Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/IbQ-D2yslx0iHz7liSbbaOCcfXA.roa
File: IbQ-D2yslx0iHz7liSbbaOCcfXA.roa (raw, json)
Hash identifier: Kl5zFWGMECrHwpmHWu5uCTOc6qSUXrcJGW6y65HYm/g=
Subject key identifier: 21:B4:3E:0F:6C:AC:97:1D:22:1F:3E:E5:89:26:DB:68:E0:9C:7D:70
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 01941FFA332338B1FD66332D089263B67EF2
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/IbQ-D2yslx0iHz7liSbbaOCcfXA.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55081
IP address blocks: 62.100.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:33:23:38:b1:fd:66:33:2d:08:92:63:b6:7e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21b43e0f6cac971d221f3ee58926db68e09c7d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1d:a1:08:2e:6e:09:49:52:63:1b:07:60:40:
98:aa:20:cf:35:c6:17:1a:1d:34:0a:9b:be:1c:ca:
19:8a:71:28:7f:87:0d:ae:33:89:0c:02:d1:c6:4d:
32:bd:f1:06:48:ed:a3:2a:82:43:ab:08:09:26:b7:
9d:7a:1f:94:89:22:52:9f:82:f9:2e:84:bd:2f:9e:
e4:10:99:38:b0:fe:da:58:e2:64:05:5d:eb:eb:94:
28:c8:c2:47:41:bf:b7:30:0b:ec:bc:82:d8:74:0c:
f9:d6:2f:f2:6e:09:65:0a:b2:a3:69:54:e8:52:c7:
61:d0:2d:10:a0:65:fc:51:aa:9b:2c:86:8e:34:76:
ce:65:f3:05:35:18:23:ab:8f:8a:3d:64:ff:f2:67:
ef:8e:4b:9d:fb:49:2d:aa:1c:11:12:e4:1b:a1:3d:
98:63:7e:fd:be:47:0e:87:5a:02:1e:1f:a4:13:22:
94:fe:37:53:c1:1c:d3:64:7a:dd:49:03:cf:cf:5e:
56:44:88:28:e2:b9:9c:b8:c1:31:05:f1:f7:5c:75:
4b:fd:29:5a:6d:a6:b5:d4:3c:95:8e:04:c1:ac:25:
2a:d7:f5:58:09:02:c6:5e:9f:31:f0:a2:e4:4d:63:
31:8b:85:cb:b5:de:b3:0b:e6:5d:df:af:aa:b9:f9:
85:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B4:3E:0F:6C:AC:97:1D:22:1F:3E:E5:89:26:DB:68:E0:9C:7D:70
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/IbQ-D2yslx0iHz7liSbbaOCcfXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.211.0/24
Signature Algorithm: sha256WithRSAEncryption
59:4c:38:6a:cb:8e:ef:d9:9a:27:a6:88:ee:00:e2:bf:b2:91:
4c:fa:43:2d:d0:87:06:81:ad:40:9a:0f:9b:e2:aa:ea:8e:af:
22:8d:70:c3:b9:04:52:0b:bf:bd:27:7b:33:1e:41:1e:89:0f:
a4:2d:a1:2e:09:f6:1f:fe:b7:32:9c:f3:82:ba:ce:a9:00:e0:
f2:cb:aa:41:aa:90:bc:2f:c0:ad:ac:b7:0c:2c:8d:a1:bd:24:
83:7c:e5:d3:35:3c:8c:f1:72:47:14:ad:5c:57:1a:b7:09:2c:
3d:e5:65:31:01:2a:a8:84:04:a9:ae:2f:65:8c:ed:69:9c:54:
19:66:4d:2e:e9:33:31:7f:4f:19:e7:2f:1d:f5:f8:9c:a2:8d:
25:9f:49:fe:14:37:9b:cc:29:50:1d:e3:0e:f4:d5:94:24:51:
44:e1:d5:ac:01:ff:b0:d7:06:d0:bd:af:3e:65:3b:26:a6:2f:
64:44:28:da:81:e8:97:23:ac:ed:af:15:15:7a:17:71:c2:1b:
f2:e5:1d:03:e7:f9:36:fe:ed:ea:4a:1d:9d:38:d6:1f:37:5f:
a0:0e:1f:41:45:a2:71:3b:f7:bf:f9:79:05:16:a4:67:ad:a8:
c8:f4:cb:73:9f:c0:e9:a9:d9:c7:93:46:82:b0:d8:4a:23:43:
01:13:e4:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jMjOLH9ZjMtCJJjtn7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI0M2UwZjZjYWM5NzFkMjIxZjNlZTU4OTI2ZGI2OGUwOWM3ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R2hCC5uCUlSYxsHYECYqiDPNcYX
Gh00Cpu+HMoZinEof4cNrjOJDALRxk0yvfEGSO2jKoJDqwgJJredeh+UiSJSn4L5
LoS9L57kEJk4sP7aWOJkBV3r65QoyMJHQb+3MAvsvILYdAz51i/ybgllCrKjaVTo
Usdh0C0QoGX8UaqbLIaONHbOZfMFNRgjq4+KPWT/8mfvjkud+0ktqhwREuQboT2Y
Y379vkcOh1oCHh+kEyKU/jdTwRzTZHrdSQPPz15WRIgo4rmcuMExBfH3XHVL/Sla
baa11DyVjgTBrCUq1/VYCQLGXp8x8KLkTWMxi4XLtd6zC+Zd36+qufmF+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCG0Pg9srJcdIh8+5Ykm22jgnH1wMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvSWJRLUQyeXNseDBpSHo3bGlTYmJhT0NjZlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmTTMA0G
CSqGSIb3DQEBCwUAA4IBAQBZTDhqy47v2ZonpojuAOK/spFM+kMt0IcGga1Amg+b
4qrqjq8ijXDDuQRSC7+9J3szHkEeiQ+kLaEuCfYf/rcynPOCus6pAODyy6pBqpC8
L8CtrLcMLI2hvSSDfOXTNTyM8XJHFK1cVxq3CSw95WUxASqohASpri9ljO1pnFQZ
Zk0u6TMxf08Z5y8d9ficoo0ln0n+FDebzClQHeMO9NWUJFFE4dWsAf+w1wbQva8+
ZTsmpi9kRCjageiXI6ztrxUVehdxwhvy5R0D5/k2/u3qSh2dONYfN1+gDh9BRaJx
O/e/+XkFFqRnrajI9Mtzn8DpqdnHk0aCsNhKI0MBE+Sa
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:27:12 2025 by rpki-client