Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/wfNBgqM21SINsFs7spDDlzIbSrg.roa
File: wfNBgqM21SINsFs7spDDlzIbSrg.roa (raw, json)
Hash identifier: Q9ObC95y0VJvWS7cfuyQf1goRJgZARmxOS0XoX33WBk=
Subject key identifier: C1:F3:41:82:A3:36:D5:22:0D:B0:5B:3B:B2:90:C3:97:32:1B:4A:B8
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0195A093B6EA949945823D01C107302FC0C6
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/wfNBgqM21SINsFs7spDDlzIbSrg.roa
Signing time: Sun 16 Mar 2025 20:09:49 +0000
ROA not before: Sun 16 Mar 2025 20:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:b480::/29 maxlen: 29
2a0f:e3c0::/29 maxlen: 29
2a13:d1c0::/29 maxlen: 29
2a13:dcc0::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a0:93:b6:ea:94:99:45:82:3d:01:c1:07:30:2f:c0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 16 20:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1f34182a336d5220db05b3bb290c397321b4ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:98:52:2c:37:fc:be:43:12:37:b6:c8:f6:ee:
09:31:14:43:11:f8:41:4f:74:23:55:3d:c6:aa:f1:
34:04:21:9c:fc:79:86:bd:90:71:81:aa:35:96:5e:
8d:26:d1:3e:8a:0a:02:55:7e:43:2a:30:98:55:08:
21:d2:5c:2c:c5:d9:1e:7b:07:39:cc:0e:b9:da:4c:
db:4e:df:74:01:8a:f8:7b:4b:c8:c7:e3:89:ab:6c:
9d:9e:61:ba:de:d3:5c:80:14:43:0b:e2:c3:fd:81:
2b:91:62:0a:af:af:0a:4d:49:2f:1f:fb:02:4d:ce:
ca:ba:fc:36:9c:81:3f:83:90:fa:a8:fb:32:fb:8a:
25:df:ba:b9:58:f0:5e:a3:68:75:8f:d2:d9:26:d6:
e1:42:01:02:a6:58:59:a7:23:69:e9:3f:36:36:e0:
3b:01:bd:59:76:4c:d7:e6:12:1d:84:da:7d:cd:4c:
7b:04:30:7b:57:97:54:94:6c:61:2e:08:2d:f5:26:
0f:9d:33:4d:af:5c:87:97:33:c3:76:57:e8:9b:f0:
97:90:ed:68:f8:08:70:a2:5c:dd:d8:b5:e6:87:17:
cf:6e:4a:5d:19:c4:e6:b2:13:71:14:3c:37:10:e5:
b3:39:3b:86:ae:a4:b2:a4:45:c7:b2:7c:ca:95:13:
ed:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F3:41:82:A3:36:D5:22:0D:B0:5B:3B:B2:90:C3:97:32:1B:4A:B8
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/wfNBgqM21SINsFs7spDDlzIbSrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
2a0f:e3c0::/29
2a13:d1c0::/29
2a13:dcc0::/29
2a13:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
04:46:ac:d5:6b:48:fc:3d:b3:8e:76:61:a8:b1:71:c9:e3:b4:
72:32:6b:e3:fe:88:b2:ef:01:31:1a:34:5e:12:ef:94:a1:89:
41:1e:2d:e9:95:97:69:71:57:4b:b8:e3:13:d8:2a:5b:dd:4f:
9a:1a:d6:5c:da:7c:f2:24:09:50:4c:07:82:4b:16:81:0c:16:
9e:ff:57:da:ef:7f:de:d4:32:e4:73:8a:0e:e4:fe:7c:fc:86:
96:92:27:56:98:78:ca:54:1e:9e:a0:41:8d:ff:9f:0d:47:f6:
78:2b:e0:78:18:f5:34:3c:fa:d4:d0:e3:2b:64:38:1e:2f:15:
e7:45:b3:2d:d6:ba:9e:a1:62:34:be:16:71:ed:bf:ed:d0:b0:
9b:ff:3f:5d:b7:8a:e6:db:7c:6a:03:3f:76:c9:da:0a:81:d3:
8a:d2:c5:9c:b7:d8:67:05:de:53:38:02:c5:4e:3b:f6:04:90:
12:60:fc:01:63:4a:bd:67:45:7e:53:68:5e:55:4d:8e:a6:e6:
51:d6:6c:52:a1:32:1a:d0:2f:3a:83:ae:98:33:6e:17:6e:43:
6e:f1:ad:2b:7a:42:8d:77:44:3a:97:3f:aa:5d:c9:33:0b:23:
f2:a7:13:74:30:57:7f:21:97:46:b0:6d:24:70:b3:03:4c:c0:
af:10:c0:62
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZWgk7bqlJlFgj0BwQcwL8DGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMzE2MjAwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYzNDE4MmEzMzZkNTIyMGRiMDViM2JiMjkwYzM5NzMyMWI0YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5hSLDf8vkMSN7bI9u4JMRRDEfhB
T3QjVT3GqvE0BCGc/HmGvZBxgao1ll6NJtE+igoCVX5DKjCYVQgh0lwsxdkeewc5
zA652kzbTt90AYr4e0vIx+OJq2ydnmG63tNcgBRDC+LD/YErkWIKr68KTUkvH/sC
Tc7Kuvw2nIE/g5D6qPsy+4ol37q5WPBeo2h1j9LZJtbhQgECplhZpyNp6T82NuA7
Ab1ZdkzX5hIdhNp9zUx7BDB7V5dUlGxhLggt9SYPnTNNr1yHlzPDdlfom/CXkO1o
+Ahwolzd2LXmhxfPbkpdGcTmshNxFDw3EOWzOTuGrqSypEXHsnzKlRPt5wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMHzQYKjNtUiDbBbO7KQw5cyG0q4MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvd2ZOQmdxTTIxU0lOc0ZzN3NwRERsekliU3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgu0gAMF
AyoP48ADBQMqE9HAAwUDKhPcwAMFAyoT3UAwDQYJKoZIhvcNAQELBQADggEBAARG
rNVrSPw9s452YaixccnjtHIya+P+iLLvATEaNF4S75ShiUEeLemVl2lxV0u44xPY
KlvdT5oa1lzafPIkCVBMB4JLFoEMFp7/V9rvf97UMuRzig7k/nz8hpaSJ1aYeMpU
Hp6gQY3/nw1H9ngr4HgY9TQ8+tTQ4ytkOB4vFedFsy3Wup6hYjS+FnHtv+3QsJv/
P123iubbfGoDP3bJ2gqB04rSxZy32GcF3lM4AsVOO/YEkBJg/AFjSr1nRX5TaF5V
TY6m5lHWbFKhMhrQLzqDrpgzbhduQ27xrSt6Qo13RDqXP6pdyTMLI/KnE3QwV38h
l0awbSRwswNMwK8QwGI=
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:16:47 2025 by rpki-client on console.sobornost.net