Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/IxyW73OMckCNett38gRruShmhsE.roa
File: IxyW73OMckCNett38gRruShmhsE.roa (raw, json)
Hash identifier: kwXxrh4BlKqwqWrrFQAbZ+7ZY9nBQf7G/9/mLoszBNE=
Subject key identifier: 23:1C:96:EF:73:8C:72:40:8D:7A:DB:77:F2:04:6B:B9:28:66:86:C1
Certificate issuer: /CN=5406af804ef5a636f464e71a8d41e8d401a7f697
Certificate serial: 019425FC4D95B51667FA0D8AA56A9F28D6BA
Authority key identifier: 54:06:AF:80:4E:F5:A6:36:F4:64:E7:1A:8D:41:E8:D4:01:A7:F6:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAavgE71pjb0ZOcajUHo1AGn9pc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/IxyW73OMckCNett38gRruShmhsE.roa
Signing time: Thu 02 Jan 2025 07:47:59 +0000
ROA not before: Thu 02 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201755
IP address blocks: 2.58.104.0/24 maxlen: 24
2.58.105.0/24 maxlen: 24
2.58.106.0/24 maxlen: 24
2.58.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:4d:95:b5:16:67:fa:0d:8a:a5:6a:9f:28:d6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5406af804ef5a636f464e71a8d41e8d401a7f697
Validity
Not Before: Jan 2 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=231c96ef738c72408d7adb77f2046bb9286686c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fa:86:0a:ff:a0:ef:bc:0b:c6:ba:97:68:89:
16:2a:2d:7d:4d:21:e1:aa:aa:40:ce:0f:26:a1:d1:
18:d3:29:ed:d1:69:99:d1:58:88:68:68:aa:80:59:
e5:c9:84:06:39:6c:e3:79:85:27:a2:20:ae:6c:63:
ee:cd:03:7b:2a:a2:37:77:c4:f8:78:c3:39:3c:bd:
a3:71:13:97:78:b4:04:db:47:01:97:b6:a1:64:02:
af:c1:ef:14:d4:c3:85:d1:2e:a9:1b:4f:c5:20:7a:
d9:ab:97:1f:24:ce:b9:ee:c4:fa:34:a5:8b:3b:15:
f4:f9:1f:d8:b8:0e:0c:97:e5:3c:3b:8c:86:1c:10:
4b:83:d6:18:78:30:d3:a0:80:19:be:d0:95:4e:52:
e8:3a:23:0f:b4:8c:5a:b0:ac:6c:f3:a8:38:08:6e:
6a:86:c7:2f:e9:b1:79:4a:80:70:5a:78:f0:ed:e4:
72:59:72:19:b0:32:99:fa:08:3c:d2:41:ba:77:db:
32:77:ef:a0:f2:d4:b2:37:ac:3c:b1:8e:ff:8d:e0:
eb:5c:4e:6c:ea:8c:bf:43:eb:13:69:14:1b:f7:af:
56:94:57:ea:ba:ca:44:bd:cb:8c:4c:fa:ac:f1:5c:
46:ac:96:a3:85:aa:60:0e:4c:48:45:1f:96:04:9e:
97:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1C:96:EF:73:8C:72:40:8D:7A:DB:77:F2:04:6B:B9:28:66:86:C1
X509v3 Authority Key Identifier:
keyid:54:06:AF:80:4E:F5:A6:36:F4:64:E7:1A:8D:41:E8:D4:01:A7:F6:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAavgE71pjb0ZOcajUHo1AGn9pc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/IxyW73OMckCNett38gRruShmhsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/VAavgE71pjb0ZOcajUHo1AGn9pc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.104.0/22
Signature Algorithm: sha256WithRSAEncryption
43:23:b2:24:55:78:52:37:a9:79:5b:f3:e0:c9:84:46:da:5f:
0f:1f:1d:1a:5b:35:67:05:c5:c7:15:36:c3:a1:ed:4d:0d:96:
e9:62:87:14:e9:8b:8c:9d:97:f4:63:42:e0:94:fb:c3:a7:80:
2b:42:fe:8c:64:89:1e:28:7e:f7:12:8d:f7:b9:17:2c:6f:6b:
25:b2:ad:11:45:45:41:fe:df:98:69:38:0a:95:ed:9d:b8:29:
87:ab:a1:6b:dc:82:31:43:e1:46:e8:f0:19:3e:f3:88:8a:68:
b5:28:8d:53:d7:bf:f5:d4:23:cf:48:25:d4:1c:a5:8d:08:7d:
32:eb:64:9c:eb:32:63:1f:d9:c1:5a:9a:91:97:34:ff:3f:56:
ce:86:35:1e:33:b8:59:cc:45:fb:35:05:cc:2c:79:02:41:3e:
ea:3b:ae:45:12:4b:9f:9a:c8:f2:66:8f:01:e3:b7:f2:a9:14:
28:06:f5:e0:f5:6b:1a:28:ec:8d:d2:aa:15:5b:34:a5:c1:cf:
6a:55:c3:a6:82:d1:47:be:b7:e6:02:62:c7:9d:30:9d:56:53:
b3:ad:a7:e9:ec:e7:aa:a6:d7:e2:ce:cf:d8:28:f1:29:e2:9f:
1c:11:6e:9e:e5:9f:32:f1:3a:42:d8:f8:46:e8:a8:15:82:5e:
42:f7:27:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/E2VtRZn+g2KpWqfKNa6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDZhZjgwNGVmNWE2MzZmNDY0ZTcxYThkNDFlOGQ0MDFh
N2Y2OTcwHhcNMjUwMTAyMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFjOTZlZjczOGM3MjQwOGQ3YWRiNzdmMjA0NmJiOTI4NjY4NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPqGCv+g77wLxrqXaIkWKi19TSHh
qqpAzg8modEY0ynt0WmZ0ViIaGiqgFnlyYQGOWzjeYUnoiCubGPuzQN7KqI3d8T4
eMM5PL2jcROXeLQE20cBl7ahZAKvwe8U1MOF0S6pG0/FIHrZq5cfJM657sT6NKWL
OxX0+R/YuA4Ml+U8O4yGHBBLg9YYeDDToIAZvtCVTlLoOiMPtIxasKxs86g4CG5q
hscv6bF5SoBwWnjw7eRyWXIZsDKZ+gg80kG6d9syd++g8tSyN6w8sY7/jeDrXE5s
6oy/Q+sTaRQb969WlFfquspEvcuMTPqs8VxGrJajhapgDkxIRR+WBJ6XLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMclu9zjHJAjXrbd/IEa7koZobBMB8GA1UdIwQY
MBaAFFQGr4BO9aY29GTnGo1B6NQBp/aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFhdmdFNzFwamIwWk9jYWpVSG8xQUduOXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNWNiNWMtOTNhNS00YmYxLWJhMWQt
MWNhOWQyNTllMmFkLzEvSXh5VzczT01ja0NOZXR0MzhnUnJ1U2htaHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNWNiNWMtOTNhNS00YmYxLWJhMWQtMWNhOWQyNTllMmFk
LzEvVkFhdmdFNzFwamIwWk9jYWpVSG8xQUduOXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjpoMA0G
CSqGSIb3DQEBCwUAA4IBAQBDI7IkVXhSN6l5W/PgyYRG2l8PHx0aWzVnBcXHFTbD
oe1NDZbpYocU6YuMnZf0Y0LglPvDp4ArQv6MZIkeKH73Eo33uRcsb2slsq0RRUVB
/t+YaTgKle2duCmHq6Fr3IIxQ+FG6PAZPvOIimi1KI1T17/11CPPSCXUHKWNCH0y
62Sc6zJjH9nBWpqRlzT/P1bOhjUeM7hZzEX7NQXMLHkCQT7qO65FEkufmsjyZo8B
47fyqRQoBvXg9WsaKOyN0qoVWzSlwc9qVcOmgtFHvrfmAmLHnTCdVlOzrafp7Oeq
ptfizs/YKPEp4p8cEW6e5Z8y8TpC2PhG6KgVgl5C9yfC
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:34:15 2025 by rpki-client