Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/y1bjq6t2wUukz9W6C_N_eJWE5pQ.roa
File: y1bjq6t2wUukz9W6C_N_eJWE5pQ.roa (raw, json)
Hash identifier: rbXidQhk2TpaZB/G3C+NahAJvD9lrvrxNyxSFhR0BVE=
Subject key identifier: CB:56:E3:AB:AB:76:C1:4B:A4:CF:D5:BA:0B:F3:7F:78:95:84:E6:94
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 019427B647720944731262E09A714F491D5A
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/y1bjq6t2wUukz9W6C_N_eJWE5pQ.roa
Signing time: Thu 02 Jan 2025 15:50:44 +0000
ROA not before: Thu 02 Jan 2025 15:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24875
IP address blocks: 2.58.21.0/24 maxlen: 24
2.58.22.0/24 maxlen: 24
46.182.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:47:72:09:44:73:12:62:e0:9a:71:4f:49:1d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: Jan 2 15:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb56e3abab76c14ba4cfd5ba0bf37f789584e694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b3:27:6b:b7:a6:c2:26:0a:04:3c:34:71:b3:
67:f3:8f:f8:ec:e5:87:71:f8:8e:23:53:ce:61:da:
58:29:80:b2:2d:b8:43:16:5a:a0:5a:e7:2f:12:16:
a5:6b:51:02:47:69:46:de:8d:22:b1:29:cf:04:b1:
66:77:73:e6:d3:28:d6:fb:c7:40:b9:fb:19:5b:d4:
ca:b6:77:23:a1:4c:18:83:4a:4c:7b:4b:f4:de:c2:
8e:75:ac:54:02:e0:4a:eb:92:0c:13:c6:32:92:89:
6b:ce:70:6a:7f:64:63:ef:54:66:4d:e1:ba:8f:2e:
ce:db:63:82:8c:2a:ec:18:78:58:9a:2e:c2:62:30:
0d:f8:1a:a0:af:b3:b9:b5:bd:d3:b3:f8:ca:5f:bf:
46:17:c5:ec:1e:6d:62:4a:63:87:51:18:5a:28:a3:
38:ac:0d:f1:1c:86:25:b8:d3:8e:33:54:8a:1d:bd:
45:eb:2a:49:75:10:d1:ba:46:fc:5f:f1:8b:87:f2:
49:26:dd:50:55:5c:c9:b0:29:7b:ae:ef:2f:dd:d4:
5c:28:6c:0f:5a:a4:14:ec:1b:25:cd:57:cb:a3:af:
b9:b8:9b:bd:ff:ba:18:89:32:da:d5:5f:9e:00:42:
97:35:f7:04:a5:c9:75:87:c3:c5:bd:bc:a5:30:88:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:56:E3:AB:AB:76:C1:4B:A4:CF:D5:BA:0B:F3:7F:78:95:84:E6:94
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/y1bjq6t2wUukz9W6C_N_eJWE5pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.21.0-2.58.22.255
46.182.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:27:22:21:f3:74:24:28:96:9b:07:d5:60:64:6d:77:13:d0:
33:75:d9:17:2a:1d:ec:c1:36:99:9d:87:30:0c:73:bd:3c:3e:
fd:57:92:00:75:89:87:41:3d:2a:9c:91:09:c7:b1:67:ca:87:
7f:9e:d1:3c:45:7b:1a:95:88:04:ae:cf:85:07:84:1c:2c:68:
80:39:41:c9:d3:f4:a3:a6:02:4d:95:92:2e:db:56:c8:18:21:
a8:8e:45:c8:66:c5:8f:da:f1:d7:b4:ac:da:ad:1c:9b:a8:b6:
f6:d7:c7:e8:f9:73:c9:2e:b1:8e:cb:51:19:35:7b:0a:2f:9c:
c7:99:97:74:e9:e2:d1:38:36:2d:03:54:96:8a:30:84:be:08:
0c:64:cf:08:ce:76:45:e0:7d:d1:74:da:0f:c4:83:90:f0:03:
81:0b:e9:40:41:7e:7a:14:f9:1a:e8:bd:27:71:e6:52:96:5b:
13:99:06:b1:0d:ef:88:65:57:73:f3:f3:93:db:b0:8d:48:3b:
6f:57:f2:12:6a:39:00:bc:de:c4:0b:eb:2b:e1:93:25:63:80:
76:f5:85:30:a4:6f:bb:8a:d4:f2:9a:df:46:d8:e4:4b:b8:08:
28:2b:99:f8:16:59:18:d1:3e:0b:1c:81:04:18:5e:15:38:e5:
87:67:1a:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntkdyCURzEmLgmnFPSR1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGJkZGFmYjVkZjA5ODQxOTAyMGE4ZmJjN2E5MGIxNmUz
NDFkNjMwHhcNMjUwMTAyMTU1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjU2ZTNhYmFiNzZjMTRiYTRjZmQ1YmEwYmYzN2Y3ODk1ODRlNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrMna7emwiYKBDw0cbNn84/47OWH
cfiOI1POYdpYKYCyLbhDFlqgWucvEhala1ECR2lG3o0isSnPBLFmd3Pm0yjW+8dA
ufsZW9TKtncjoUwYg0pMe0v03sKOdaxUAuBK65IME8YykolrznBqf2Rj71RmTeG6
jy7O22OCjCrsGHhYmi7CYjAN+Bqgr7O5tb3Ts/jKX79GF8XsHm1iSmOHURhaKKM4
rA3xHIYluNOOM1SKHb1F6ypJdRDRukb8X/GLh/JJJt1QVVzJsCl7ru8v3dRcKGwP
WqQU7BslzVfLo6+5uJu9/7oYiTLa1V+eAEKXNfcEpcl1h8PFvbylMIgu+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMtW46urdsFLpM/Vugvzf3iVhOaUMB8GA1UdIwQY
MBaAFNlL3a+13wmEGQIKj7x6kLFuNB1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEt
NmUyNmI5MWY2OTEwLzEveTFianE2dDJ3VXVrejlXNkNfTl9lSldFNXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEtNmUyNmI5MWY2OTEw
LzEvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAACOhUD
BAACOhYDBAAutmwwDQYJKoZIhvcNAQELBQADggEBALInIiHzdCQolpsH1WBkbXcT
0DN12RcqHezBNpmdhzAMc708Pv1XkgB1iYdBPSqckQnHsWfKh3+e0TxFexqViASu
z4UHhBwsaIA5QcnT9KOmAk2Vki7bVsgYIaiORchmxY/a8de0rNqtHJuotvbXx+j5
c8kusY7LURk1ewovnMeZl3Tp4tE4Ni0DVJaKMIS+CAxkzwjOdkXgfdF02g/Eg5Dw
A4EL6UBBfnoU+RrovSdx5lKWWxOZBrEN74hlV3Pz85PbsI1IO29X8hJqOQC83sQL
6yvhkyVjgHb1hTCkb7uK1PKa30bY5Eu4CCgrmfgWWRjRPgscgQQYXhU45YdnGhI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:16 2025 by rpki-client