Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/o14OG6Vq_9Ft0ixYjY2CZs-KHWE.roa
File: o14OG6Vq_9Ft0ixYjY2CZs-KHWE.roa (raw, json)
Hash identifier: RpKHKQeGGMvpfWhRCSuw/H8zR/iCDsSEdsAeVAFAy9Y=
Subject key identifier: A3:5E:0E:1B:A5:6A:FF:D1:6D:D2:2C:58:8D:8D:82:66:CF:8A:1D:61
Certificate issuer: /CN=98c11fd034eff9157554f55ee2834db3b29fcc35
Certificate serial: 018571B0C70599D0CC431E1C454328ED921D
Authority key identifier: 98:C1:1F:D0:34:EF:F9:15:75:54:F5:5E:E2:83:4D:B3:B2:9F:CC:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMEf0DTv-RV1VPVe4oNNs7KfzDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/o14OG6Vq_9Ft0ixYjY2CZs-KHWE.roa
Signing time: Mon 02 Jan 2023 08:54:48 +0000
ROA not before: Mon 02 Jan 2023 08:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48577
IP address blocks: 2.59.4.0/24 maxlen: 24
2.59.7.0/24 maxlen: 24
2.59.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c7:05:99:d0:cc:43:1e:1c:45:43:28:ed:92:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c11fd034eff9157554f55ee2834db3b29fcc35
Validity
Not Before: Jan 2 08:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a35e0e1ba56affd16dd22c588d8d8266cf8a1d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:53:1e:49:5a:b0:4b:2a:84:81:5c:c3:07:
2c:95:dd:c6:53:50:6c:f1:0c:08:99:15:02:bb:91:
f1:6d:08:8e:e0:50:8e:27:d5:10:6e:53:6c:5d:32:
dd:b9:34:3e:11:56:b4:55:c3:7c:1c:fe:c2:77:fe:
03:84:8b:e1:d8:67:ad:bd:c2:83:c5:c2:f7:ac:85:
dd:14:63:a1:4d:b4:8d:7d:c2:14:12:54:1b:88:f8:
5f:00:dd:93:f5:0f:70:98:78:20:9a:b7:9a:24:52:
f1:c3:26:a7:64:9f:25:cb:5b:fc:e3:bd:5f:f0:43:
ab:6f:c4:33:b7:94:ee:c5:71:40:8a:57:e8:9e:9b:
92:b0:36:46:5a:e0:c8:f7:fa:a7:60:24:8c:8d:1f:
90:f3:5a:b0:63:06:c2:7a:83:a7:9d:fb:1d:25:ff:
ed:fe:60:4e:d6:48:30:e1:0c:69:5c:10:7d:37:67:
60:d8:63:5b:9a:ab:f4:7c:d6:8b:10:7c:89:78:b8:
58:61:04:3b:a9:ed:50:39:9e:3c:15:d5:ee:c7:30:
5d:ed:8b:eb:fe:90:4e:1b:84:a7:ef:88:bb:91:6d:
86:e0:bb:36:ec:ba:88:7d:23:2b:4c:c0:c9:a9:a2:
a8:8a:b3:2e:bf:e4:53:1b:bf:62:2e:1f:c8:7a:98:
bd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5E:0E:1B:A5:6A:FF:D1:6D:D2:2C:58:8D:8D:82:66:CF:8A:1D:61
X509v3 Authority Key Identifier:
keyid:98:C1:1F:D0:34:EF:F9:15:75:54:F5:5E:E2:83:4D:B3:B2:9F:CC:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMEf0DTv-RV1VPVe4oNNs7KfzDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/o14OG6Vq_9Ft0ixYjY2CZs-KHWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/53fcaa-b721-462a-a607-3740507a2601/1/mMEf0DTv-RV1VPVe4oNNs7KfzDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.4.0/23
2.59.7.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:88:e2:dd:ca:19:a3:24:16:04:c6:8f:b7:d5:5e:95:a5:a8:
40:25:72:b2:85:86:f2:90:1d:9a:91:2f:9d:2e:7d:7c:00:b2:
80:d7:ae:ef:13:7d:0f:5d:73:76:3c:ba:ab:ae:82:c3:7d:40:
54:46:da:53:b6:87:9d:08:3e:de:1c:f6:5f:77:2b:42:74:29:
fc:31:eb:24:b7:38:23:56:d7:53:69:ec:b5:14:24:f6:d9:ce:
6b:3b:1a:0a:b2:b9:ef:90:df:50:a6:9e:b6:da:83:d2:c8:25:
12:93:dc:34:8b:20:37:3a:76:ea:68:7e:20:06:89:e4:b9:2b:
86:1f:92:a5:8d:40:bc:65:1e:31:11:84:4c:9b:39:8c:6b:a7:
5c:9b:85:5e:ba:a1:05:ef:7d:3b:4d:fe:d1:90:a6:9d:6f:f1:
f0:cd:f3:bf:dd:6e:5b:56:c8:70:87:90:3b:b2:f0:0f:19:91:
fd:3c:86:9d:8e:a9:39:8f:c4:7e:39:36:7e:07:98:28:aa:40:
14:47:df:ee:a9:24:a5:9e:a8:66:ec:a3:16:01:4c:de:26:c4:
8a:d7:6c:8c:24:6d:75:1e:e3:4a:c5:89:95:5d:06:61:78:f9:
25:e5:74:8c:5b:61:fc:e2:51:0f:aa:17:05:f9:e9:bf:88:4f:
16:46:ea:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxsMcFmdDMQx4cRUMo7ZIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzExZmQwMzRlZmY5MTU3NTU0ZjU1ZWUyODM0ZGIzYjI5
ZmNjMzUwHhcNMjMwMTAyMDg1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVlMGUxYmE1NmFmZmQxNmRkMjJjNTg4ZDhkODI2NmNmOGExZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRtTHklasEsqhIFcwwcsld3GU1Bs
8QwImRUCu5HxbQiO4FCOJ9UQblNsXTLduTQ+EVa0VcN8HP7Cd/4DhIvh2GetvcKD
xcL3rIXdFGOhTbSNfcIUElQbiPhfAN2T9Q9wmHggmreaJFLxwyanZJ8ly1v8471f
8EOrb8Qzt5TuxXFAilfonpuSsDZGWuDI9/qnYCSMjR+Q81qwYwbCeoOnnfsdJf/t
/mBO1kgw4QxpXBB9N2dg2GNbmqv0fNaLEHyJeLhYYQQ7qe1QOZ48FdXuxzBd7Yvr
/pBOG4Sn74i7kW2G4Ls27LqIfSMrTMDJqaKoirMuv+RTG79iLh/Iepi97QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNeDhulav/RbdIsWI2NgmbPih1hMB8GA1UdIwQY
MBaAFJjBH9A07/kVdVT1XuKDTbOyn8w1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1FZjBEVHYtUlYxVlBWZTRvTk5zN0tmekRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81M2ZjYWEtYjcyMS00NjJhLWE2MDct
Mzc0MDUwN2EyNjAxLzEvbzE0T0c2VnFfOUZ0MGl4WWpZMkNacy1LSFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81M2ZjYWEtYjcyMS00NjJhLWE2MDctMzc0MDUwN2EyNjAx
LzEvbU1FZjBEVHYtUlYxVlBWZTRvTk5zN0tmekRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjsEAwQA
AjsHMA0GCSqGSIb3DQEBCwUAA4IBAQAfiOLdyhmjJBYExo+31V6VpahAJXKyhYby
kB2akS+dLn18ALKA167vE30PXXN2PLqrroLDfUBURtpTtoedCD7eHPZfdytCdCn8
MesktzgjVtdTaey1FCT22c5rOxoKsrnvkN9Qpp622oPSyCUSk9w0iyA3OnbqaH4g
BonkuSuGH5KljUC8ZR4xEYRMmzmMa6dcm4VeuqEF7307Tf7RkKadb/HwzfO/3W5b
Vshwh5A7svAPGZH9PIadjqk5j8R+OTZ+B5goqkAUR9/uqSSlnqhm7KMWAUzeJsSK
12yMJG11HuNKxYmVXQZhePkl5XSMW2H84lEPqhcF+em/iE8WRuor
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:32 2024 by rpki-client on console-ams.rpki-client.org