Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WaoxU_sF7-gAP9kF1RdjjfdvyFY.roa
File: WaoxU_sF7-gAP9kF1RdjjfdvyFY.roa (raw, json)
Hash identifier: qCHXoDF5dC7IkNimkzV84pzNnBDGTr1tE2Z3Pe71YLA=
Subject key identifier: 59:AA:31:53:FB:05:EF:E8:00:3F:D9:05:D5:17:63:8D:F7:6F:C8:56
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943E82606EA7EC037AE9138C32B8B31F2E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WaoxU_sF7-gAP9kF1RdjjfdvyFY.roa
Signing time: Tue 07 Jan 2025 02:05:19 +0000
ROA not before: Tue 07 Jan 2025 02:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
2001:67c:64:ffff:0:194:3e82:cdd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3e:82:60:6e:a7:ec:03:7a:e9:13:8c:32:b8:b3:1f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 7 02:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59aa3153fb05efe8003fd905d517638df76fc856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:13:49:4c:9f:78:cc:cf:5e:f7:1e:97:99:3d:
62:55:d7:b4:95:6a:cd:4e:47:6d:dc:ac:24:02:67:
ec:58:0c:93:b5:99:cd:8c:93:c2:ce:17:5c:d9:9c:
cb:d4:b2:d7:3e:73:6e:1b:ad:4f:54:40:84:e5:54:
34:c3:78:f7:ef:3c:99:9f:c4:92:ed:25:a4:75:ab:
0d:94:79:61:6f:23:2d:54:04:76:74:2f:0e:8d:3d:
bf:b3:f2:6d:d2:6e:83:c5:39:df:60:10:28:dd:0f:
fa:cf:f1:ea:ae:4f:e4:c2:38:99:a0:bb:6f:d8:90:
d9:4f:c3:2f:f3:f4:da:4f:30:e5:ce:72:b6:54:c1:
15:2b:12:5d:d9:92:1c:5c:de:7e:d3:a2:ed:7b:98:
0b:b5:6f:d4:4f:c0:b0:cf:82:a4:79:3a:d6:1c:42:
7a:22:43:e6:61:e1:bd:19:8e:e4:35:8b:69:24:71:
d6:d9:88:76:c0:de:bf:13:12:9c:36:7b:7b:a4:5d:
72:66:76:8a:4c:04:2d:7d:4f:8b:ab:8e:4e:a9:6e:
dd:c3:58:33:4a:69:35:5b:57:fc:9d:00:3a:28:46:
85:87:f9:44:8b:f7:5b:b3:86:6c:3e:5e:26:d1:95:
dc:6b:5e:59:97:55:79:ef:de:51:a5:41:fd:40:d6:
55:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AA:31:53:FB:05:EF:E8:00:3F:D9:05:D5:17:63:8D:F7:6F:C8:56
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/WaoxU_sF7-gAP9kF1RdjjfdvyFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
2001:67c:64:ffff:0:194:3e82:cdd/128
Signature Algorithm: sha256WithRSAEncryption
50:ca:d8:6d:3c:e2:26:94:1e:38:0b:d0:f7:05:57:59:39:78:
5e:e2:9d:b1:da:39:ee:b4:62:59:76:9a:73:0b:33:da:34:ad:
ad:b0:e3:39:de:b8:be:34:ca:79:23:ed:8b:c9:4c:a5:d0:dc:
b9:9a:1c:da:af:eb:80:b5:ee:b5:df:cf:ac:dc:1d:b4:2f:98:
c7:70:6f:47:bf:92:7b:62:ae:68:79:10:71:3d:f3:1c:10:97:
5b:a6:90:f4:6b:5e:eb:da:30:24:92:f3:1d:82:58:66:29:fa:
ac:10:31:26:34:57:1e:d4:6a:9e:88:b5:c2:09:c3:ab:7d:fd:
ea:52:89:73:7e:0f:0e:38:45:55:22:38:b6:96:60:8d:6e:b2:
df:f4:f2:14:46:35:be:53:8c:93:aa:38:0a:d9:ab:39:42:1e:
5b:2e:b4:f3:08:9c:d0:0c:9c:d4:1b:4c:f4:b5:97:7a:6c:49:
fb:13:11:08:f7:b8:74:6b:d5:b0:1c:dc:8f:d7:8a:f9:37:50:
4f:39:30:f0:ae:91:6d:81:66:d8:c4:c9:d8:51:2c:19:be:e1:
47:f9:9d:49:b1:4b:bc:4b:45:18:dd:77:35:ff:4e:b5:30:ee:
5b:49:16:6e:c9:37:59:8f:d5:8e:cc:f3:3b:9e:cb:79:0d:5f:
c6:2b:11:cb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQ+gmBup+wDeukTjDK4sx8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA3MDIwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFhMzE1M2ZiMDVlZmU4MDAzZmQ5MDVkNTE3NjM4ZGY3NmZjODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBNJTJ94zM9e9x6XmT1iVde0lWrN
Tkdt3KwkAmfsWAyTtZnNjJPCzhdc2ZzL1LLXPnNuG61PVECE5VQ0w3j37zyZn8SS
7SWkdasNlHlhbyMtVAR2dC8OjT2/s/Jt0m6DxTnfYBAo3Q/6z/Hqrk/kwjiZoLtv
2JDZT8Mv8/TaTzDlznK2VMEVKxJd2ZIcXN5+06Lte5gLtW/UT8Cwz4KkeTrWHEJ6
IkPmYeG9GY7kNYtpJHHW2Yh2wN6/ExKcNnt7pF1yZnaKTAQtfU+Lq45OqW7dw1gz
Smk1W1f8nQA6KEaFh/lEi/dbs4ZsPl4m0ZXca15Zl1V5795RpUH9QNZV3wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFmqMVP7Be/oAD/ZBdUXY433b8hWMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvV2FveFVfc0Y3LWdBUDlrRjFSZGpqZmR2eUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGULA1mgAMRACABBnwAZP//AAABlD6CDN0wDQYJKoZIhvcNAQELBQADggEB
AFDK2G084iaUHjgL0PcFV1k5eF7inbHaOe60Yll2mnMLM9o0ra2w4zneuL40ynkj
7YvJTKXQ3LmaHNqv64C17rXfz6zcHbQvmMdwb0e/kntirmh5EHE98xwQl1umkPRr
XuvaMCSS8x2CWGYp+qwQMSY0Vx7Uap6ItcIJw6t9/epSiXN+Dw44RVUiOLaWYI1u
st/08hRGNb5TjJOqOArZqzlCHlsutPMInNAMnNQbTPS1l3psSfsTEQj3uHRr1bAc
3I/Xivk3UE85MPCukW2BZtjEydhRLBm+4Uf5nUmxS7xLRRjddzX/TrUw7ltJFm7J
N1mP1Y7M8zuey3kNX8YrEcs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:31:38 2025 by rpki-client