Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/JA31DZScZvYIwJfErV7LU6Pm8FI.roa
File: JA31DZScZvYIwJfErV7LU6Pm8FI.roa (raw, json)
Hash identifier: j2dwdPSin1EaN8bZ47DvZWD73l5sMHPdzBMxjZwMols=
Subject key identifier: 24:0D:F5:0D:94:9C:66:F6:08:C0:97:C4:AD:5E:CB:53:A3:E6:F0:52
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 019422FB6624376E34B8BE1047AEAA51B3F4
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/JA31DZScZvYIwJfErV7LU6Pm8FI.roa
Signing time: Wed 01 Jan 2025 17:48:08 +0000
ROA not before: Wed 01 Jan 2025 17:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 171.22.60.0/24 maxlen: 24
171.22.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:66:24:37:6e:34:b8:be:10:47:ae:aa:51:b3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 1 17:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=240df50d949c66f608c097c4ad5ecb53a3e6f052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:0d:8c:77:d4:63:4d:7c:68:a8:3c:71:9b:
b6:f0:11:17:84:5e:a3:c1:9f:5e:72:99:48:3c:55:
18:f7:6f:bc:53:9e:5b:60:f4:c5:ec:87:26:e5:ba:
04:c8:b4:aa:91:8e:d2:67:11:ca:5d:85:b4:e8:2c:
11:ed:a3:b7:46:3b:bb:e8:fc:ec:48:54:32:d5:d7:
fb:7b:86:c4:d8:8d:95:f1:ae:34:2b:41:00:26:07:
47:f1:73:ee:87:dd:c1:36:e7:c1:2c:fc:57:db:6a:
b2:31:4b:fc:59:4f:f5:f8:b3:5f:fa:ce:a7:3d:76:
64:ee:3c:09:33:bb:16:c8:9e:d9:e7:3c:ce:fa:65:
57:ec:9b:18:c4:75:08:c5:04:e8:39:12:d5:de:a9:
c2:77:d0:a8:5e:39:91:92:dd:db:07:c8:ce:31:47:
80:f7:1b:5a:b4:2a:e1:d9:92:35:63:ed:d6:a1:21:
86:c3:6c:36:f8:52:60:cd:47:31:d8:79:e4:2e:2f:
84:07:67:6e:1a:a3:12:8f:94:35:30:e6:7d:9c:d6:
e6:7c:b7:10:97:bd:bf:59:8b:db:9a:a7:8a:b6:b4:
c5:65:af:f9:a6:b8:36:81:0f:8e:69:12:1d:f7:b2:
76:a5:9f:76:e0:c6:0d:ea:91:15:5b:39:b1:4c:36:
c4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0D:F5:0D:94:9C:66:F6:08:C0:97:C4:AD:5E:CB:53:A3:E6:F0:52
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/JA31DZScZvYIwJfErV7LU6Pm8FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.60.0/23
Signature Algorithm: sha256WithRSAEncryption
26:10:e7:5e:a9:d2:37:a3:c8:50:45:84:b6:0c:73:a7:fc:5e:
ac:5c:bc:e1:b9:77:26:0e:16:52:a2:ef:ef:bc:76:5e:96:0a:
ab:1d:76:1d:78:05:58:fd:c8:ae:16:ed:f1:1a:08:69:15:f1:
fd:8f:af:97:43:e3:2b:ae:de:9b:a4:10:6b:64:f8:38:89:64:
ca:8d:c8:fa:f2:2b:e0:5e:f8:fe:7e:07:e0:88:70:37:96:85:
f2:c6:c8:e1:09:80:c6:e5:c0:1b:90:41:c7:a1:eb:62:10:9f:
55:1a:29:5e:a8:92:eb:0d:be:98:d7:4b:24:1e:97:2f:a2:31:
ef:63:df:73:0e:03:f1:37:3b:80:0d:fc:b9:d5:d5:40:1e:fb:
38:4e:3a:30:fc:01:58:1b:f1:d1:b8:a8:06:2b:0b:32:f9:e1:
de:1b:35:53:6e:23:a9:10:d3:00:82:06:b2:c3:42:c3:16:fa:
67:da:bf:53:d8:4a:1a:c7:7c:fd:00:a8:13:dd:c8:ab:3a:1a:
f6:0e:95:ff:15:23:25:5a:2b:65:7a:36:99:75:ed:9d:bb:d6:
6c:bd:7c:ab:e2:28:52:4e:bf:45:1f:05:87:37:2f:15:3c:f2:
61:d5:7e:3f:47:97:60:19:08:fe:eb:52:16:dc:cc:b2:75:19:
5f:f0:8a:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2YkN240uL4QR66qUbP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUwMTAxMTc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBkZjUwZDk0OWM2NmY2MDhjMDk3YzRhZDVlY2I1M2EzZTZmMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCENjHfUY018aKg8cZu28BEXhF6j
wZ9ecplIPFUY92+8U55bYPTF7Icm5boEyLSqkY7SZxHKXYW06CwR7aO3Rju76Pzs
SFQy1df7e4bE2I2V8a40K0EAJgdH8XPuh93BNufBLPxX22qyMUv8WU/1+LNf+s6n
PXZk7jwJM7sWyJ7Z5zzO+mVX7JsYxHUIxQToORLV3qnCd9CoXjmRkt3bB8jOMUeA
9xtatCrh2ZI1Y+3WoSGGw2w2+FJgzUcx2HnkLi+EB2duGqMSj5Q1MOZ9nNbmfLcQ
l72/WYvbmqeKtrTFZa/5prg2gQ+OaRId97J2pZ924MYN6pEVWzmxTDbESwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQN9Q2UnGb2CMCXxK1ey1Oj5vBSMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvSkEzMURaU2NadllJd0pmRXJWN0xVNlBtOEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqxY8MA0G
CSqGSIb3DQEBCwUAA4IBAQAmEOdeqdI3o8hQRYS2DHOn/F6sXLzhuXcmDhZSou/v
vHZelgqrHXYdeAVY/ciuFu3xGghpFfH9j6+XQ+Mrrt6bpBBrZPg4iWTKjcj68ivg
Xvj+fgfgiHA3loXyxsjhCYDG5cAbkEHHoetiEJ9VGileqJLrDb6Y10skHpcvojHv
Y99zDgPxNzuADfy51dVAHvs4Tjow/AFYG/HRuKgGKwsy+eHeGzVTbiOpENMAggay
w0LDFvpn2r9T2Eoax3z9AKgT3cirOhr2DpX/FSMlWitlejaZde2du9ZsvXyr4ihS
Tr9FHwWHNy8VPPJh1X4/R5dgGQj+61IW3MyydRlf8IpA
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:02:26 2025 by rpki-client