Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/59hx8MiVy0L5bbCsrmz6L5yJrmQ.roa
File: 59hx8MiVy0L5bbCsrmz6L5yJrmQ.roa (raw, json)
Hash identifier: tUrCnGXwIpcsX6KWOsldh7ImOj30jilIGBTNNVRq1UU=
Subject key identifier: E7:D8:71:F0:C8:95:CB:42:F9:6D:B0:AC:AE:6C:FA:2F:9C:89:AE:64
Certificate issuer: /CN=6516844d245d4124a22a536b046da86332d0b911
Certificate serial: 0194206838BA2FE4A767705DB8ECE9D9A759
Authority key identifier: 65:16:84:4D:24:5D:41:24:A2:2A:53:6B:04:6D:A8:63:32:D0:B9:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRaETSRdQSSiKlNrBG2oYzLQuRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/59hx8MiVy0L5bbCsrmz6L5yJrmQ.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15525
IP address blocks: 192.188.10.0/24 maxlen: 24
193.236.120.0/24 maxlen: 24
193.236.121.0/24 maxlen: 24
193.236.122.0/24 maxlen: 24
193.236.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:38:ba:2f:e4:a7:67:70:5d:b8:ec:e9:d9:a7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6516844d245d4124a22a536b046da86332d0b911
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7d871f0c895cb42f96db0acae6cfa2f9c89ae64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:df:6c:f8:2b:d3:8c:7d:f3:a5:1b:b4:c7:2c:
3a:a6:d1:23:6c:1a:c1:a1:de:c1:d8:fb:c3:9a:b8:
61:3b:d2:65:da:9a:36:83:78:f9:d4:fc:a6:eb:5a:
f6:d1:b6:1f:bb:3a:9a:da:56:d7:4b:83:02:1e:f5:
f4:ff:fd:4d:66:16:68:60:ec:af:2e:32:0f:16:f2:
c4:43:49:ff:9d:5d:2b:1f:8e:da:ab:dd:1d:0c:ff:
03:7a:40:fb:7f:a5:ce:13:44:d5:9a:f4:9c:7f:66:
ea:87:6f:c2:ab:2b:05:39:48:ea:39:00:7d:b0:36:
fe:0d:21:c2:f1:ec:82:18:a0:d4:a7:44:b8:7b:59:
50:ec:0f:18:f0:24:35:32:36:6a:f9:e0:ca:dc:0c:
47:68:58:85:41:e1:ae:40:08:4c:1f:09:ab:30:64:
75:0f:df:5e:b5:fc:78:fe:6e:7f:61:99:98:92:5c:
e2:40:4c:47:a3:18:02:71:2b:8b:8c:90:d1:ec:e3:
7f:06:8f:b4:f1:b0:f3:bb:07:54:db:54:64:a2:7f:
1a:a1:46:c3:a4:95:78:d3:00:cd:cc:90:af:48:76:
ef:3a:13:05:20:5e:11:e8:03:00:23:bb:f5:a9:cf:
7d:cc:59:9d:4b:6e:41:ce:e5:9d:31:dc:c5:bd:68:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D8:71:F0:C8:95:CB:42:F9:6D:B0:AC:AE:6C:FA:2F:9C:89:AE:64
X509v3 Authority Key Identifier:
keyid:65:16:84:4D:24:5D:41:24:A2:2A:53:6B:04:6D:A8:63:32:D0:B9:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRaETSRdQSSiKlNrBG2oYzLQuRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/59hx8MiVy0L5bbCsrmz6L5yJrmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/493985-c270-429e-91b2-d570483c368b/1/ZRaETSRdQSSiKlNrBG2oYzLQuRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.188.10.0/24
193.236.120.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:2b:15:0b:dc:f1:15:f4:cb:bf:0e:79:e1:c8:1a:f5:aa:8b:
f8:8d:fe:b0:df:4f:60:fe:a4:4a:ae:87:96:aa:a3:16:88:97:
b9:c2:95:cd:94:90:27:12:cf:0a:53:19:e3:db:aa:cd:41:7e:
02:60:97:84:ce:b8:f4:62:97:31:62:aa:65:40:ef:20:f1:e6:
35:9c:eb:e2:2d:1a:34:b5:ce:07:71:22:b4:e7:7b:00:c4:e5:
2b:83:d2:52:c9:fe:a3:8a:b2:31:93:40:4e:11:4c:1c:11:91:
50:22:dc:39:10:64:f6:78:86:52:b1:33:a3:0a:44:d8:1e:5d:
1b:6a:13:72:9c:86:a8:80:25:f4:c1:a9:9c:a7:46:0c:e9:12:
6a:18:b5:1b:0a:c7:bc:6f:f0:db:97:bd:8d:91:09:13:73:fd:
99:d8:f4:e2:ba:09:93:7e:f9:df:8b:9c:8f:03:55:e3:4a:7a:
9f:5f:b8:5a:82:30:91:fb:96:ac:47:8b:ca:55:85:76:c4:4b:
52:35:60:f7:2f:1d:91:e8:71:9d:84:e8:4e:9f:63:9e:b7:7f:
8d:5d:bc:a4:96:1f:41:20:1e:55:33:90:9a:cf:95:2e:ce:df:
15:17:2b:af:57:1c:32:b5:90:92:af:53:dc:c0:98:48:0f:41:
92:d8:36:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaDi6L+SnZ3BduOzp2adZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTY4NDRkMjQ1ZDQxMjRhMjJhNTM2YjA0NmRhODYzMzJk
MGI5MTEwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Q4NzFmMGM4OTVjYjQyZjk2ZGIwYWNhZTZjZmEyZjljODlhZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz99s+CvTjH3zpRu0xyw6ptEjbBrB
od7B2PvDmrhhO9Jl2po2g3j51Pym61r20bYfuzqa2lbXS4MCHvX0//1NZhZoYOyv
LjIPFvLEQ0n/nV0rH47aq90dDP8DekD7f6XOE0TVmvScf2bqh2/CqysFOUjqOQB9
sDb+DSHC8eyCGKDUp0S4e1lQ7A8Y8CQ1MjZq+eDK3AxHaFiFQeGuQAhMHwmrMGR1
D99etfx4/m5/YZmYklziQExHoxgCcSuLjJDR7ON/Bo+08bDzuwdU21Rkon8aoUbD
pJV40wDNzJCvSHbvOhMFIF4R6AMAI7v1qc99zFmdS25BzuWdMdzFvWjsJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOfYcfDIlctC+W2wrK5s+i+cia5kMB8GA1UdIwQY
MBaAFGUWhE0kXUEkoipTawRtqGMy0LkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJhRVRTUmRRU1NpS2xOckJHMm9ZekxRdVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80OTM5ODUtYzI3MC00MjllLTkxYjIt
ZDU3MDQ4M2MzNjhiLzEvNTloeDhNaVZ5MEw1YmJDc3JtejZMNXlKcm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80OTM5ODUtYzI3MC00MjllLTkxYjItZDU3MDQ4M2MzNjhi
LzEvWlJhRVRTUmRRU1NpS2xOckJHMm9ZekxRdVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwLwKAwQC
wex4MA0GCSqGSIb3DQEBCwUAA4IBAQCqKxUL3PEV9Mu/DnnhyBr1qov4jf6w309g
/qRKroeWqqMWiJe5wpXNlJAnEs8KUxnj26rNQX4CYJeEzrj0YpcxYqplQO8g8eY1
nOviLRo0tc4HcSK053sAxOUrg9JSyf6jirIxk0BOEUwcEZFQItw5EGT2eIZSsTOj
CkTYHl0bahNynIaogCX0wamcp0YM6RJqGLUbCse8b/Dbl72NkQkTc/2Z2PTiugmT
fvnfi5yPA1XjSnqfX7hagjCR+5asR4vKVYV2xEtSNWD3Lx2R6HGdhOhOn2Oet3+N
Xbyklh9BIB5VM5Caz5Uuzt8VFyuvVxwytZCSr1PcwJhID0GS2DYA
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:33:15 2025 by rpki-client