Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/EGO4jiA2tzhKdDX6MoW9oNSyBzU.roa
File: EGO4jiA2tzhKdDX6MoW9oNSyBzU.roa (raw, json)
Hash identifier: Rwjfm/MJizJpLf3JIDlcJB4qwnlgb02jgx3gR0g07WY=
Subject key identifier: 10:63:B8:8E:20:36:B7:38:4A:74:35:FA:32:85:BD:A0:D4:B2:07:35
Certificate issuer: /CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Certificate serial: 0194258ED2C81B18B9AB6AC74D6ACDF0A8FA
Authority key identifier: DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/EGO4jiA2tzhKdDX6MoW9oNSyBzU.roa
Signing time: Thu 02 Jan 2025 05:48:24 +0000
ROA not before: Thu 02 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 2.59.64.0/23 maxlen: 23
2.59.64.0/24 maxlen: 24
2a09:e940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d2:c8:1b:18:b9:ab:6a:c7:4d:6a:cd:f0:a8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Validity
Not Before: Jan 2 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1063b88e2036b7384a7435fa3285bda0d4b20735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:c1:12:7a:67:e3:55:8b:46:f9:3c:5f:72:
75:d9:26:e8:7f:42:be:03:9e:76:7e:67:a6:9f:7f:
16:16:71:17:ea:6a:20:b0:ff:11:fd:dd:e1:17:70:
d7:e8:ea:0d:91:72:88:e4:a0:29:a8:e9:ad:9e:23:
94:b0:be:96:6f:e2:f5:1d:b6:cf:2c:36:1c:98:9d:
d1:22:8a:4f:9f:7e:14:10:a3:24:9f:6f:c9:25:19:
ee:2b:ae:85:86:b1:0a:2e:fe:4a:93:50:c1:c9:7f:
ed:e6:35:3a:9d:9e:f9:11:c3:5b:9c:04:26:e8:82:
c2:e6:8a:e9:30:62:99:d5:44:2f:b8:a7:de:e3:5d:
aa:fc:fd:86:a4:52:ea:76:3a:ad:d8:4e:98:4c:4a:
37:9b:22:8a:77:3e:5b:e4:79:98:fd:34:a5:b3:ff:
0c:47:59:6f:16:8d:2e:97:14:e3:8f:e6:c5:ab:19:
15:e4:05:65:af:34:03:89:21:4e:58:08:47:e4:b2:
2a:08:be:fe:6c:81:48:6a:8f:f7:33:19:a6:88:f2:
bf:9c:31:13:5e:34:a5:fe:bd:51:88:5c:65:e6:c8:
b7:c5:75:51:c9:93:5a:a3:90:ac:9d:a8:d7:d0:66:
57:1d:05:25:0d:9a:12:2b:3f:cd:2b:cc:ff:1a:f4:
53:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:63:B8:8E:20:36:B7:38:4A:74:35:FA:32:85:BD:A0:D4:B2:07:35
X509v3 Authority Key Identifier:
keyid:DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/EGO4jiA2tzhKdDX6MoW9oNSyBzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/2gttm-19ptQiB7kAZNPhPv0yVKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.64.0/23
IPv6:
2a09:e940::/32
Signature Algorithm: sha256WithRSAEncryption
0c:0b:57:e7:92:2e:7a:99:56:73:d0:29:e3:48:a7:0a:32:bb:
a9:e3:5e:ab:80:16:8d:ff:c9:56:34:ea:02:3e:d5:d2:93:15:
cf:3a:89:f6:33:ff:d7:ee:c5:a2:dc:f2:13:fd:37:9f:86:f4:
ee:24:82:a3:02:be:85:74:73:95:05:ae:bf:75:55:ad:5d:a7:
19:38:c3:c9:cb:78:c3:38:27:70:68:ec:83:72:5f:21:27:18:
88:c1:7a:cb:ba:62:02:00:a9:51:95:91:17:1d:c5:69:28:9b:
50:39:f4:b7:44:77:41:57:78:08:cf:08:73:cf:44:4b:bb:71:
5a:c0:b9:30:57:ff:8e:ea:41:e6:b8:8c:ea:48:15:1d:a5:1c:
5a:92:b9:03:67:30:3c:a2:47:f6:8f:36:26:1a:be:24:cb:01:
bd:74:48:d7:9e:f7:a6:21:3f:f9:8a:b8:66:99:23:30:ed:61:
8a:de:91:ca:3f:9d:85:61:db:46:02:56:47:07:6a:e4:f8:89:
04:d7:20:6a:2d:6f:d6:1c:ab:14:80:55:87:17:c7:01:19:bb:
50:95:9f:8a:ac:1c:d1:c4:dc:41:c0:4d:98:57:63:01:16:b7:
ae:85:62:c7:f8:70:6f:da:65:60:ef:4f:f3:9f:b5:aa:84:fd:
4a:04:06:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljtLIGxi5q2rHTWrN8Kj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGI2ZDliZWQ3ZGE2ZDQyMjA3YjkwMDY0ZDNlMTNlZmQz
MjU0YWMwHhcNMjUwMTAyMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDYzYjg4ZTIwMzZiNzM4NGE3NDM1ZmEzMjg1YmRhMGQ0YjIwNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MjBEnpn41WLRvk8X3J12Sbof0K+
A552fmemn38WFnEX6mogsP8R/d3hF3DX6OoNkXKI5KApqOmtniOUsL6Wb+L1HbbP
LDYcmJ3RIopPn34UEKMkn2/JJRnuK66FhrEKLv5Kk1DByX/t5jU6nZ75EcNbnAQm
6ILC5orpMGKZ1UQvuKfe412q/P2GpFLqdjqt2E6YTEo3myKKdz5b5HmY/TSls/8M
R1lvFo0ulxTjj+bFqxkV5AVlrzQDiSFOWAhH5LIqCL7+bIFIao/3MxmmiPK/nDET
XjSl/r1RiFxl5si3xXVRyZNao5CsnajX0GZXHQUlDZoSKz/NK8z/GvRTcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBBjuI4gNrc4SnQ1+jKFvaDUsgc1MB8GA1UdIwQY
MBaAFNoLbZvtfabUIge5AGTT4T79MlSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEt
ZTE3MmQ2YTAxZTAzLzEvRUdPNGppQTJ0emhLZERYNk1vVzlvTlN5QnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEtZTE3MmQ2YTAxZTAz
LzEvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjtAMA0E
AgACMAcDBQAqCelAMA0GCSqGSIb3DQEBCwUAA4IBAQAMC1fnki56mVZz0CnjSKcK
Mrup416rgBaN/8lWNOoCPtXSkxXPOon2M//X7sWi3PIT/TefhvTuJIKjAr6FdHOV
Ba6/dVWtXacZOMPJy3jDOCdwaOyDcl8hJxiIwXrLumICAKlRlZEXHcVpKJtQOfS3
RHdBV3gIzwhzz0RLu3FawLkwV/+O6kHmuIzqSBUdpRxakrkDZzA8okf2jzYmGr4k
ywG9dEjXnvemIT/5irhmmSMw7WGK3pHKP52FYdtGAlZHB2rk+IkE1yBqLW/WHKsU
gFWHF8cBGbtQlZ+KrBzRxNxBwE2YV2MBFreuhWLH+HBv2mVg70/zn7WqhP1KBAZQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:01:13 2025 by rpki-client