Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/eb6866-bb60-4c6f-a00d-c4a77c192af0/1/WL1jNaK3dDMzba-WiCjfnQ1rlls.roa
File: WL1jNaK3dDMzba-WiCjfnQ1rlls.roa (raw, json)
Hash identifier: Qx3rI/5XR6VPAcxanE1apP2pTmDJQZpuNJ+aqY3ExZM=
Subject key identifier: 58:BD:63:35:A2:B7:74:33:33:6D:AF:96:88:28:DF:9D:0D:6B:96:5B
Certificate issuer: /CN=f96a0902bc9853b75ed2db19683ee2f3a2261540
Certificate serial: 0194236A0D1A919E90EA12A4C391F882B0FF
Authority key identifier: F9:6A:09:02:BC:98:53:B7:5E:D2:DB:19:68:3E:E2:F3:A2:26:15:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WoJAryYU7de0tsZaD7i86ImFUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/eb6866-bb60-4c6f-a00d-c4a77c192af0/1/WL1jNaK3dDMzba-WiCjfnQ1rlls.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210821
IP address blocks: 2a14:1900::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0d:1a:91:9e:90:ea:12:a4:c3:91:f8:82:b0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f96a0902bc9853b75ed2db19683ee2f3a2261540
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58bd6335a2b77433336daf968828df9d0d6b965b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ca:70:20:12:dc:e6:b8:13:a8:0f:33:b9:a4:
f6:2e:ee:af:68:31:e1:71:2c:7a:4d:61:40:eb:9d:
2d:ed:fa:33:94:42:d6:97:a2:b8:d4:78:a4:b5:4e:
87:75:d0:1a:66:04:64:e1:99:58:35:9a:2f:af:25:
68:66:43:37:de:3c:5f:08:29:40:4f:37:73:8d:4e:
fc:37:88:6d:d0:60:a7:79:9e:2d:87:0e:1a:c2:a3:
ef:e5:75:e4:51:b2:8b:78:e0:ca:c6:25:e0:2d:ed:
24:61:1d:79:ae:dc:77:98:d0:8a:02:b5:95:6c:98:
4c:a1:ae:32:14:f8:2f:7e:f9:55:1e:ca:28:7c:50:
81:22:de:cd:16:2c:0f:51:d3:6d:68:4d:fd:99:05:
ec:c3:50:73:9b:0c:04:e5:b9:ea:a9:48:c3:2c:8c:
7a:cd:95:32:5d:9b:f2:37:11:e5:4e:de:b7:2e:6d:
09:ed:e9:a3:1b:0f:35:79:5f:3c:13:19:4b:65:26:
30:85:9e:ab:1c:8e:18:86:83:89:78:d5:66:01:ff:
dd:d2:50:5c:cd:a5:2d:08:56:27:57:52:1b:6a:3e:
b8:0d:4c:22:77:e7:39:9f:1c:ab:a5:ce:54:a4:b6:
f9:a0:5c:55:d2:60:76:18:10:51:cd:7d:f8:11:f1:
23:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BD:63:35:A2:B7:74:33:33:6D:AF:96:88:28:DF:9D:0D:6B:96:5B
X509v3 Authority Key Identifier:
keyid:F9:6A:09:02:BC:98:53:B7:5E:D2:DB:19:68:3E:E2:F3:A2:26:15:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WoJAryYU7de0tsZaD7i86ImFUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/eb6866-bb60-4c6f-a00d-c4a77c192af0/1/WL1jNaK3dDMzba-WiCjfnQ1rlls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/eb6866-bb60-4c6f-a00d-c4a77c192af0/1/1-WoJAryYU7de0tsZaD7i86ImFUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1900::/29
Signature Algorithm: sha256WithRSAEncryption
02:98:14:ec:e1:e1:49:be:66:d4:65:97:d9:84:6f:a1:fc:4c:
55:e8:dc:c0:b8:2e:d1:4a:5e:95:81:40:af:e1:63:eb:d8:b0:
ec:68:8b:b6:f9:20:c7:74:f4:49:fc:a2:51:ed:69:6f:c3:93:
99:00:50:df:0d:5c:39:b2:24:05:c8:58:80:d6:01:90:fb:0b:
43:9f:77:8d:57:6a:c0:1c:bf:98:e8:42:36:a6:92:8b:b5:59:
6d:93:24:70:8d:fc:cf:41:7e:20:0b:9f:78:c7:fd:d3:0f:ae:
f3:c1:fe:02:00:50:0b:db:17:64:30:d3:00:bb:84:86:18:ae:
a8:22:a2:91:3a:59:aa:a5:44:4b:4f:d0:23:25:48:6b:5a:e3:
71:e2:b6:5b:51:0e:79:30:32:25:a4:97:42:6d:cb:9a:b3:d8:
d7:44:da:da:7c:3f:8f:d7:ba:12:6e:7c:7d:44:b9:52:92:fb:
b5:61:7c:07:a3:8e:f3:36:42:aa:c5:63:23:bd:70:17:5a:b7:
37:8c:fe:fc:9e:eb:ef:b1:2e:a6:88:46:55:c2:f0:64:07:8d:
e2:cd:1a:8e:d9:03:bf:a7:fb:d5:79:97:45:05:db:d8:c4:49:
a3:64:55:ff:9c:3a:13:10:d9:63:38:e9:e1:6b:05:2f:21:f4:
08:e7:5f:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjag0akZ6Q6hKkw5H4grD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NmEwOTAyYmM5ODUzYjc1ZWQyZGIxOTY4M2VlMmYzYTIy
NjE1NDAwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJkNjMzNWEyYjc3NDMzMzM2ZGFmOTY4ODI4ZGY5ZDBkNmI5NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcpwIBLc5rgTqA8zuaT2Lu6vaDHh
cSx6TWFA650t7fozlELWl6K41HiktU6HddAaZgRk4ZlYNZovryVoZkM33jxfCClA
TzdzjU78N4ht0GCneZ4thw4awqPv5XXkUbKLeODKxiXgLe0kYR15rtx3mNCKArWV
bJhMoa4yFPgvfvlVHsoofFCBIt7NFiwPUdNtaE39mQXsw1BzmwwE5bnqqUjDLIx6
zZUyXZvyNxHlTt63Lm0J7emjGw81eV88ExlLZSYwhZ6rHI4YhoOJeNVmAf/d0lBc
zaUtCFYnV1Ibaj64DUwid+c5nxyrpc5UpLb5oFxV0mB2GBBRzX34EfEjaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFi9YzWit3QzM22vlogo350Na5ZbMB8GA1UdIwQY
MBaAFPlqCQK8mFO3XtLbGWg+4vOiJhVAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Xb0pBcnlZVTdkZTB0c1phRDdpODZJbUZVQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvZWI2ODY2LWJiNjAtNGM2Zi1hMDBk
LWM0YTc3YzE5MmFmMC8xL1dMMWpOYUszZERNemJhLVdpQ2pmblExcmxscy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvZWI2ODY2LWJiNjAtNGM2Zi1hMDBkLWM0YTc3YzE5MmFm
MC8xLzEtV29KQXJ5WVU3ZGUwdHNaYUQ3aTg2SW1GVUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqFBkA
MA0GCSqGSIb3DQEBCwUAA4IBAQACmBTs4eFJvmbUZZfZhG+h/ExV6NzAuC7RSl6V
gUCv4WPr2LDsaIu2+SDHdPRJ/KJR7Wlvw5OZAFDfDVw5siQFyFiA1gGQ+wtDn3eN
V2rAHL+Y6EI2ppKLtVltkyRwjfzPQX4gC594x/3TD67zwf4CAFAL2xdkMNMAu4SG
GK6oIqKROlmqpURLT9AjJUhrWuNx4rZbUQ55MDIlpJdCbcuas9jXRNrafD+P17oS
bnx9RLlSkvu1YXwHo47zNkKqxWMjvXAXWrc3jP78nuvvsS6miEZVwvBkB43izRqO
2QO/p/vVeZdFBdvYxEmjZFX/nDoTENljOOnhawUvIfQI51/8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:23 2025 by rpki-client