Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/d5p1rXqEESZ461U1m-rcky28uME.roa
File: d5p1rXqEESZ461U1m-rcky28uME.roa (raw, json)
Hash identifier: FN8T9yynkpB1wkcGSCiLBoHmgOmE79LIKdhw3EVUQoI=
Subject key identifier: 77:9A:75:AD:7A:84:11:26:78:EB:55:35:9B:EA:DC:93:2D:BC:B8:C1
Certificate issuer: /CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Certificate serial: 0193E42219C9949B9FB6AB58D6677CF91625
Authority key identifier: DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/d5p1rXqEESZ461U1m-rcky28uME.roa
Signing time: Fri 20 Dec 2024 12:54:20 +0000
ROA not before: Fri 20 Dec 2024 12:54:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 2.59.64.0/23 maxlen: 23
2a09:e940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:22:19:c9:94:9b:9f:b6:ab:58:d6:67:7c:f9:16:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b6d9bed7da6d42207b90064d3e13efd3254ac
Validity
Not Before: Dec 20 12:54:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=779a75ad7a84112678eb55359beadc932dbcb8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:22:58:7d:37:e3:a5:68:c9:21:56:07:4d:54:
9f:51:ed:a7:6a:c2:5f:6c:c5:fa:56:58:7d:73:c0:
27:3c:bf:e6:08:7a:9e:ee:02:47:e2:b2:1a:a6:4e:
6b:11:8b:39:3e:3d:88:b0:1a:05:29:3f:fa:d5:f1:
c5:51:56:de:6c:97:0f:c7:6c:d2:e3:0c:be:51:1b:
0e:44:ee:63:0e:39:b0:f0:c8:73:88:cc:51:e5:ea:
2d:38:77:ba:02:0d:b8:4d:2b:63:ce:65:82:d3:c0:
00:b8:3d:81:cc:93:cd:55:2e:57:6f:4e:0c:02:80:
d1:79:43:62:51:d4:25:76:90:53:7a:f4:ea:c7:5d:
ab:cc:b8:6c:87:d4:b5:5c:b5:ff:3c:87:da:5e:51:
a7:cb:39:bd:59:d8:ac:f1:19:ab:cf:92:9c:35:30:
b2:8a:2e:62:70:5a:3e:87:e5:3e:25:3c:1a:df:93:
ac:fe:38:d8:ca:c2:a8:30:c9:17:95:d1:b3:30:c5:
50:52:62:56:61:29:87:4d:1b:79:80:dd:b9:ff:f6:
35:72:cc:64:b3:f5:c4:4c:ac:50:1f:af:be:63:e3:
aa:52:c0:c1:34:e9:39:67:a4:33:f5:5a:b7:95:7c:
18:c4:3b:31:ea:1b:0e:d8:7b:d4:88:80:5f:d5:fc:
97:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9A:75:AD:7A:84:11:26:78:EB:55:35:9B:EA:DC:93:2D:BC:B8:C1
X509v3 Authority Key Identifier:
keyid:DA:0B:6D:9B:ED:7D:A6:D4:22:07:B9:00:64:D3:E1:3E:FD:32:54:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gttm-19ptQiB7kAZNPhPv0yVKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/d5p1rXqEESZ461U1m-rcky28uME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/13d49f-5e0f-422b-bcf1-e172d6a01e03/1/2gttm-19ptQiB7kAZNPhPv0yVKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.64.0/23
IPv6:
2a09:e940::/32
Signature Algorithm: sha256WithRSAEncryption
95:d6:67:29:6d:81:7b:d7:63:9a:07:6f:bd:89:c8:ac:1a:eb:
96:f5:35:63:70:75:95:e8:f2:f0:07:1c:72:b4:eb:08:d9:fe:
dc:43:d2:c1:88:bf:39:90:6c:83:41:30:0d:19:26:2d:8d:b6:
bd:72:4e:19:26:7f:c3:62:16:db:5a:4e:65:d6:63:5e:54:65:
0a:72:65:7e:ab:17:55:65:0d:4e:dc:85:38:8b:b3:d6:73:9e:
4f:d6:c9:c3:3f:2d:e6:f3:20:32:ca:f8:46:41:c3:47:75:b1:
8c:ce:04:d1:ec:eb:92:a4:b6:11:4c:c8:5f:1a:c0:3f:43:9a:
29:cb:7d:6d:aa:35:20:3f:d6:cf:fd:84:c0:f1:e6:58:22:0c:
87:3d:47:0c:b8:ea:61:b1:af:11:d3:be:0e:d8:93:a8:84:f1:
79:79:b2:48:23:2b:ca:e4:ab:64:63:d0:63:12:bf:aa:c7:75:
fe:9e:ba:3f:e7:32:b7:50:38:be:ad:2b:f0:ba:a2:c4:fc:8d:
0c:82:fe:45:4e:1d:76:91:3c:56:72:b9:09:1f:84:2c:cb:4a:
39:e4:cb:97:15:64:78:ea:89:b5:fb:64:d8:50:5a:7c:c1:90:
26:c3:59:f1:87:f7:bd:b1:d7:a4:55:a5:00:e0:ec:ca:22:d1:
30:07:c9:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPkIhnJlJuftqtY1md8+RYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGI2ZDliZWQ3ZGE2ZDQyMjA3YjkwMDY0ZDNlMTNlZmQz
MjU0YWMwHhcNMjQxMjIwMTI1NDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzlhNzVhZDdhODQxMTI2NzhlYjU1MzU5YmVhZGM5MzJkYmNiOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSJYfTfjpWjJIVYHTVSfUe2nasJf
bMX6Vlh9c8AnPL/mCHqe7gJH4rIapk5rEYs5Pj2IsBoFKT/61fHFUVbebJcPx2zS
4wy+URsORO5jDjmw8MhziMxR5eotOHe6Ag24TStjzmWC08AAuD2BzJPNVS5Xb04M
AoDReUNiUdQldpBTevTqx12rzLhsh9S1XLX/PIfaXlGnyzm9Wdis8Rmrz5KcNTCy
ii5icFo+h+U+JTwa35Os/jjYysKoMMkXldGzMMVQUmJWYSmHTRt5gN25//Y1csxk
s/XETKxQH6++Y+OqUsDBNOk5Z6Qz9Vq3lXwYxDsx6hsO2HvUiIBf1fyXzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHeada16hBEmeOtVNZvq3JMtvLjBMB8GA1UdIwQY
MBaAFNoLbZvtfabUIge5AGTT4T79MlSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEt
ZTE3MmQ2YTAxZTAzLzEvZDVwMXJYcUVFU1o0NjFVMW0tcmNreTI4dU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xM2Q0OWYtNWUwZi00MjJiLWJjZjEtZTE3MmQ2YTAxZTAz
LzEvMmd0dG0tMTlwdFFpQjdrQVpOUGhQdjB5Vkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjtAMA0E
AgACMAcDBQAqCelAMA0GCSqGSIb3DQEBCwUAA4IBAQCV1mcpbYF712OaB2+9icis
GuuW9TVjcHWV6PLwBxxytOsI2f7cQ9LBiL85kGyDQTANGSYtjba9ck4ZJn/DYhbb
Wk5l1mNeVGUKcmV+qxdVZQ1O3IU4i7PWc55P1snDPy3m8yAyyvhGQcNHdbGMzgTR
7OuSpLYRTMhfGsA/Q5opy31tqjUgP9bP/YTA8eZYIgyHPUcMuOphsa8R074O2JOo
hPF5ebJIIyvK5KtkY9BjEr+qx3X+nro/5zK3UDi+rSvwuqLE/I0Mgv5FTh12kTxW
crkJH4Qsy0o55MuXFWR46om1+2TYUFp8wZAmw1nxh/e9sdekVaUA4OzKItEwB8k0
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:11:04 2025 by rpki-client