Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/PD_Xl6aIn-9nM7Cuv76tonm3DQs.roa
File: PD_Xl6aIn-9nM7Cuv76tonm3DQs.roa (raw, json)
Hash identifier: eV3oYzqmsUo/tD8MF19nLY3vJUlBIRK2ZRgKaKPSP1Q=
Subject key identifier: 3C:3F:D7:97:A6:88:9F:EF:67:33:B0:AE:BF:BE:AD:A2:79:B7:0D:0B
Certificate issuer: /CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Certificate serial: 019402FC565A31D6C7737694AC3370660C6F
Authority key identifier: DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/PD_Xl6aIn-9nM7Cuv76tonm3DQs.roa
Signing time: Thu 26 Dec 2024 12:41:19 +0000
ROA not before: Thu 26 Dec 2024 12:41:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 2.59.64.0/23 maxlen: 23
2.59.64.0/24 maxlen: 24
2a09:e940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:fc:56:5a:31:d6:c7:73:76:94:ac:33:70:66:0c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Validity
Not Before: Dec 26 12:41:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c3fd797a6889fef6733b0aebfbeada279b70d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:aa:93:85:51:48:5d:7d:67:e1:8b:c8:a1:8e:
f5:ae:c9:17:21:bf:f6:f5:f3:02:1c:80:ff:ae:e0:
83:ce:48:b2:9b:e2:1d:71:0e:a5:fc:f2:89:f6:d2:
5a:c2:89:b6:8c:c8:76:49:c8:6b:84:6b:5d:9c:48:
e2:8e:ca:e7:a6:cf:86:19:cc:0b:6a:68:c2:05:e4:
81:0d:35:b6:2d:ae:7c:93:4e:77:12:6c:e2:00:2d:
02:ad:ef:4e:84:b7:6b:04:76:ea:43:78:b8:06:1e:
bd:60:f2:f2:b8:65:b0:a0:b2:fb:77:97:59:0e:8a:
99:50:ac:cc:7f:12:05:91:bb:8b:9a:16:8a:82:d9:
1d:4c:b3:88:9e:45:3f:5f:21:8f:74:98:10:48:3b:
25:0b:f6:3d:90:e1:51:14:c4:ff:10:4d:fb:22:f8:
d8:e0:f0:46:50:2b:09:25:41:26:55:ea:d3:ed:4a:
58:87:31:25:9b:13:0b:bc:c1:f1:48:c6:50:09:8f:
63:ef:05:5d:54:ef:13:79:ef:69:5d:86:12:9b:c0:
76:6f:85:c5:ae:f6:90:35:a6:f4:a1:d4:1a:e0:9b:
93:ef:dd:17:3d:7e:3e:bc:a0:eb:f3:5d:d0:27:2d:
63:84:df:a4:fa:97:d1:d2:7c:b1:e9:86:8d:aa:41:
a3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3F:D7:97:A6:88:9F:EF:67:33:B0:AE:BF:BE:AD:A2:79:B7:0D:0B
X509v3 Authority Key Identifier:
keyid:DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/PD_Xl6aIn-9nM7Cuv76tonm3DQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/2gttm-19ptQiB7kAZNPhPv0yVKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.64.0/23
IPv6:
2a09:e940::/32
Signature Algorithm: sha256WithRSAEncryption
07:58:fa:8c:7f:03:c4:02:ba:0b:3a:2f:23:e6:cf:51:9f:83:
8a:d7:51:8b:fb:85:14:c6:70:14:2d:cd:f2:42:c9:ca:30:3d:
83:4a:66:7c:94:96:4e:30:b6:ee:1d:77:fa:84:3d:ad:8d:a9:
a8:c7:7f:02:eb:db:3e:ef:6b:08:3e:04:17:9c:42:c8:ee:a6:
3e:7a:66:a0:a7:2d:9a:20:91:f9:02:6a:20:9d:98:17:97:99:
19:77:0e:d3:bb:a3:e9:f1:46:f3:9f:cb:a1:e0:9a:7e:3b:d9:
86:80:62:61:f3:8b:df:a3:6d:cb:4d:b9:c1:91:5f:67:f1:88:
8d:a3:20:3c:dc:84:57:6c:35:c5:86:e1:e9:bc:47:91:ab:bd:
65:e3:0c:fd:b5:6f:ce:39:3d:fe:12:10:dd:10:a5:18:aa:15:
60:6e:ec:2f:eb:35:fb:fb:b4:55:8f:1f:c0:b0:1c:e3:54:07:
bc:d2:44:b1:1c:c6:23:8d:bc:dd:52:eb:7f:b7:b9:32:3a:84:
95:92:cb:de:8d:20:03:1f:00:fb:15:e1:af:12:d3:4f:0d:96:
21:72:27:46:59:2b:c3:e6:a0:ee:4b:27:e8:5f:23:30:01:7b:
f7:2e:e8:2e:04:9e:cd:59:01:39:8c:ea:68:b3:8b:05:ce:e0:
02:50:02:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQC/FZaMdbHc3aUrDNwZgxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGI2ZDliZWQ3ZGE2ZDQyMjA3YjkwMDY0ZDNlMTNlZmQz
MjU0YWMwHhcNMjQxMjI2MTI0MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNmZDc5N2E2ODg5ZmVmNjczM2IwYWViZmJlYWRhMjc5YjcwZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26qThVFIXX1n4YvIoY71rskXIb/2
9fMCHID/ruCDzkiym+IdcQ6l/PKJ9tJawom2jMh2SchrhGtdnEjijsrnps+GGcwL
amjCBeSBDTW2La58k053EmziAC0Cre9OhLdrBHbqQ3i4Bh69YPLyuGWwoLL7d5dZ
DoqZUKzMfxIFkbuLmhaKgtkdTLOInkU/XyGPdJgQSDslC/Y9kOFRFMT/EE37IvjY
4PBGUCsJJUEmVerT7UpYhzElmxMLvMHxSMZQCY9j7wVdVO8Tee9pXYYSm8B2b4XF
rvaQNab0odQa4JuT790XPX4+vKDr813QJy1jhN+k+pfR0nyx6YaNqkGj3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDw/15emiJ/vZzOwrr++raJ5tw0LMB8GA1UdIwQY
MBaAFNoLbZvtfabUIge5AGTT4T79MlSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEt
ZTE3MmQ2YTAxZTAzLzEvUERfWGw2YUluLTluTTdDdXY3NnRvbm0zRFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEtZTE3MmQ2YTAxZTAz
LzEvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjtAMA0E
AgACMAcDBQAqCelAMA0GCSqGSIb3DQEBCwUAA4IBAQAHWPqMfwPEAroLOi8j5s9R
n4OK11GL+4UUxnAULc3yQsnKMD2DSmZ8lJZOMLbuHXf6hD2tjamox38C69s+72sI
PgQXnELI7qY+emagpy2aIJH5AmognZgXl5kZdw7Tu6Pp8Ubzn8uh4Jp+O9mGgGJh
84vfo23LTbnBkV9n8YiNoyA83IRXbDXFhuHpvEeRq71l4wz9tW/OOT3+EhDdEKUY
qhVgbuwv6zX7+7RVjx/AsBzjVAe80kSxHMYjjbzdUut/t7kyOoSVksvejSADHwD7
FeGvEtNPDZYhcidGWSvD5qDuSyfoXyMwAXv3LuguBJ7NWQE5jOpos4sFzuACUAI0
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:51:08 2025 by rpki-client