Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/datIw7jbhWKA97sLdDYlce1vbcE.roa
File: datIw7jbhWKA97sLdDYlce1vbcE.roa (raw, json)
Hash identifier: h0k03HUs2ph1SGSR7EbQgm0j77kQr6xFxVUeHbU278g=
Subject key identifier: 75:AB:48:C3:B8:DB:85:62:80:F7:BB:0B:74:36:25:71:ED:6F:6D:C1
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0195C6E42A6B402087F19AC8F10270968016
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/datIw7jbhWKA97sLdDYlce1vbcE.roa
Signing time: Mon 24 Mar 2025 06:43:16 +0000
ROA not before: Mon 24 Mar 2025 06:43:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.233.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c6:e4:2a:6b:40:20:87:f1:9a:c8:f1:02:70:96:80:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Mar 24 06:43:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75ab48c3b8db856280f7bb0b74362571ed6f6dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:51:79:c1:ea:8c:f9:c6:37:11:21:44:a4:
d3:a5:89:c8:d4:08:f4:ad:b5:28:4c:a0:82:b5:d3:
cc:dc:d0:f2:d1:a9:a1:c6:f9:88:66:40:71:3e:9f:
16:50:7c:09:6a:4e:a6:48:18:94:a0:c4:d8:1e:9f:
1e:06:67:41:8c:c7:fe:66:f9:fa:94:ea:38:5b:1f:
a2:0e:27:35:6d:61:bc:0b:d3:67:ad:91:a4:37:6a:
70:72:7a:d5:9b:c3:0c:19:96:98:8d:1f:d7:d8:f6:
d3:f6:5d:df:b0:4a:46:55:9d:29:6e:2a:51:ec:6c:
4d:a9:a0:39:ce:5d:1c:de:77:13:29:27:11:35:9f:
c7:0e:64:57:32:6f:55:44:6c:4c:1e:fa:95:ec:02:
d3:88:2a:a5:e6:a3:ee:05:26:d8:00:e6:80:8d:43:
0b:be:bb:1d:f7:96:d6:e1:8b:3c:24:80:34:db:99:
fb:60:29:87:61:2c:38:30:81:b6:88:e3:18:e3:93:
82:12:4f:be:a6:ff:96:a9:6b:c5:c0:83:44:e6:88:
d8:20:73:b7:73:cd:b7:e9:fe:4f:d7:78:b6:d0:f3:
77:53:f1:54:ee:26:03:77:a4:9c:84:36:30:1b:39:
b8:6f:2a:b1:eb:3a:96:bf:1c:4e:1a:71:0b:88:8b:
4e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AB:48:C3:B8:DB:85:62:80:F7:BB:0B:74:36:25:71:ED:6F:6D:C1
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/datIw7jbhWKA97sLdDYlce1vbcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.59.0/24
Signature Algorithm: sha256WithRSAEncryption
32:00:f7:1a:e6:cf:ae:c6:a0:33:4b:56:46:91:4d:03:d2:ce:
65:c6:1b:b5:48:68:61:48:da:92:4f:88:0d:9d:9b:a0:72:6a:
06:b5:e8:ab:c3:a7:f2:2a:ca:95:60:47:cc:45:49:e4:86:62:
2e:52:26:b1:5b:4e:ed:84:16:66:23:78:37:bf:73:3a:01:47:
d2:c6:e5:06:66:89:e4:c1:77:21:37:0b:ca:6c:f8:48:09:8f:
b1:8d:96:84:d9:c5:18:54:20:4e:fa:bd:1e:3a:2a:0a:8f:80:
83:f0:92:cf:dc:9b:9b:ad:5d:69:97:92:09:7e:38:31:d1:4c:
97:3f:2d:ca:5b:e1:31:4a:cc:a2:3d:a7:19:d1:57:c4:cd:8c:
9f:43:bc:13:23:a6:f1:ec:28:09:4e:a0:a8:f2:aa:0f:d8:0f:
92:74:c0:fa:6c:11:72:20:9c:ff:74:fd:45:f0:3f:a2:25:5f:
ae:0d:ba:85:19:28:77:d5:26:c2:90:24:64:d0:98:98:cc:54:
33:ba:cf:ea:de:15:f9:a8:b4:3f:d0:1a:69:8e:bf:cb:20:ac:
4d:48:f9:3a:da:46:ae:39:22:d6:a4:69:0b:f1:9b:c2:8e:30:
b8:e5:f1:d6:7f:08:50:11:12:14:fe:6f:19:4e:7e:0e:62:40:
e6:e9:ec:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXG5CprQCCH8ZrI8QJwloAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMzI0MDY0MzE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFiNDhjM2I4ZGI4NTYyODBmN2JiMGI3NDM2MjU3MWVkNmY2ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj1RecHqjPnGNxEhRKTTpYnI1Aj0
rbUoTKCCtdPM3NDy0amhxvmIZkBxPp8WUHwJak6mSBiUoMTYHp8eBmdBjMf+Zvn6
lOo4Wx+iDic1bWG8C9NnrZGkN2pwcnrVm8MMGZaYjR/X2PbT9l3fsEpGVZ0pbipR
7GxNqaA5zl0c3ncTKScRNZ/HDmRXMm9VRGxMHvqV7ALTiCql5qPuBSbYAOaAjUML
vrsd95bW4Ys8JIA025n7YCmHYSw4MIG2iOMY45OCEk++pv+WqWvFwINE5ojYIHO3
c8236f5P13i20PN3U/FU7iYDd6SchDYwGzm4byqx6zqWvxxOGnELiItOsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWrSMO424VigPe7C3Q2JXHtb23BMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvZGF0SXc3amJoV0tBOTdzTGREWWxjZTF2YmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuk7MA0G
CSqGSIb3DQEBCwUAA4IBAQAyAPca5s+uxqAzS1ZGkU0D0s5lxhu1SGhhSNqST4gN
nZugcmoGteirw6fyKsqVYEfMRUnkhmIuUiaxW07thBZmI3g3v3M6AUfSxuUGZonk
wXchNwvKbPhICY+xjZaE2cUYVCBO+r0eOioKj4CD8JLP3JubrV1pl5IJfjgx0UyX
Py3KW+ExSsyiPacZ0VfEzYyfQ7wTI6bx7CgJTqCo8qoP2A+SdMD6bBFyIJz/dP1F
8D+iJV+uDbqFGSh31SbCkCRk0JiYzFQzus/q3hX5qLQ/0Bppjr/LIKxNSPk62kau
OSLWpGkL8ZvCjjC45fHWfwhQERIU/m8ZTn4OYkDm6exS
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:36:56 2025 by rpki-client