc678baecb72a2096b680bc2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:68:ac:99:80:c5:9a:9b:86:8f:3a:8e:fa:b7:
50:c0:2c:b8:40:09:e3:07:5c:32:b8:1c:6e:43:f3:
44:22:05:ed:e4:87:13:22:e7:c0:7b:4c:af:32:2f:
0d:ea:42:a0:b7:89:b3:38:7e:91:ea:2e:68:67:a4:
56:32:58:86:6c:b8:e3:ce:60:c9:3e:ea:68:7d:7a:
b4:7d:25:a6:80:8c:33:f2:1a:08:ec:48:01:40:02:
f0:a5:0f:47:04:34:19:29:ef:47:b1:c5:f3:61:87:
35:06:c8:29:b4:63:2b:32:84:ba:77:91:3f:3b:6f:
84:2c:35:59:d7:64:8e:e1:0f:0d:fd:1a:c4:83:a4:
f4:6d:89:a0:67:af:03:22:c4:d1:ef:c8:fd:f6:15:
1b:d0:a6:b7:d6:ab:ad:73:3f:5a:81:39:3c:43:78:
4c:af:5f:bb:de:ca:5b:ab:22:2b:38:e1:37:8b:77:
dc:87:4c:d7:ab:ba:ba:96:5b:be:94:b2:c0:43:c4:
65:47:36:40:1f:29:a3:4d:33:ea:0b:19:5b:03:8e:
ba:93:e3:48:2a:a5:34:0c:48:5e:ea:36:d7:fc:10:
2f:56:df:e7:a5:ef:66:44:32:5b:52:40:ec:d2:ce:
7a:c0:ce:2f:8d:56:23:0e:e0:e0:a7:18:90:9e:22:
7b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AF:09:A8:E5:A0:1B:CC:67:8B:AE:CB:72:A2:09:6B:68:0B:C2:CC
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WK8JqOWgG8xni67LcqIJa2gLwsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
49:10:fb:b9:c2:6b:2d:e0:03:ed:09:9b:6a:dc:13:ce:77:30:
6c:05:20:3c:ca:d8:62:a1:86:70:ac:e4:24:14:71:54:0d:41:
d4:22:2b:ff:9a:1b:41:ec:e7:cd:d2:d7:b3:2b:13:10:d8:d5:
5c:91:d9:49:00:9b:04:ad:78:bb:21:5f:7f:74:b0:63:0d:9a:
f1:fb:13:a1:cc:13:18:4a:f9:75:da:bb:8e:53:3f:bd:20:94:
b0:ec:73:fd:0e:fa:e9:5a:fb:7b:04:4d:9c:2c:e1:01:01:76:
08:aa:bd:13:ce:2b:82:b5:d1:b4:a2:8b:bd:5d:d2:fe:96:51:
83:f3:e8:a7:c6:12:f2:f2:78:0d:dd:a0:a2:60:c4:a7:12:9c:
48:ba:67:9a:fc:cd:4b:44:42:91:59:27:43:2c:51:8b:ba:b2:
8c:aa:95:9d:db:c2:e7:ac:a3:fd:34:7b:7c:c3:c1:ef:f6:e6:
54:4d:32:53:d4:0e:95:be:72:cf:28:83:4b:ae:4f:35:7e:b1:
f1:5e:78:c7:73:41:39:f7:44:45:64:9d:34:a6:cc:46:02:02:
fc:a0:4b:1c:f3:9c:e4:9f:fe:db:5c:a7:ef:5b:ea:a0:49:d0:
2c:81:0a:1e:b1:c0:3e:0f:63:63:3f:d4:dc:95:55:4a:74:03:
dd:f1:1b:cb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRdAAvuiuYp8fS7CiV48RleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTEzMDAxMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGFmMDlhOGU1YTAxYmNjNjc4YmFlY2I3MmEyMDk2YjY4MGJjMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GismYDFmpuGjzqO+rdQwCy4QAnj
B1wyuBxuQ/NEIgXt5IcTIufAe0yvMi8N6kKgt4mzOH6R6i5oZ6RWMliGbLjjzmDJ
PupofXq0fSWmgIwz8hoI7EgBQALwpQ9HBDQZKe9HscXzYYc1BsgptGMrMoS6d5E/
O2+ELDVZ12SO4Q8N/RrEg6T0bYmgZ68DIsTR78j99hUb0Ka31qutcz9agTk8Q3hM
r1+73spbqyIrOOE3i3fch0zXq7q6llu+lLLAQ8RlRzZAHymjTTPqCxlbA466k+NI
KqU0DEhe6jbX/BAvVt/npe9mRDJbUkDs0s56wM4vjVYjDuDgpxiQniJ7pwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFFivCajloBvMZ4uuy3KiCWtoC8LMMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV0s4SnFPV2dHOHhuaTY3TGNxSUphMmdMd3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEASRD7ucJrLeAD7QmbatwTzncw
bAUgPMrYYqGGcKzkJBRxVA1B1CIr/5obQeznzdLXsysTENjVXJHZSQCbBK14uyFf
f3SwYw2a8fsTocwTGEr5ddq7jlM/vSCUsOxz/Q766Vr7ewRNnCzhAQF2CKq9E84r
grXRtKKLvV3S/pZRg/Pop8YS8vJ4Dd2gomDEpxKcSLpnmvzNS0RCkVknQyxRi7qy
jKqVndvC56yj/TR7fMPB7/bmVE0yU9QOlb5yzyiDS65PNX6x8V54x3NBOfdERWSd
NKbMRgIC/KBLHPOc5J/+21yn71vqoEnQLIEKHrHAPg9jYz/U3JVVSnQD3fEbyw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:42:56 2025 by rpki-client