Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/spxBFrRTXksX8fvfc0dXhGkhiwE.roa
File: spxBFrRTXksX8fvfc0dXhGkhiwE.roa (raw, json)
Hash identifier: n9jU/0B6fjkLFx2dvO1H12A4sA1hG6j4sPdVGTQx1Ss=
Subject key identifier: B2:9C:41:16:B4:53:5E:4B:17:F1:FB:DF:73:47:57:84:69:21:8B:01
Certificate issuer: /CN=f4f7760940800b86f8086e209edd1a85bac0f5dc
Certificate serial: 018CC7949550A393238EC138BA91063B147F
Authority key identifier: F4:F7:76:09:40:80:0B:86:F8:08:6E:20:9E:DD:1A:85:BA:C0:F5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Pd2CUCAC4b4CG4gnt0ahbrA9dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/spxBFrRTXksX8fvfc0dXhGkhiwE.roa
Signing time: Tue 02 Jan 2024 00:30:52 +0000
ROA not before: Tue 02 Jan 2024 00:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9678
IP address blocks: 2.58.240.0/24 maxlen: 24
2.58.243.0/24 maxlen: 24
2.58.242.0/24 maxlen: 24
2.58.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:95:50:a3:93:23:8e:c1:38:ba:91:06:3b:14:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f7760940800b86f8086e209edd1a85bac0f5dc
Validity
Not Before: Jan 2 00:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b29c4116b4535e4b17f1fbdf7347578469218b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:7f:5a:19:e6:fa:18:df:25:3f:4d:8a:d2:
ba:d2:cf:c0:81:7e:31:74:3d:0a:9d:fb:e4:e7:fc:
ac:e5:0b:3e:c6:ba:91:20:97:8e:63:f0:cb:a2:5b:
5d:c9:68:93:1c:7f:ed:1d:91:72:d8:92:f8:2a:ea:
80:35:86:14:2c:e8:83:f9:3a:2f:78:39:8c:c1:af:
73:27:30:55:73:64:0b:94:00:32:e7:59:d1:6d:90:
08:27:cf:db:f8:99:56:7a:44:da:04:8f:df:79:0f:
85:04:a6:7b:98:77:22:41:0a:bb:17:50:08:3d:af:
49:13:53:c1:b5:a7:f7:1c:8d:3b:15:dc:02:b2:bf:
86:e5:55:6d:b2:86:aa:05:d0:b8:71:d1:17:c3:47:
00:cc:95:33:c8:88:96:73:85:3c:57:80:ee:82:b6:
e9:a3:4c:be:b4:30:c8:d3:4e:9d:c7:b7:bc:a3:d4:
d9:b5:be:23:08:d7:ed:00:7e:3a:18:a1:0a:29:a4:
17:f9:01:71:6c:1a:cc:cd:9f:d6:9e:9a:9b:b4:9d:
b5:1b:aa:7e:3d:55:5d:cd:ad:b9:a9:0b:8b:a4:36:
db:c4:aa:b6:17:2f:fe:a5:5f:0d:32:fe:e7:35:03:
46:85:e0:55:20:b5:47:a5:27:78:b3:01:8b:ec:4e:
21:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9C:41:16:B4:53:5E:4B:17:F1:FB:DF:73:47:57:84:69:21:8B:01
X509v3 Authority Key Identifier:
keyid:F4:F7:76:09:40:80:0B:86:F8:08:6E:20:9E:DD:1A:85:BA:C0:F5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Pd2CUCAC4b4CG4gnt0ahbrA9dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/spxBFrRTXksX8fvfc0dXhGkhiwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/5c5e22-e4f9-4986-a055-0475d13f463c/1/9Pd2CUCAC4b4CG4gnt0ahbrA9dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:d1:41:a4:ee:b6:4d:5e:81:c0:e4:bf:c6:a5:57:8b:30:33:
cd:9b:0d:08:83:31:95:6f:7a:ee:27:bf:f5:5d:6a:8e:83:81:
27:5c:b8:dd:5a:95:cb:ed:4f:c2:84:5b:eb:8d:b7:b6:45:1a:
73:dd:a6:4a:2c:7d:2f:08:34:5c:68:e6:ba:60:ae:c8:7c:26:
4e:ee:ae:10:93:64:f2:56:d0:14:a6:cd:78:d3:82:f4:7f:96:
57:4d:6a:7e:16:35:2a:5f:bd:90:18:98:e2:13:4e:f5:f7:b3:
c7:27:c9:b0:cf:09:c9:86:54:f1:5f:4c:43:fb:b4:44:7f:b7:
d3:81:54:a5:b2:1a:b9:cd:e2:9f:b7:08:ef:bd:af:8f:f9:92:
85:d2:0e:25:fc:4f:fb:cb:a1:cb:79:f0:03:2c:80:cb:9d:93:
05:bc:a1:f7:f7:0a:e7:cf:3b:8a:86:b3:27:2e:19:3e:9b:fe:
53:7a:22:4b:3e:27:62:3a:26:15:ed:bf:41:6c:ca:f4:46:ec:
af:21:97:46:f6:e0:be:0d:41:7c:75:47:80:ac:d6:c4:09:60:
0c:d8:cc:ed:c7:4d:ed:fe:b2:a1:1d:b0:e3:28:fd:97:80:8a:
f8:ae:77:5a:37:39:d0:f0:9d:6e:2c:56:97:4d:f6:27:36:d6:
18:9f:da:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlJVQo5MjjsE4upEGOxR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Zjc3NjA5NDA4MDBiODZmODA4NmUyMDllZGQxYTg1YmFj
MGY1ZGMwHhcNMjQwMTAyMDAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjljNDExNmI0NTM1ZTRiMTdmMWZiZGY3MzQ3NTc4NDY5MjE4YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki1/Whnm+hjfJT9NitK60s/AgX4x
dD0Knfvk5/ys5Qs+xrqRIJeOY/DLoltdyWiTHH/tHZFy2JL4KuqANYYULOiD+Tov
eDmMwa9zJzBVc2QLlAAy51nRbZAIJ8/b+JlWekTaBI/feQ+FBKZ7mHciQQq7F1AI
Pa9JE1PBtaf3HI07FdwCsr+G5VVtsoaqBdC4cdEXw0cAzJUzyIiWc4U8V4Dugrbp
o0y+tDDI006dx7e8o9TZtb4jCNftAH46GKEKKaQX+QFxbBrMzZ/WnpqbtJ21G6p+
PVVdza25qQuLpDbbxKq2Fy/+pV8NMv7nNQNGheBVILVHpSd4swGL7E4hAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKcQRa0U15LF/H733NHV4RpIYsBMB8GA1UdIwQY
MBaAFPT3dglAgAuG+AhuIJ7dGoW6wPXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBkMkNVQ0FDNGI0Q0c0Z250MGFoYnJBOWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81YzVlMjItZTRmOS00OTg2LWEwNTUt
MDQ3NWQxM2Y0NjNjLzEvc3B4QkZyUlRYa3NYOGZ2ZmMwZFhoR2toaXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81YzVlMjItZTRmOS00OTg2LWEwNTUtMDQ3NWQxM2Y0NjNj
LzEvOVBkMkNVQ0FDNGI0Q0c0Z250MGFoYnJBOWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjrwMA0G
CSqGSIb3DQEBCwUAA4IBAQCh0UGk7rZNXoHA5L/GpVeLMDPNmw0IgzGVb3ruJ7/1
XWqOg4EnXLjdWpXL7U/ChFvrjbe2RRpz3aZKLH0vCDRcaOa6YK7IfCZO7q4Qk2Ty
VtAUps1404L0f5ZXTWp+FjUqX72QGJjiE07197PHJ8mwzwnJhlTxX0xD+7REf7fT
gVSlshq5zeKftwjvva+P+ZKF0g4l/E/7y6HLefADLIDLnZMFvKH39wrnzzuKhrMn
Lhk+m/5TeiJLPidiOiYV7b9BbMr0RuyvIZdG9uC+DUF8dUeArNbECWAM2Mztx03t
/rKhHbDjKP2XgIr4rndaNznQ8J1uLFaXTfYnNtYYn9ow
-----END CERTIFICATE-----
Generated at Tue Nov 12 10:08:34 2024 by rpki-client on console-fra.rpki-client.org