Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/3e9d99-610e-45b9-b749-58ca45f2eba8/1/59CnxlbcT-ZaaTX2J23S31L7ijw.roa
File: 59CnxlbcT-ZaaTX2J23S31L7ijw.roa (raw, json)
Hash identifier: b+AnFw3X9M74fTji1fm9+zA2kxxckPu0ywAdpSQ21NA=
Subject key identifier: E7:D0:A7:C6:56:DC:4F:E6:5A:69:35:F6:27:6D:D2:DF:52:FB:8A:3C
Certificate issuer: /CN=cac24115a22c8d4121a4a06758aa869bd1c93a1e
Certificate serial: 019426D9FE721664603501898CE576EFA9BA
Authority key identifier: CA:C2:41:15:A2:2C:8D:41:21:A4:A0:67:58:AA:86:9B:D1:C9:3A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysJBFaIsjUEhpKBnWKqGm9HJOh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/3e9d99-610e-45b9-b749-58ca45f2eba8/1/59CnxlbcT-ZaaTX2J23S31L7ijw.roa
Signing time: Thu 02 Jan 2025 11:50:08 +0000
ROA not before: Thu 02 Jan 2025 11:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214296
IP address blocks: 194.9.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fe:72:16:64:60:35:01:89:8c:e5:76:ef:a9:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cac24115a22c8d4121a4a06758aa869bd1c93a1e
Validity
Not Before: Jan 2 11:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7d0a7c656dc4fe65a6935f6276dd2df52fb8a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:f5:d0:69:56:b2:6e:02:f4:b8:cc:90:1f:
0e:b3:d9:30:07:4c:b6:a8:4d:86:81:09:c1:72:b1:
6a:a6:b6:62:f7:ff:af:dc:31:12:d7:76:a7:87:69:
e9:f5:1f:5a:0b:ec:4c:ed:9c:ce:42:62:85:5d:ad:
06:ef:71:43:47:ab:d3:05:0c:54:14:0a:ec:f3:11:
fb:bb:ec:9f:30:67:12:3c:16:64:15:d5:0e:93:ab:
ee:5d:ab:f9:43:f4:77:57:9f:fb:19:ad:4e:33:6c:
2f:e8:84:b1:e1:76:ce:3a:10:50:45:4a:5b:f3:55:
61:b5:36:91:92:0b:e2:95:a3:e8:35:0e:c7:07:da:
98:79:a8:8a:46:b6:b0:5b:d3:a7:86:1b:5f:f5:7d:
6c:43:1d:3b:53:68:c4:26:4d:92:06:07:9b:ce:28:
8c:da:f7:ea:0c:3d:0a:83:98:54:b3:a5:f4:b7:27:
eb:b1:81:f5:31:a6:89:3d:2f:7d:17:5f:e4:6b:a4:
b9:36:8a:ab:b0:52:59:0a:48:6d:4a:31:cd:cc:2b:
85:a5:22:20:16:0e:24:6e:3e:16:3b:74:7f:6f:80:
25:67:75:00:6e:7c:6f:45:ee:a0:24:f5:dd:b1:5d:
a8:3d:4f:a6:de:b6:2a:c6:75:e9:33:06:5a:c8:4c:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D0:A7:C6:56:DC:4F:E6:5A:69:35:F6:27:6D:D2:DF:52:FB:8A:3C
X509v3 Authority Key Identifier:
keyid:CA:C2:41:15:A2:2C:8D:41:21:A4:A0:67:58:AA:86:9B:D1:C9:3A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysJBFaIsjUEhpKBnWKqGm9HJOh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/3e9d99-610e-45b9-b749-58ca45f2eba8/1/59CnxlbcT-ZaaTX2J23S31L7ijw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/3e9d99-610e-45b9-b749-58ca45f2eba8/1/ysJBFaIsjUEhpKBnWKqGm9HJOh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.66.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:ea:89:53:83:f4:82:ef:86:02:41:e9:4f:4c:2a:29:3b:40:
3b:a2:07:6c:81:0e:7d:6f:35:dd:3d:7f:27:cf:78:6c:0c:57:
c5:85:97:c6:83:ed:b2:1f:c2:79:42:97:cb:46:44:7e:e5:a5:
34:89:0c:bd:47:53:98:9f:f3:e2:6f:05:82:11:8f:a7:2d:8a:
8b:0c:51:58:e3:74:cd:96:59:e1:10:a7:08:ad:d2:2d:dd:5f:
1d:1a:86:34:bf:82:8a:ec:4d:7e:47:89:1a:18:82:28:a9:12:
b9:51:86:12:67:4b:53:18:c6:34:c3:bf:3f:e4:ca:7d:55:ff:
9b:00:d3:1d:82:2e:5b:0e:e0:5c:92:0f:6d:54:5b:37:88:cd:
fc:ab:62:a7:3b:e5:89:1d:cf:d7:66:56:bd:15:81:dd:22:b2:
1c:ed:67:40:0a:84:0c:f5:03:de:83:07:20:56:09:12:0a:6f:
5b:8e:6b:91:34:17:d4:ff:06:af:63:39:ea:b8:5f:3a:57:78:
07:ac:42:39:e5:b0:e6:64:03:33:85:db:9f:fb:92:20:8f:d4:
5e:17:6b:c9:1e:bd:32:cd:57:eb:d9:84:c8:a9:25:d0:d7:a4:
47:c1:c0:3a:88:6e:3c:b9:ad:9d:9e:d8:84:aa:e5:e7:f3:ff:
94:6e:a5:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2f5yFmRgNQGJjOV276m6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzI0MTE1YTIyYzhkNDEyMWE0YTA2NzU4YWE4NjliZDFj
OTNhMWUwHhcNMjUwMTAyMTE1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QwYTdjNjU2ZGM0ZmU2NWE2OTM1ZjYyNzZkZDJkZjUyZmI4YTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgr10GlWsm4C9LjMkB8Os9kwB0y2
qE2GgQnBcrFqprZi9/+v3DES13anh2np9R9aC+xM7ZzOQmKFXa0G73FDR6vTBQxU
FArs8xH7u+yfMGcSPBZkFdUOk6vuXav5Q/R3V5/7Ga1OM2wv6ISx4XbOOhBQRUpb
81VhtTaRkgvilaPoNQ7HB9qYeaiKRrawW9Onhhtf9X1sQx07U2jEJk2SBgebziiM
2vfqDD0Kg5hUs6X0tyfrsYH1MaaJPS99F1/ka6S5NoqrsFJZCkhtSjHNzCuFpSIg
Fg4kbj4WO3R/b4AlZ3UAbnxvRe6gJPXdsV2oPU+m3rYqxnXpMwZayEwL2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfQp8ZW3E/mWmk19idt0t9S+4o8MB8GA1UdIwQY
MBaAFMrCQRWiLI1BIaSgZ1iqhpvRyToeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNKQkZhSXNqVUVocEtCbldLcUdtOUhKT2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zZTlkOTktNjEwZS00NWI5LWI3NDkt
NThjYTQ1ZjJlYmE4LzEvNTlDbnhsYmNULVphYVRYMkoyM1MzMUw3aWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zZTlkOTktNjEwZS00NWI5LWI3NDktNThjYTQ1ZjJlYmE4
LzEveXNKQkZhSXNqVUVocEtCbldLcUdtOUhKT2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwglCMA0G
CSqGSIb3DQEBCwUAA4IBAQCh6olTg/SC74YCQelPTCopO0A7ogdsgQ59bzXdPX8n
z3hsDFfFhZfGg+2yH8J5QpfLRkR+5aU0iQy9R1OYn/PibwWCEY+nLYqLDFFY43TN
llnhEKcIrdIt3V8dGoY0v4KK7E1+R4kaGIIoqRK5UYYSZ0tTGMY0w78/5Mp9Vf+b
ANMdgi5bDuBckg9tVFs3iM38q2KnO+WJHc/XZla9FYHdIrIc7WdACoQM9QPegwcg
VgkSCm9bjmuRNBfU/wavYznquF86V3gHrEI55bDmZAMzhduf+5Igj9ReF2vJHr0y
zVfr2YTIqSXQ16RHwcA6iG48ua2dntiEquXn8/+UbqWi
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:48:35 2025 by rpki-client