Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/svxeViY1bt0yonh-WBAwF-HCxA4.roa
File: svxeViY1bt0yonh-WBAwF-HCxA4.roa (raw, json)
Hash identifier: JcpLgAnJEW0TFcdkLZ7PX9AtMnBOMkdLe6GqWFTrnOI=
Subject key identifier: B2:FC:5E:56:26:35:6E:DD:32:A2:78:7E:58:10:30:17:E1:C2:C4:0E
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019428260C555AE45CB784C25F30E40180D1
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/svxeViY1bt0yonh-WBAwF-HCxA4.roa
Signing time: Thu 02 Jan 2025 17:52:49 +0000
ROA not before: Thu 02 Jan 2025 17:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 62.233.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:0c:55:5a:e4:5c:b7:84:c2:5f:30:e4:01:80:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 17:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2fc5e5626356edd32a2787e58103017e1c2c40e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8e:cd:7d:6e:6b:56:fc:44:ec:fc:ba:be:20:
94:c4:76:5c:35:44:77:e9:77:0a:27:20:4d:20:c9:
e3:db:82:de:04:91:18:0b:e7:42:98:63:92:8d:dd:
c0:bf:5d:4d:37:fc:c9:d2:29:c4:33:2c:20:64:39:
82:60:29:c1:2d:ba:54:b0:05:44:94:11:3b:fb:f6:
0c:9d:3a:42:87:be:73:71:fe:28:71:27:8e:18:9a:
b4:0f:8f:e3:a9:7c:db:76:db:b9:be:37:d2:87:7d:
de:24:a6:e2:24:e9:ee:6b:c9:3b:ff:32:be:e0:21:
e3:46:20:01:bb:b8:d7:aa:27:86:8a:af:ed:77:13:
e3:90:38:56:51:05:a5:b3:a1:5a:f7:2e:d6:76:d2:
3f:aa:26:bf:9d:d6:0b:d1:06:34:13:1b:ea:3c:0b:
c4:1b:65:7c:45:23:f0:e3:34:ab:84:7f:5e:7e:3c:
42:a8:b4:0f:56:7e:1e:23:9e:da:89:d6:ca:df:59:
87:f1:28:92:b9:24:6e:3d:da:eb:2b:e3:4a:bc:a6:
22:89:b4:b2:7f:0c:db:32:3b:df:e6:0c:a7:29:28:
a0:6e:b5:cb:fe:93:38:9b:a3:ff:f3:bf:7d:21:60:
33:fc:4c:fc:6a:ec:49:22:0c:9a:94:1d:28:e4:44:
12:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FC:5E:56:26:35:6E:DD:32:A2:78:7E:58:10:30:17:E1:C2:C4:0E
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/svxeViY1bt0yonh-WBAwF-HCxA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.59.0/24
Signature Algorithm: sha256WithRSAEncryption
89:37:b8:c8:86:25:d0:ca:2b:c9:04:35:e9:73:9a:81:4d:f7:
5e:bb:be:01:ec:15:73:7b:bc:fc:07:a9:7d:7a:90:57:ee:f1:
07:fe:40:1c:c7:35:67:a8:a8:76:2a:12:28:04:83:d2:2d:d6:
18:15:9c:ea:51:c6:f6:8a:51:78:e7:18:e7:89:1a:f6:91:30:
45:97:38:29:96:e8:85:11:15:d7:65:2b:84:66:42:27:07:84:
25:ab:cd:01:ed:56:26:d4:c2:23:5f:0b:3d:0e:bf:07:26:85:
52:4a:e5:41:6b:3b:c3:5b:17:1c:96:5f:bc:b7:a3:ab:40:16:
a7:4a:00:f7:d0:30:8d:ba:cc:1e:f8:c6:38:a3:b3:2a:8d:2d:
98:d7:eb:43:6f:89:82:f8:42:67:a1:78:4a:79:dc:61:5b:b5:
de:d6:d8:d6:0d:f7:ad:44:5c:15:39:ab:13:3b:1e:fb:60:86:
48:d7:f7:49:91:1a:31:4a:a5:ec:03:6f:6b:97:f2:de:39:1d:
3e:8c:8a:33:cd:8e:76:5c:a7:c7:a1:4f:57:53:9b:b1:2d:cc:
ba:9b:a4:cc:fd:f7:d3:13:47:78:37:8c:4f:87:61:0c:49:48:
a1:7b:ec:18:6e:5a:6b:91:eb:cd:ed:1f:71:bb:b6:d1:3b:12:
f4:43:9e:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJgxVWuRct4TCXzDkAYDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTAyMTc1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmZjNWU1NjI2MzU2ZWRkMzJhMjc4N2U1ODEwMzAxN2UxYzJjNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8I7NfW5rVvxE7Py6viCUxHZcNUR3
6XcKJyBNIMnj24LeBJEYC+dCmGOSjd3Av11NN/zJ0inEMywgZDmCYCnBLbpUsAVE
lBE7+/YMnTpCh75zcf4ocSeOGJq0D4/jqXzbdtu5vjfSh33eJKbiJOnua8k7/zK+
4CHjRiABu7jXqieGiq/tdxPjkDhWUQWls6Fa9y7WdtI/qia/ndYL0QY0ExvqPAvE
G2V8RSPw4zSrhH9efjxCqLQPVn4eI57aidbK31mH8SiSuSRuPdrrK+NKvKYiibSy
fwzbMjvf5gynKSigbrXL/pM4m6P/8799IWAz/Ez8auxJIgyalB0o5EQSXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLL8XlYmNW7dMqJ4flgQMBfhwsQOMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvc3Z4ZVZpWTFidDB5b25oLVdCQXdGLUhDeEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuk7MA0G
CSqGSIb3DQEBCwUAA4IBAQCJN7jIhiXQyivJBDXpc5qBTfdeu74B7BVze7z8B6l9
epBX7vEH/kAcxzVnqKh2KhIoBIPSLdYYFZzqUcb2ilF45xjniRr2kTBFlzgpluiF
ERXXZSuEZkInB4Qlq80B7VYm1MIjXws9Dr8HJoVSSuVBazvDWxccll+8t6OrQBan
SgD30DCNuswe+MY4o7MqjS2Y1+tDb4mC+EJnoXhKedxhW7Xe1tjWDfetRFwVOasT
Ox77YIZI1/dJkRoxSqXsA29rl/LeOR0+jIozzY52XKfHoU9XU5uxLcy6m6TM/ffT
E0d4N4xPh2EMSUihe+wYblprkevN7R9xu7bROxL0Q571
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:18 2025 by rpki-client