Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/WkwzoKAp7V8ZhXL1g15aK61O6bQ.roa
File: WkwzoKAp7V8ZhXL1g15aK61O6bQ.roa (raw, json)
Hash identifier: s5hrnFxpg0nBPQ3K+9u43Zz76gYas2owW8dLskXtTU8=
Subject key identifier: 5A:4C:33:A0:A0:29:ED:5F:19:85:72:F5:83:5E:5A:2B:AD:4E:E9:B4
Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial: 019425FBF1DD87F1EE4AC5323FF52EB852D8
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/WkwzoKAp7V8ZhXL1g15aK61O6bQ.roa
Signing time: Thu 02 Jan 2025 07:47:35 +0000
ROA not before: Thu 02 Jan 2025 07:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a01:bb20::/29 maxlen: 29
2a01:bb22::/33 maxlen: 33
2a01:bb22:8000::/33 maxlen: 33
2a01:bb24::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fb:f1:dd:87:f1:ee:4a:c5:32:3f:f5:2e:b8:52:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Validity
Not Before: Jan 2 07:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a4c33a0a029ed5f198572f5835e5a2bad4ee9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:e9:0c:fd:68:79:50:a7:0c:09:64:e2:f0:
6d:75:d3:64:07:c4:03:a3:f8:85:37:fd:4e:4c:24:
a1:26:b8:20:b9:77:a8:da:a7:0b:d2:80:3b:05:3c:
40:f4:04:8e:bf:fc:7f:3e:62:9f:b0:8f:01:05:f2:
f6:59:04:ba:de:89:0f:fd:31:56:58:ba:55:5a:f8:
cf:d4:cd:dc:bf:65:b6:d2:52:07:68:b3:66:e4:3a:
ec:f1:01:b4:6d:e8:fd:fb:43:52:54:50:24:ee:8f:
f2:0a:56:20:e8:80:d5:84:78:76:54:6d:d4:6f:b3:
46:31:81:08:fe:77:d2:af:b4:a3:9f:c7:64:be:a1:
74:05:b7:db:0e:10:36:58:b1:9d:fa:ee:4a:a7:d8:
ab:79:4c:5b:9e:4a:97:a7:e1:1a:88:c7:cf:46:e4:
16:fd:d7:86:5a:11:30:01:de:90:b1:5e:61:fb:a6:
b6:29:2c:d4:c5:6e:9e:43:7d:7e:2b:2d:46:c8:b1:
5a:e4:20:51:8d:ad:7a:1c:0c:01:cb:ba:cf:ec:c1:
12:c5:e8:e8:f8:01:04:b9:ec:9f:00:ff:0d:0f:79:
be:1f:06:44:66:31:8a:5e:f8:77:f2:6f:d4:27:d9:
16:d8:19:88:4f:17:53:6c:25:de:f1:70:7b:6a:b1:
78:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4C:33:A0:A0:29:ED:5F:19:85:72:F5:83:5E:5A:2B:AD:4E:E9:B4
X509v3 Authority Key Identifier:
keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/WkwzoKAp7V8ZhXL1g15aK61O6bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:bb20::/29
Signature Algorithm: sha256WithRSAEncryption
b1:da:22:f5:2b:5c:8f:f2:9b:59:7e:ac:37:41:55:93:46:98:
fa:8c:88:02:77:87:2a:fc:25:e0:1b:83:04:08:83:0e:5c:72:
e9:fd:82:2b:df:ba:24:78:be:22:59:c3:d7:43:0e:fe:84:94:
da:c5:5a:b9:62:56:e1:f1:d0:e2:ea:7e:31:58:f2:2c:89:13:
78:8b:ea:65:f6:35:f8:81:a6:e4:66:0f:7a:79:cd:12:b7:fc:
75:80:e4:e0:52:a8:bf:ad:f0:c8:d3:5f:59:bc:77:07:ef:1d:
09:e6:65:5f:c3:73:0d:cb:54:0c:0c:9d:d6:ee:62:f9:aa:e9:
90:cc:fa:fd:c2:cb:83:74:09:a1:91:8e:f7:bf:5c:ab:cc:1f:
dc:88:7e:10:b5:21:03:55:72:85:89:9c:45:e9:14:b7:47:00:
b2:92:ac:50:43:9b:aa:33:63:2c:29:f0:ed:3d:de:14:b9:ec:
55:fd:19:88:0e:e7:92:e4:72:16:66:77:6f:90:02:d5:35:05:
db:a4:80:dd:05:61:e0:18:12:ef:36:45:fe:2b:37:b8:85:92:
93:24:28:06:fb:2b:6a:31:54:94:e6:54:91:ec:52:ce:d1:2b:
17:1a:cb:f7:f1:fb:a2:d6:3a:ac:62:00:b4:54:5f:a9:21:80:
5d:8d:98:8c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl+/Hdh/HuSsUyP/UuuFLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm
YWJiZGYwHhcNMjUwMTAyMDc0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRjMzNhMGEwMjllZDVmMTk4NTcyZjU4MzVlNWEyYmFkNGVlOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIbpDP1oeVCnDAlk4vBtddNkB8QD
o/iFN/1OTCShJrgguXeo2qcL0oA7BTxA9ASOv/x/PmKfsI8BBfL2WQS63okP/TFW
WLpVWvjP1M3cv2W20lIHaLNm5Drs8QG0bej9+0NSVFAk7o/yClYg6IDVhHh2VG3U
b7NGMYEI/nfSr7Sjn8dkvqF0BbfbDhA2WLGd+u5Kp9ireUxbnkqXp+EaiMfPRuQW
/deGWhEwAd6QsV5h+6a2KSzUxW6eQ31+Ky1GyLFa5CBRja16HAwBy7rP7MESxejo
+AEEueyfAP8ND3m+HwZEZjGKXvh38m/UJ9kW2BmITxdTbCXe8XB7arF4GQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFpMM6CgKe1fGYVy9YNeWiutTum0MB8GA1UdIwQY
MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt
YzYyM2VkOGYyZjI4LzEvV2t3em9LQXA3VjhaaFhMMWcxNWFLNjFPNmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4
LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgG7IDAN
BgkqhkiG9w0BAQsFAAOCAQEAsdoi9Stcj/KbWX6sN0FVk0aY+oyIAneHKvwl4BuD
BAiDDlxy6f2CK9+6JHi+IlnD10MO/oSU2sVauWJW4fHQ4up+MVjyLIkTeIvqZfY1
+IGm5GYPennNErf8dYDk4FKov63wyNNfWbx3B+8dCeZlX8NzDctUDAyd1u5i+arp
kMz6/cLLg3QJoZGO979cq8wf3Ih+ELUhA1VyhYmcRekUt0cAspKsUEObqjNjLCnw
7T3eFLnsVf0ZiA7nkuRyFmZ3b5AC1TUF26SA3QVh4BgS7zZF/is3uIWSkyQoBvsr
ajFUlOZUkexSztErFxrL9/H7otY6rGIAtFRfqSGAXY2YjA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:50:21 2025 by rpki-client