Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/WpU6YXQuNLjYmG3DNjHXEYY5lyE.roa
File: WpU6YXQuNLjYmG3DNjHXEYY5lyE.roa (raw, json)
Hash identifier: l6yPH4xUG3bIWBmY5Lylu2nSn79+vTxNhcVqPmyVtPs=
Subject key identifier: 5A:95:3A:61:74:2E:34:B8:D8:98:6D:C3:36:31:D7:11:86:39:97:21
Certificate issuer: /CN=9f6988bbdf625347e9c4a7fc3f4fc63dcee6ab07
Certificate serial: 01942068575A88D9033E0DA0CD510D7101F2
Authority key identifier: 9F:69:88:BB:DF:62:53:47:E9:C4:A7:FC:3F:4F:C6:3D:CE:E6:AB:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2mIu99iU0fpxKf8P0_GPc7mqwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/WpU6YXQuNLjYmG3DNjHXEYY5lyE.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38676
IP address blocks: 2a14:c000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:57:5a:88:d9:03:3e:0d:a0:cd:51:0d:71:01:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6988bbdf625347e9c4a7fc3f4fc63dcee6ab07
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a953a61742e34b8d8986dc33631d71186399721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9b:98:76:98:b0:03:56:41:04:96:7d:a4:df:
d2:55:62:b0:3b:06:d5:59:ef:15:69:57:40:b0:64:
46:3c:5c:a6:47:f9:15:4d:04:21:a5:17:be:c9:3d:
12:a5:07:5a:ef:3d:06:e2:33:ba:75:4e:1f:2a:36:
4c:55:d9:98:05:6b:e4:52:01:cf:8b:d3:e1:cc:af:
ff:b6:33:78:e6:7b:a5:f9:f9:c1:e8:5b:18:59:e9:
8e:db:db:4e:4f:33:eb:86:24:a8:a4:54:44:9c:fa:
47:12:66:85:69:5b:a7:45:57:8a:62:bd:c8:ba:b5:
38:2b:1c:15:4b:69:89:6f:51:d8:2d:36:3d:95:8c:
51:cf:9f:5e:24:d3:3f:72:b1:c2:35:42:f5:57:8c:
d2:be:b0:fc:a1:94:22:80:5b:95:18:a6:fd:b7:ef:
dc:25:53:67:32:73:d8:d0:3c:da:29:ca:b0:f3:77:
ab:21:a6:03:59:4f:ce:55:60:9d:96:f4:a1:32:82:
c1:a9:ab:d0:6c:ef:c8:4d:35:16:77:11:50:a4:1a:
aa:2d:52:c5:c4:c1:53:64:6f:aa:50:ec:d3:cd:5d:
4a:5a:97:fb:a3:85:2f:ff:0b:77:a6:ab:13:73:1e:
5e:ff:f6:04:73:98:b2:46:9c:d1:72:c0:db:8b:1a:
40:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:95:3A:61:74:2E:34:B8:D8:98:6D:C3:36:31:D7:11:86:39:97:21
X509v3 Authority Key Identifier:
keyid:9F:69:88:BB:DF:62:53:47:E9:C4:A7:FC:3F:4F:C6:3D:CE:E6:AB:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2mIu99iU0fpxKf8P0_GPc7mqwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/WpU6YXQuNLjYmG3DNjHXEYY5lyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/84ec37-3241-4758-b04a-842c6875bb40/1/n2mIu99iU0fpxKf8P0_GPc7mqwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c000::/29
Signature Algorithm: sha256WithRSAEncryption
3f:42:68:64:2e:1d:e7:70:8f:fb:0a:f4:5e:c0:b4:c6:51:15:
e2:41:67:2f:60:a1:09:7c:17:96:68:72:6c:fb:b0:cd:09:c8:
82:85:67:1a:e9:4c:1d:8b:7b:91:12:b2:2d:b4:3d:20:d0:4a:
23:cd:fe:af:6f:ff:6b:78:6f:c4:4e:2a:8c:33:06:53:75:30:
ef:9a:2a:0f:c1:6d:85:9b:e2:67:72:12:5a:ac:ca:04:22:a1:
dd:47:e6:81:2b:eb:27:c2:76:21:9c:24:74:29:03:3b:52:5f:
9f:bb:91:1e:14:b3:26:c7:c5:7c:43:16:9a:1e:6b:e5:33:78:
bb:b6:18:9c:41:5d:07:36:b4:69:39:50:e6:4d:22:58:29:61:
81:7a:ea:c9:e6:83:43:37:aa:25:1b:bd:dc:c2:54:84:01:b2:
06:87:f5:73:5d:ca:df:dd:57:da:a1:08:7f:66:87:9c:d2:36:
23:3b:d2:ba:8d:ec:0e:46:cf:c2:6b:ae:1e:c9:0b:c5:2b:b0:
e0:c6:60:a8:ad:30:b6:a8:2e:73:c1:03:f0:8f:3e:96:82:4f:
2f:44:6e:2c:4a:c2:62:4e:20:5f:18:3e:f2:24:ce:ca:6f:43:
f0:d1:64:79:b6:2a:84:0a:d8:08:d6:c9:17:24:b6:2d:a7:1d:
c6:b5:4c:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQgaFdaiNkDPg2gzVENcQHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjk4OGJiZGY2MjUzNDdlOWM0YTdmYzNmNGZjNjNkY2Vl
NmFiMDcwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk1M2E2MTc0MmUzNGI4ZDg5ODZkYzMzNjMxZDcxMTg2Mzk5NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZuYdpiwA1ZBBJZ9pN/SVWKwOwbV
We8VaVdAsGRGPFymR/kVTQQhpRe+yT0SpQda7z0G4jO6dU4fKjZMVdmYBWvkUgHP
i9PhzK//tjN45nul+fnB6FsYWemO29tOTzPrhiSopFREnPpHEmaFaVunRVeKYr3I
urU4KxwVS2mJb1HYLTY9lYxRz59eJNM/crHCNUL1V4zSvrD8oZQigFuVGKb9t+/c
JVNnMnPY0DzaKcqw83erIaYDWU/OVWCdlvShMoLBqavQbO/ITTUWdxFQpBqqLVLF
xMFTZG+qUOzTzV1KWpf7o4Uv/wt3pqsTcx5e//YEc5iyRpzRcsDbixpA3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFqVOmF0LjS42JhtwzYx1xGGOZchMB8GA1UdIwQY
MBaAFJ9piLvfYlNH6cSn/D9Pxj3O5qsHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJtSXU5OWlVMGZweEtmOFAwX0dQYzdtcXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NGVjMzctMzI0MS00NzU4LWIwNGEt
ODQyYzY4NzViYjQwLzEvV3BVNllYUXVOTGpZbUczRE5qSFhFWVk1bHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NGVjMzctMzI0MS00NzU4LWIwNGEtODQyYzY4NzViYjQw
LzEvbjJtSXU5OWlVMGZweEtmOFAwX0dQYzdtcXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhTAADAN
BgkqhkiG9w0BAQsFAAOCAQEAP0JoZC4d53CP+wr0XsC0xlEV4kFnL2ChCXwXlmhy
bPuwzQnIgoVnGulMHYt7kRKyLbQ9INBKI83+r2//a3hvxE4qjDMGU3Uw75oqD8Ft
hZviZ3ISWqzKBCKh3UfmgSvrJ8J2IZwkdCkDO1Jfn7uRHhSzJsfFfEMWmh5r5TN4
u7YYnEFdBza0aTlQ5k0iWClhgXrqyeaDQzeqJRu93MJUhAGyBof1c13K391X2qEI
f2aHnNI2IzvSuo3sDkbPwmuuHskLxSuw4MZgqK0wtqguc8ED8I8+loJPL0RuLErC
Yk4gXxg+8iTOym9D8NFkebYqhArYCNbJFyS2LacdxrVMZA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:11:44 2025 by rpki-client