Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/IMmh4Io7iSBTPnMC7DWynkiLBg0.roa
File: IMmh4Io7iSBTPnMC7DWynkiLBg0.roa (raw, json)
Hash identifier: 1bjS3jTD4YxQSUyOHlvBLyX4qguKfpK0QL0dtBPMeoE=
Subject key identifier: 20:C9:A1:E0:8A:3B:89:20:53:3E:73:02:EC:35:B2:9E:48:8B:06:0D
Certificate issuer: /CN=98c11fd034eff9157554f55ee2834db3b29fcc35
Certificate serial: 0184333CC30C8CE4D2547B1338A94CF4110C
Authority key identifier: 98:C1:1F:D0:34:EF:F9:15:75:54:F5:5E:E2:83:4D:B3:B2:9F:CC:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMEf0DTv-RV1VPVe4oNNs7KfzDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/IMmh4Io7iSBTPnMC7DWynkiLBg0.roa
Signing time: Tue 01 Nov 2022 12:48:50 +0000
ROA not before: Tue 01 Nov 2022 12:48:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48577
IP address blocks: 2.59.4.0/24 maxlen: 24
2.59.7.0/24 maxlen: 24
2.59.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:3c:c3:0c:8c:e4:d2:54:7b:13:38:a9:4c:f4:11:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c11fd034eff9157554f55ee2834db3b29fcc35
Validity
Not Before: Nov 1 12:48:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20c9a1e08a3b8920533e7302ec35b29e488b060d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e2:6b:9f:6b:f5:59:07:7b:a8:f9:75:ae:66:
3e:a0:13:9e:b9:55:f7:c3:46:d3:41:c5:8c:87:06:
25:d6:87:c4:28:1c:57:9c:39:5e:5c:eb:55:49:4a:
54:24:b4:95:ac:9a:f1:ec:ba:cb:9b:bb:b4:0c:4b:
17:49:f0:c0:ca:d1:00:7d:f2:fa:e6:b5:1b:bf:8d:
db:47:79:af:9a:b7:af:15:13:81:ac:72:ed:15:9f:
85:ed:07:c5:56:33:9d:05:aa:20:fb:14:66:be:96:
bf:f1:26:52:d0:3a:0d:77:2d:99:84:8a:e8:b8:2b:
2d:9c:5f:13:a2:09:8a:9c:b5:2d:ef:d2:b7:79:45:
4e:81:82:35:b8:85:4a:e4:f8:5e:d1:eb:3f:5f:c0:
0b:21:ef:48:16:ed:8f:48:2d:86:52:54:ee:1a:3b:
b0:07:26:b6:90:e4:71:63:60:fe:09:7d:3d:a2:6e:
19:ea:6b:af:47:a0:14:13:24:38:c8:2c:29:25:2e:
27:de:66:3d:af:ff:42:71:29:29:b4:a4:b7:43:1e:
9e:4a:78:41:1b:9c:55:e9:c6:7e:65:91:71:77:7f:
90:c7:9b:0e:68:bb:43:18:88:ce:71:2c:22:66:97:
87:0b:bd:a9:94:87:81:6e:b8:10:c4:46:5e:55:eb:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C9:A1:E0:8A:3B:89:20:53:3E:73:02:EC:35:B2:9E:48:8B:06:0D
X509v3 Authority Key Identifier:
keyid:98:C1:1F:D0:34:EF:F9:15:75:54:F5:5E:E2:83:4D:B3:B2:9F:CC:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMEf0DTv-RV1VPVe4oNNs7KfzDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/IMmh4Io7iSBTPnMC7DWynkiLBg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/mMEf0DTv-RV1VPVe4oNNs7KfzDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.4.0/23
2.59.7.0/24
Signature Algorithm: sha256WithRSAEncryption
37:0f:02:1a:83:52:f5:9a:34:cb:be:bb:d7:f0:30:0f:44:82:
e5:ee:1d:00:90:61:a5:07:01:50:75:7f:cc:25:28:9f:41:2f:
74:ca:bf:cb:ce:e4:30:f2:89:82:ad:ba:81:c1:80:03:e7:c3:
3c:da:9e:d6:85:c6:50:24:e6:37:b0:f2:d3:9b:2b:14:31:41:
95:8e:07:c9:4c:ca:20:d4:94:d9:31:ef:7c:d9:44:a7:d5:c7:
2e:a4:27:c6:1a:fd:e3:f1:9b:92:67:b4:b3:64:c1:a2:d6:e6:
b4:aa:3f:cb:4f:6a:21:b6:f7:4e:88:37:c6:29:00:ba:0d:63:
83:67:3f:80:2d:57:a3:3e:7c:25:6f:e8:e7:61:9b:37:0f:5f:
d9:8b:ec:b7:3a:d1:32:3a:8c:2b:ff:e6:e8:e1:3d:ce:c5:a2:
9b:3b:6e:3d:5b:c5:56:f6:fa:46:aa:b1:0a:58:03:b4:04:e8:
39:d2:dd:89:cb:fa:66:38:89:76:e2:35:a2:ce:a3:26:3e:12:
8d:3a:e7:51:a1:ba:bc:f1:46:0a:e6:06:20:f4:43:2e:0d:a0:
a9:e3:23:9c:6f:52:5f:ec:35:7d:8a:f4:3d:d6:e5:60:40:0f:
ef:01:3e:d4:b9:28:32:8c:8d:49:13:a2:c0:be:fc:89:6f:f5:
90:3b:63:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQzPMMMjOTSVHsTOKlM9BEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzExZmQwMzRlZmY5MTU3NTU0ZjU1ZWUyODM0ZGIzYjI5
ZmNjMzUwHhcNMjIxMTAxMTI0ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM5YTFlMDhhM2I4OTIwNTMzZTczMDJlYzM1YjI5ZTQ4OGIwNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuJrn2v1WQd7qPl1rmY+oBOeuVX3
w0bTQcWMhwYl1ofEKBxXnDleXOtVSUpUJLSVrJrx7LrLm7u0DEsXSfDAytEAffL6
5rUbv43bR3mvmrevFROBrHLtFZ+F7QfFVjOdBaog+xRmvpa/8SZS0DoNdy2ZhIro
uCstnF8TogmKnLUt79K3eUVOgYI1uIVK5Phe0es/X8ALIe9IFu2PSC2GUlTuGjuw
Bya2kORxY2D+CX09om4Z6muvR6AUEyQ4yCwpJS4n3mY9r/9CcSkptKS3Qx6eSnhB
G5xV6cZ+ZZFxd3+Qx5sOaLtDGIjOcSwiZpeHC72plIeBbrgQxEZeVes2JQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCDJoeCKO4kgUz5zAuw1sp5IiwYNMB8GA1UdIwQY
MBaAFJjBH9A07/kVdVT1XuKDTbOyn8w1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1FZjBEVHYtUlYxVlBWZTRvTk5zN0tmekRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81M2ZjYWEtYjcyMS00NjJhLWE2MDct
Mzc0MDUwN2EyNjAxLzEvSU1taDRJbzdpU0JUUG5NQzdEV3lua2lMQmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81M2ZjYWEtYjcyMS00NjJhLWE2MDctMzc0MDUwN2EyNjAx
LzEvbU1FZjBEVHYtUlYxVlBWZTRvTk5zN0tmekRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjsEAwQA
AjsHMA0GCSqGSIb3DQEBCwUAA4IBAQA3DwIag1L1mjTLvrvX8DAPRILl7h0AkGGl
BwFQdX/MJSifQS90yr/LzuQw8omCrbqBwYAD58M82p7WhcZQJOY3sPLTmysUMUGV
jgfJTMog1JTZMe982USn1ccupCfGGv3j8ZuSZ7SzZMGi1ua0qj/LT2ohtvdOiDfG
KQC6DWODZz+ALVejPnwlb+jnYZs3D1/Zi+y3OtEyOowr/+bo4T3OxaKbO249W8VW
9vpGqrEKWAO0BOg50t2Jy/pmOIl24jWizqMmPhKNOudRobq88UYK5gYg9EMuDaCp
4yOcb1Jf7DV9ivQ91uVgQA/vAT7UuSgyjI1JE6LAvvyJb/WQO2NS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:32 2024 by rpki-client on console-ams.rpki-client.org