Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/qg4rCavoAEstd_gdiifZJ2l134s.roa
File: qg4rCavoAEstd_gdiifZJ2l134s.roa (raw, json)
Hash identifier: zv8J2KuDAwQOB6a6izYV8dRbqPViGL374uqqVPG9O1k=
Subject key identifier: AA:0E:2B:09:AB:E8:00:4B:2D:77:F8:1D:8A:27:D9:27:69:75:DF:8B
Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Certificate serial: 0194DB9D4C6DE4734EC8F8E119DB48B7081E
Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/qg4rCavoAEstd_gdiifZJ2l134s.roa
Signing time: Thu 06 Feb 2025 14:15:06 +0000
ROA not before: Thu 06 Feb 2025 14:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57706
IP address blocks: 2.58.58.0/24 maxlen: 24
2.58.59.0/24 maxlen: 24
2a09:e240::/29 maxlen: 29
2a09:e240::/48 maxlen: 48
2a09:e240:40::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:9d:4c:6d:e4:73:4e:c8:f8:e1:19:db:48:b7:08:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38
Validity
Not Before: Feb 6 14:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa0e2b09abe8004b2d77f81d8a27d9276975df8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:77:42:79:74:27:18:2f:94:2b:f4:fb:b5:2e:
ae:c7:2b:f5:00:3b:e6:84:e0:6a:a3:91:54:16:8b:
a0:7a:64:ff:4e:01:12:8a:0c:53:6b:72:d4:f0:6c:
4e:3c:17:7d:d7:33:b3:7a:ff:b2:77:73:17:bb:1e:
df:37:96:fe:c6:6f:d0:65:63:11:2a:49:11:ba:89:
3c:82:9f:a9:d0:60:c2:61:f5:35:47:15:54:5a:f6:
f4:9f:78:9c:f2:03:15:db:db:f2:2a:cb:a9:75:66:
7a:b3:49:a5:90:01:49:eb:c6:64:17:6d:88:4a:f3:
2f:b8:eb:45:81:3f:02:ad:d8:00:14:bd:b4:42:26:
ad:73:88:6f:b2:f8:ed:90:39:79:2b:73:48:79:1b:
19:91:f7:2c:aa:94:ff:29:82:ac:39:a8:4a:90:d3:
ec:54:81:5c:9e:91:25:68:d7:53:d0:41:dd:72:4d:
98:6f:46:38:f1:e2:d1:1b:35:a2:53:ed:a3:93:d2:
33:a5:2c:2e:b5:8d:37:f5:6c:72:47:f8:42:29:cb:
20:13:42:d3:7d:72:56:18:47:d8:57:40:10:e1:b9:
c2:76:9a:43:a3:44:3e:9d:c2:0a:15:65:39:6a:db:
ef:ef:62:60:88:c5:fb:54:14:23:09:86:5f:c3:92:
a6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:0E:2B:09:AB:E8:00:4B:2D:77:F8:1D:8A:27:D9:27:69:75:DF:8B
X509v3 Authority Key Identifier:
keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/qg4rCavoAEstd_gdiifZJ2l134s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.58.0/23
IPv6:
2a09:e240::/29
Signature Algorithm: sha256WithRSAEncryption
05:ea:02:39:5f:19:16:00:86:49:24:bd:f8:75:29:6f:36:89:
b9:b3:73:2a:c4:ef:2b:19:e0:46:65:ac:98:0a:c7:24:9b:ba:
98:f5:f1:d9:5a:bc:21:3d:e8:0a:0b:b1:55:46:6a:71:ce:ea:
bd:88:fe:72:63:ee:18:3f:04:d4:af:63:e1:c1:5f:61:30:74:
67:be:8d:0b:6f:66:a8:ec:f9:a8:61:c5:22:bb:00:ed:3a:22:
16:61:ce:92:ad:f0:58:6d:a5:1b:2f:6b:19:93:26:3d:df:89:
86:cf:f3:c9:79:b5:66:c6:3a:40:83:f2:5c:cc:a8:be:c3:6a:
50:4e:36:7f:a1:7c:0a:71:57:f6:11:b9:16:30:ed:6c:2a:3d:
b1:05:f9:28:4a:9b:6f:e4:11:40:28:69:83:6d:b2:d2:45:f1:
a3:99:97:25:9c:76:14:7b:28:59:f0:75:0e:c4:25:f3:7d:e4:
30:a3:b1:34:cc:d0:8c:88:7b:b1:bf:0d:e1:71:ed:4e:a3:c2:
0f:de:9e:00:bb:c0:2a:c0:d4:26:4e:8b:b7:8a:82:65:e9:e8:
d2:cb:4f:9d:45:41:18:14:22:79:6c:6e:5a:95:3b:21:a8:ab:
16:f0:0f:6d:cd:4e:9e:a7:f8:ef:fa:cf:2b:71:74:1b:dd:5f:
e6:05:7a:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZTbnUxt5HNOyPjhGdtItwgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk
MjRkMzgwHhcNMjUwMjA2MTQxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTBlMmIwOWFiZTgwMDRiMmQ3N2Y4MWQ4YTI3ZDkyNzY5NzVkZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3dCeXQnGC+UK/T7tS6uxyv1ADvm
hOBqo5FUFougemT/TgESigxTa3LU8GxOPBd91zOzev+yd3MXux7fN5b+xm/QZWMR
KkkRuok8gp+p0GDCYfU1RxVUWvb0n3ic8gMV29vyKsupdWZ6s0mlkAFJ68ZkF22I
SvMvuOtFgT8CrdgAFL20Qiatc4hvsvjtkDl5K3NIeRsZkfcsqpT/KYKsOahKkNPs
VIFcnpElaNdT0EHdck2Yb0Y48eLRGzWiU+2jk9IzpSwutY039WxyR/hCKcsgE0LT
fXJWGEfYV0AQ4bnCdppDo0Q+ncIKFWU5atvv72JgiMX7VBQjCYZfw5Km/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoOKwmr6ABLLXf4HYon2Sdpdd+LMB8GA1UdIwQY
MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt
ZTQ1MzUwNDE0ZGRmLzEvcWc0ckNhdm9BRXN0ZF9nZGlpZlpKMmwxMzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm
LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjo6MA0E
AgACMAcDBQMqCeJAMA0GCSqGSIb3DQEBCwUAA4IBAQAF6gI5XxkWAIZJJL34dSlv
Nom5s3MqxO8rGeBGZayYCsckm7qY9fHZWrwhPegKC7FVRmpxzuq9iP5yY+4YPwTU
r2PhwV9hMHRnvo0Lb2ao7PmoYcUiuwDtOiIWYc6SrfBYbaUbL2sZkyY934mGz/PJ
ebVmxjpAg/JczKi+w2pQTjZ/oXwKcVf2EbkWMO1sKj2xBfkoSptv5BFAKGmDbbLS
RfGjmZclnHYUeyhZ8HUOxCXzfeQwo7E0zNCMiHuxvw3hce1Oo8IP3p4Au8AqwNQm
Tou3ioJl6ejSy0+dRUEYFCJ5bG5alTshqKsW8A9tzU6ep/jv+s8rcXQb3V/mBXpZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:38 2025 by rpki-client