Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wkzXdTTBXllPTPkravYwwmcmegk.roa
File: wkzXdTTBXllPTPkravYwwmcmegk.roa (raw, json)
Hash identifier: MyBKSTlR2LhX6xEslEhDwaIJNkBFX5tgihuv63UAuSk=
Subject key identifier: C2:4C:D7:75:34:C1:5E:59:4F:4C:F9:2B:6A:F6:30:C2:67:26:7A:09
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196FF9B5F70F31E7D04CB33CF564F3CAD98
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wkzXdTTBXllPTPkravYwwmcmegk.roa
Signing time: Sat 24 May 2025 00:04:54 +0000
ROA not before: Sat 24 May 2025 00:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
2001:67c:64:ffff:0:196:ff9a:a5cc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ff:9b:5f:70:f3:1e:7d:04:cb:33:cf:56:4f:3c:ad:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 24 00:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c24cd77534c15e594f4cf92b6af630c267267a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:83:24:e2:55:c0:b5:8a:c7:dd:88:5c:45:
1b:e3:78:06:5d:72:86:d0:9e:e5:dc:c3:c9:59:2f:
c0:91:41:99:23:dd:17:da:c4:b4:a1:11:75:8b:c8:
e4:b0:ea:42:87:eb:ce:45:91:74:d9:06:82:1b:de:
d4:f6:91:b0:ab:3e:95:0c:61:b6:84:d5:a6:db:f9:
33:5d:1f:46:87:f8:8b:dc:65:5b:c0:93:6d:59:a4:
11:78:47:64:1e:cd:fa:c2:57:d3:21:38:65:b2:1b:
7b:d2:ce:b0:d0:e3:03:ab:f2:75:55:ea:d7:d9:f2:
0b:fa:30:27:46:af:2b:54:ef:3d:49:d1:44:8a:ef:
be:f1:ce:f2:cd:2e:0f:9b:61:42:ec:69:e9:eb:1e:
7c:df:73:26:5b:95:ba:e4:9b:80:c2:33:73:7a:ef:
33:fa:8d:65:28:63:78:cb:b9:f2:1a:4b:dd:96:19:
d6:5e:b0:cc:7d:e3:d7:5c:df:91:6d:dd:d5:29:9b:
b3:fd:07:10:8c:66:dd:99:2f:dd:16:0c:0b:af:9d:
4b:c9:b6:2e:15:40:a4:c3:af:1c:33:1d:8e:53:9b:
67:22:e3:20:79:aa:96:3e:ec:1b:bd:5a:b2:53:cf:
ce:56:ed:41:5f:50:e2:67:a9:99:c5:55:33:ca:c8:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:D7:75:34:C1:5E:59:4F:4C:F9:2B:6A:F6:30:C2:67:26:7A:09
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/wkzXdTTBXllPTPkravYwwmcmegk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
2001:67c:64:ffff:0:196:ff9a:a5cc/128
Signature Algorithm: sha256WithRSAEncryption
00:8f:2d:cf:a6:d0:bf:d1:3d:d6:28:64:14:23:a7:b1:8f:5d:
29:32:6a:32:a1:8d:0f:99:6b:f4:ff:15:db:1f:98:a7:62:df:
46:4f:4f:93:e6:0d:0e:e4:d9:aa:bd:0a:29:99:f8:3f:50:cd:
fe:af:fa:12:94:90:83:f5:fe:66:9e:20:61:94:41:f1:a2:48:
f2:4a:f6:d6:9d:c4:83:50:47:4f:39:0c:d6:4b:93:7a:e5:69:
73:11:c2:70:f5:03:29:bf:4c:7b:7e:a4:a0:a5:aa:6a:ff:5e:
36:16:64:df:33:6b:6a:1d:18:0d:5b:3f:16:f5:76:fb:7a:8a:
84:60:21:d6:ba:a5:1b:8d:f2:1d:df:b5:ad:d9:4c:c8:99:72:
7c:62:dc:2f:11:37:42:23:fa:a9:60:e0:67:e9:16:4c:42:f0:
20:b0:78:a2:e8:d8:80:eb:45:3d:99:ac:b8:ad:62:70:d7:2d:
f2:1b:25:6b:64:36:36:85:19:c4:2d:dd:09:86:ae:2a:24:06:
71:f6:d6:a4:3c:ec:a6:a1:31:58:5c:f9:d3:2a:90:cc:b9:fc:
dd:d3:3d:24:dc:3f:f7:d4:8d:aa:90:14:b6:a4:fb:31:37:18:
2d:95:25:40:b3:69:d1:46:85:94:b0:17:70:97:ba:e3:41:4a:
2e:e8:f4:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZb/m19w8x59BMszz1ZPPK2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTI0MDAwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRjZDc3NTM0YzE1ZTU5NGY0Y2Y5MmI2YWY2MzBjMjY3MjY3YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCGDJOJVwLWKx92IXEUb43gGXXKG
0J7l3MPJWS/AkUGZI90X2sS0oRF1i8jksOpCh+vORZF02QaCG97U9pGwqz6VDGG2
hNWm2/kzXR9Gh/iL3GVbwJNtWaQReEdkHs36wlfTIThlsht70s6w0OMDq/J1VerX
2fIL+jAnRq8rVO89SdFEiu++8c7yzS4Pm2FC7Gnp6x5833MmW5W65JuAwjNzeu8z
+o1lKGN4y7nyGkvdlhnWXrDMfePXXN+Rbd3VKZuz/QcQjGbdmS/dFgwLr51LybYu
FUCkw68cMx2OU5tnIuMgeaqWPuwbvVqyU8/OVu1BX1DiZ6mZxVUzyshfQQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMJM13U0wV5ZT0z5K2r2MMJnJnoJMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvd2t6WGRUVEJYbGxQVFBrcmF2WXd3bWNtZWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGW7V2MKAMRACABBnwAZP//AAABlv+apcwwDQYJKoZIhvcNAQELBQADggEB
AACPLc+m0L/RPdYoZBQjp7GPXSkyajKhjQ+Za/T/FdsfmKdi30ZPT5PmDQ7k2aq9
CimZ+D9Qzf6v+hKUkIP1/maeIGGUQfGiSPJK9tadxINQR085DNZLk3rlaXMRwnD1
Aym/THt+pKClqmr/XjYWZN8za2odGA1bPxb1dvt6ioRgIda6pRuN8h3fta3ZTMiZ
cnxi3C8RN0Ij+qlg4GfpFkxC8CCweKLo2IDrRT2ZrLitYnDXLfIbJWtkNjaFGcQt
3QmGriokBnH21qQ87KahMVhc+dMqkMy5/N3TPSTcP/fUjaqQFLak+zE3GC2VJUCz
adFGhZSwF3CXuuNBSi7o9Is=
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:43:26 2025 by rpki-client