Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/2XUys4hud9jqjCniN84H9LiGQSM.roa
File: 2XUys4hud9jqjCniN84H9LiGQSM.roa (raw, json)
Hash identifier: JH88YxvvWCcgE9wINTfovUfPdxJ1j6ic8oEf6OEr9KY=
Subject key identifier: D9:75:32:B3:88:6E:77:D8:EA:8C:29:E2:37:CE:07:F4:B8:86:41:23
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 019404EBA28FFD73AFC749587BA1F394CADE
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/2XUys4hud9jqjCniN84H9LiGQSM.roa
Signing time: Thu 26 Dec 2024 21:42:18 +0000
ROA not before: Thu 26 Dec 2024 21:42:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 2.57.123.0/24 maxlen: 24
45.134.50.0/24 maxlen: 24
45.138.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:04:eb:a2:8f:fd:73:af:c7:49:58:7b:a1:f3:94:ca:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Dec 26 21:42:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d97532b3886e77d8ea8c29e237ce07f4b8864123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0c:41:fc:90:97:f7:0b:02:2f:6f:3f:93:ec:
41:52:85:7a:c3:3e:38:06:e2:8a:b8:00:c2:3b:e5:
ac:fc:e5:b6:b1:13:48:06:a5:0b:1b:1d:5f:5b:bd:
f9:9a:ea:a2:08:d6:69:7c:1f:23:55:7a:0a:dd:dc:
6d:a7:60:7a:72:71:6b:01:3a:b8:41:f7:de:ff:30:
26:ae:cc:7f:c4:ee:67:cd:23:90:83:87:55:7e:bd:
7b:ee:93:0d:6c:40:89:60:28:8a:cf:a3:d5:47:a5:
62:68:c6:8c:ef:31:e4:1c:ce:07:30:70:46:e1:91:
a2:1a:63:f0:ef:e6:f4:02:07:5c:5f:02:d0:64:39:
0f:6b:d9:8c:3a:a2:d6:a0:d5:ef:03:2e:cf:bc:dc:
f9:72:de:34:58:02:22:4c:98:13:ef:99:27:c5:14:
e4:ef:57:7b:ff:a8:80:c9:d7:ca:cc:ba:8d:8b:38:
69:cb:33:ce:4c:a8:ed:8a:bf:21:60:8a:89:06:8d:
26:05:58:3b:26:35:1c:f5:66:60:56:3c:d9:73:c1:
fd:64:bc:b4:27:56:81:30:34:26:13:d9:d7:c8:b3:
44:7f:3c:bf:d7:68:46:97:68:b0:15:94:a9:78:85:
b8:f5:b2:83:0e:5b:7d:79:8d:43:fb:a5:4f:b4:7e:
bd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:75:32:B3:88:6E:77:D8:EA:8C:29:E2:37:CE:07:F4:B8:86:41:23
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/2XUys4hud9jqjCniN84H9LiGQSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.123.0/24
45.134.50.0/24
45.138.99.0/24
Signature Algorithm: sha256WithRSAEncryption
91:d8:ab:c3:3d:f7:b6:b4:bc:71:2a:20:52:e4:d8:40:ef:60:
8d:7a:c3:17:20:de:b3:96:5d:5e:e4:dc:4a:ac:6a:4a:43:3b:
c4:0f:c3:3b:6c:b7:ad:ae:7c:cb:22:65:97:f3:58:4f:57:d5:
48:d7:9e:fb:2a:a7:2c:e9:c1:f6:13:7a:e2:a2:b2:fc:4e:e7:
35:f0:cd:aa:af:63:b0:9d:72:51:5c:9e:c7:cf:61:c7:e6:f4:
6a:8a:e4:b7:4e:e9:f7:e2:86:51:db:de:7f:e0:5f:26:34:45:
3c:2a:4f:5f:90:55:10:e4:4e:65:59:c1:20:f3:03:45:a3:40:
47:d7:8e:4e:17:b2:ed:83:34:c4:15:cd:9c:f8:df:d0:c0:f8:
94:34:96:6c:62:a9:fe:03:18:f7:ae:f8:b9:fd:57:20:eb:d1:
5f:0f:30:f8:0f:8f:c7:e4:d3:9c:e1:d8:0f:76:0d:52:4e:5f:
e7:22:a2:76:51:de:f5:d3:96:3e:b1:bf:d9:80:19:2d:9d:1a:
f3:7b:4a:9f:05:bc:d1:f0:cd:e8:94:1e:8a:0e:d2:4b:8a:f8:
ff:f7:fe:42:e0:e6:02:54:33:b8:c4:d6:00:dc:cf:b1:71:2f:
9a:36:70:da:8d:5e:51:36:85:5f:fb:4b:d9:54:ad:11:8b:9d:
85:01:2a:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQE66KP/XOvx0lYe6HzlMreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQxMjI2MjE0MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc1MzJiMzg4NmU3N2Q4ZWE4YzI5ZTIzN2NlMDdmNGI4ODY0MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgxB/JCX9wsCL28/k+xBUoV6wz44
BuKKuADCO+Ws/OW2sRNIBqULGx1fW735muqiCNZpfB8jVXoK3dxtp2B6cnFrATq4
Qffe/zAmrsx/xO5nzSOQg4dVfr177pMNbECJYCiKz6PVR6ViaMaM7zHkHM4HMHBG
4ZGiGmPw7+b0AgdcXwLQZDkPa9mMOqLWoNXvAy7PvNz5ct40WAIiTJgT75knxRTk
71d7/6iAydfKzLqNizhpyzPOTKjtir8hYIqJBo0mBVg7JjUc9WZgVjzZc8H9ZLy0
J1aBMDQmE9nXyLNEfzy/12hGl2iwFZSpeIW49bKDDlt9eY1D+6VPtH699QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNl1MrOIbnfY6owp4jfOB/S4hkEjMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvMlhVeXM0aHVkOWpxakNuaU44NEg5TGlHUVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjl7AwQA
LYYyAwQALYpjMA0GCSqGSIb3DQEBCwUAA4IBAQCR2KvDPfe2tLxxKiBS5NhA72CN
esMXIN6zll1e5NxKrGpKQzvED8M7bLetrnzLImWX81hPV9VI1577Kqcs6cH2E3ri
orL8Tuc18M2qr2OwnXJRXJ7Hz2HH5vRqiuS3Tun34oZR295/4F8mNEU8Kk9fkFUQ
5E5lWcEg8wNFo0BH145OF7LtgzTEFc2c+N/QwPiUNJZsYqn+Axj3rvi5/Vcg69Ff
DzD4D4/H5NOc4dgPdg1STl/nIqJ2Ud7105Y+sb/ZgBktnRrze0qfBbzR8M3olB6K
DtJLivj/9/5C4OYCVDO4xNYA3M+xcS+aNnDajV5RNoVf+0vZVK0Ri52FASpe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:31 2025 by rpki-client