Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/uKEXcLvlKTVb5fugJRXlgh4NZbI.roa
File: uKEXcLvlKTVb5fugJRXlgh4NZbI.roa (raw, json)
Hash identifier: Q+EZQS5nTsA2g+hVsDC5gOzlSeLbLqqz2CqPN8yRMIc=
Subject key identifier: B8:A1:17:70:BB:E5:29:35:5B:E5:FB:A0:25:15:E5:82:1E:0D:65:B2
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019470A0632FB986C206A64A147DA0C46129
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/uKEXcLvlKTVb5fugJRXlgh4NZbI.roa
Signing time: Thu 16 Jan 2025 19:39:06 +0000
ROA not before: Thu 16 Jan 2025 19:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215420
IP address blocks: 2a13:d1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:a0:63:2f:b9:86:c2:06:a6:4a:14:7d:a0:c4:61:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 16 19:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8a11770bbe529355be5fba02515e5821e0d65b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d0:9e:84:c7:bb:33:1e:6a:bf:15:23:c8:7c:
e0:c3:ee:df:7d:1d:b0:6e:b0:3b:5c:5d:38:f7:07:
06:aa:89:df:3a:37:bc:84:1e:0c:bc:cc:32:4a:ce:
1e:ee:49:11:bc:1b:78:57:d3:2d:ed:4b:6c:53:cf:
67:b3:57:aa:b6:fd:24:36:a2:fc:1f:7f:16:58:38:
e6:06:cd:55:03:9d:a5:af:b5:dc:c1:42:b8:3d:6d:
bb:80:c2:ff:77:eb:b7:9e:54:05:78:bb:fc:94:ba:
28:1e:c8:b5:b5:c9:30:94:f4:9a:6b:93:b1:b5:3c:
1b:6b:ba:45:25:a7:60:6a:3c:f9:61:d5:10:02:53:
2b:52:4e:50:85:ee:d9:e4:c1:28:af:75:14:27:51:
8f:48:c4:7f:f5:46:b1:c3:2f:c2:95:d5:61:90:d0:
9a:30:80:63:4f:c3:58:0c:fc:e6:37:ab:6f:e7:33:
3c:f1:e8:32:33:5f:c6:22:03:df:9b:f3:b1:ed:26:
3c:85:37:60:d6:31:f5:55:3e:d7:ed:eb:70:a1:f1:
39:5a:05:0e:0e:a8:bb:fc:aa:ed:da:95:16:76:db:
cb:7a:45:78:cd:8e:0c:34:0a:67:c7:7c:04:5e:ca:
84:37:d3:74:f7:37:ff:a8:e1:eb:17:eb:85:55:b6:
0f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A1:17:70:BB:E5:29:35:5B:E5:FB:A0:25:15:E5:82:1E:0D:65:B2
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/uKEXcLvlKTVb5fugJRXlgh4NZbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:09:28:59:81:7f:91:a0:29:9b:96:f4:e8:86:19:03:78:35:
a5:28:72:18:b7:b8:00:7a:53:5f:2a:50:8a:06:bf:f7:17:f3:
bf:07:94:f7:7d:74:91:73:03:cf:2f:79:23:1e:5c:39:d9:94:
6d:2a:6f:47:30:54:7f:56:79:97:da:e7:46:6c:60:b5:11:08:
cc:fa:c9:2c:b6:49:80:bc:aa:77:7d:6f:1b:e7:eb:e6:f5:42:
84:38:7f:70:47:97:d0:fc:99:55:20:2f:d6:92:e0:a8:0b:3b:
e2:01:fb:ad:4a:a1:a0:ac:44:86:05:7d:b9:a6:b0:22:f7:a9:
aa:32:15:ee:ac:a8:13:21:f0:5f:4e:4f:9e:f0:e9:13:ad:bb:
58:d5:52:0a:37:b8:ee:cd:38:67:79:5d:f2:2e:f0:ae:5c:6e:
67:48:4e:91:14:3f:44:34:dc:0a:2b:f3:5e:16:1f:a7:81:6d:
f1:cc:23:38:e7:47:32:97:5d:c3:a2:53:9b:ae:b8:06:71:05:
e0:53:86:1a:89:7c:46:b1:3f:a1:cb:8d:59:d3:05:86:9d:03:
8e:09:d5:aa:d7:d6:a4:09:1b:64:43:e5:4c:46:8c:39:8a:8c:
78:cf:5c:20:fd:13:7e:6f:21:14:27:34:e6:24:ad:57:ba:e0:
6d:72:35:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRwoGMvuYbCBqZKFH2gxGEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTE2MTkzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGExMTc3MGJiZTUyOTM1NWJlNWZiYTAyNTE1ZTU4MjFlMGQ2NWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydCehMe7Mx5qvxUjyHzgw+7ffR2w
brA7XF049wcGqonfOje8hB4MvMwySs4e7kkRvBt4V9Mt7UtsU89ns1eqtv0kNqL8
H38WWDjmBs1VA52lr7XcwUK4PW27gML/d+u3nlQFeLv8lLooHsi1tckwlPSaa5Ox
tTwba7pFJadgajz5YdUQAlMrUk5Qhe7Z5MEor3UUJ1GPSMR/9Uaxwy/CldVhkNCa
MIBjT8NYDPzmN6tv5zM88egyM1/GIgPfm/Ox7SY8hTdg1jH1VT7X7etwofE5WgUO
Dqi7/Krt2pUWdtvLekV4zY4MNApnx3wEXsqEN9N09zf/qOHrF+uFVbYPOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLihF3C75Sk1W+X7oCUV5YIeDWWyMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvdUtFWGNMdmxLVFZiNWZ1Z0pSWGxnaDROWmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPRwDAN
BgkqhkiG9w0BAQsFAAOCAQEAMwkoWYF/kaApm5b06IYZA3g1pShyGLe4AHpTXypQ
iga/9xfzvweU9310kXMDzy95Ix5cOdmUbSpvRzBUf1Z5l9rnRmxgtREIzPrJLLZJ
gLyqd31vG+fr5vVChDh/cEeX0PyZVSAv1pLgqAs74gH7rUqhoKxEhgV9uaawIvep
qjIV7qyoEyHwX05PnvDpE627WNVSCje47s04Z3ld8i7wrlxuZ0hOkRQ/RDTcCivz
XhYfp4Ft8cwjOOdHMpddw6JTm664BnEF4FOGGol8RrE/ocuNWdMFhp0DjgnVqtfW
pAkbZEPlTEaMOYqMeM9cIP0Tfm8hFCc05iStV7rgbXI1hQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:23:47 2025 by rpki-client