Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/0bjBu50yRFSQQCpaSDnz4Da59n0.roa
File: 0bjBu50yRFSQQCpaSDnz4Da59n0.roa (raw, json)
Hash identifier: EpIJkfUrUz0ncMqveTDKjCXPCU3oKNIvzwGQlVcXpbY=
Subject key identifier: D1:B8:C1:BB:9D:32:44:54:90:40:2A:5A:48:39:F3:E0:36:B9:F6:7D
Certificate issuer: /CN=7712e20f510b22b8217cdf0d211496b1b9c1edb8
Certificate serial: 019421B24C942896DAF5CA84319B5B839BEB
Authority key identifier: 77:12:E2:0F:51:0B:22:B8:21:7C:DF:0D:21:14:96:B1:B9:C1:ED:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dxLiD1ELIrghfN8NIRSWsbnB7bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/0bjBu50yRFSQQCpaSDnz4Da59n0.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59919
IP address blocks: 2.59.140.0/22 maxlen: 24
5.178.88.0/21 maxlen: 24
45.152.144.0/22 maxlen: 24
185.60.188.0/22 maxlen: 24
185.136.136.0/22 maxlen: 24
185.187.172.0/22 maxlen: 24
185.204.220.0/22 maxlen: 24
185.248.240.0/22 maxlen: 24
2a01:9ac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4c:94:28:96:da:f5:ca:84:31:9b:5b:83:9b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7712e20f510b22b8217cdf0d211496b1b9c1edb8
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1b8c1bb9d32445490402a5a4839f3e036b9f67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0d:27:b7:99:f1:78:3d:d9:98:b5:ad:78:1b:
3f:11:e5:8e:27:e5:c0:20:18:e8:73:01:c7:d5:b0:
74:4e:ac:25:9e:aa:d9:92:73:b1:fc:8c:b6:91:24:
95:02:e6:91:fc:a7:26:cc:cc:50:79:e2:69:4d:d3:
46:ef:91:ff:cb:4a:7d:da:43:f9:b4:95:43:7b:20:
0a:c1:bb:75:50:aa:6e:12:14:f5:2c:86:69:6b:aa:
e4:47:5c:75:d2:1a:a0:6e:22:1c:2d:c3:4c:97:f7:
28:5b:fe:66:d4:b2:27:9f:74:6a:ee:7c:c0:c5:22:
9a:b5:86:a0:86:32:dc:9d:c8:77:70:6a:04:ca:b1:
be:1d:74:08:b8:bd:40:1a:5f:f2:31:33:0b:03:51:
74:bf:b3:e2:9c:75:19:60:56:92:cf:cc:8a:03:0a:
bb:25:3b:b0:18:f2:ba:df:07:3e:d8:e2:9c:ad:b9:
9a:1b:93:c6:03:90:5e:60:eb:81:94:b8:ee:f6:16:
24:88:e0:6f:bf:21:1e:54:71:2c:ea:f6:b0:17:fe:
79:e7:96:bb:11:63:aa:cc:3c:d1:7c:97:3e:22:1a:
a2:b6:a8:08:51:88:ae:d1:5d:c8:b3:23:83:6a:37:
9e:be:fb:46:d1:63:63:8a:54:14:be:d9:58:08:46:
f3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B8:C1:BB:9D:32:44:54:90:40:2A:5A:48:39:F3:E0:36:B9:F6:7D
X509v3 Authority Key Identifier:
keyid:77:12:E2:0F:51:0B:22:B8:21:7C:DF:0D:21:14:96:B1:B9:C1:ED:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dxLiD1ELIrghfN8NIRSWsbnB7bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/0bjBu50yRFSQQCpaSDnz4Da59n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/dxLiD1ELIrghfN8NIRSWsbnB7bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.140.0/22
5.178.88.0/21
45.152.144.0/22
185.60.188.0/22
185.136.136.0/22
185.187.172.0/22
185.204.220.0/22
185.248.240.0/22
IPv6:
2a01:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
08:ab:f7:e9:b2:20:c6:1a:53:f5:d6:00:c6:e9:d6:8a:be:de:
c9:68:e4:a4:bf:be:f1:a3:3a:1a:40:cd:32:d0:8d:5f:a7:8b:
55:db:8d:ff:62:ef:1b:be:9e:57:e8:8a:36:10:5a:13:82:43:
08:e4:16:c0:6e:c6:e2:7b:03:f6:63:50:28:85:f2:8b:93:e3:
43:6e:6b:f2:13:cd:1e:c2:5d:41:ee:cf:41:97:4e:43:94:2b:
e4:99:31:d0:3d:4f:4a:98:ab:5e:f0:77:18:66:48:f9:7a:53:
7f:c9:98:fc:02:70:a8:41:8a:e7:b6:af:ee:f5:13:01:1c:be:
49:e9:fb:69:ab:2b:dc:a7:e2:17:45:e6:88:58:ac:5f:60:24:
c3:72:20:26:da:b9:9a:52:68:d3:8a:52:76:aa:08:c1:d3:e8:
3d:68:a2:16:d8:1f:bb:0f:cc:3b:b6:27:db:fa:16:a9:b0:31:
d2:e9:4b:c5:d4:e9:37:a1:6f:da:67:e5:84:34:2b:a3:c8:82:
f1:a8:d6:e7:35:e2:b0:77:ed:3f:db:57:9f:66:0c:49:b3:81:
1a:81:cd:09:f1:fa:b0:05:c6:0a:c3:2b:66:28:a5:4c:c1:25:
32:09:51:8d:11:4a:60:4a:1e:9d:74:69:a2:0c:f9:b8:a3:76:
09:00:4a:43
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQhskyUKJba9cqEMZtbg5vrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MTJlMjBmNTEwYjIyYjgyMTdjZGYwZDIxMTQ5NmIxYjlj
MWVkYjgwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI4YzFiYjlkMzI0NDU0OTA0MDJhNWE0ODM5ZjNlMDM2YjlmNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA0nt5nxeD3ZmLWteBs/EeWOJ+XA
IBjocwHH1bB0TqwlnqrZknOx/Iy2kSSVAuaR/KcmzMxQeeJpTdNG75H/y0p92kP5
tJVDeyAKwbt1UKpuEhT1LIZpa6rkR1x10hqgbiIcLcNMl/coW/5m1LInn3Rq7nzA
xSKatYaghjLcnch3cGoEyrG+HXQIuL1AGl/yMTMLA1F0v7PinHUZYFaSz8yKAwq7
JTuwGPK63wc+2OKcrbmaG5PGA5BeYOuBlLju9hYkiOBvvyEeVHEs6vawF/5555a7
EWOqzDzRfJc+IhqitqgIUYiu0V3IsyODajeevvtG0WNjilQUvtlYCEbzOwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNG4wbudMkRUkEAqWkg58+A2ufZ9MB8GA1UdIwQY
MBaAFHcS4g9RCyK4IXzfDSEUlrG5we24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHhMaUQxRUxJcmdoZk44TklSU1dzYm5CN2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2I3MTQtYzcxNC00MjgxLThhZGEt
NDNjZTk0OTY2M2Q5LzEvMGJqQnU1MHlSRlNRUUNwYVNEbno0RGE1OW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2I3MTQtYzcxNC00MjgxLThhZGEtNDNjZTk0OTY2M2Q5
LzEvZHhMaUQxRUxJcmdoZk44TklSU1dzYm5CN2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCAjuMAwQD
BbJYAwQCLZiQAwQCuTy8AwQCuYiIAwQCubusAwQCuczcAwQCufjwMA0EAgACMAcD
BQAqAZrAMA0GCSqGSIb3DQEBCwUAA4IBAQAIq/fpsiDGGlP11gDG6daKvt7JaOSk
v77xozoaQM0y0I1fp4tV243/Yu8bvp5X6Io2EFoTgkMI5BbAbsbiewP2Y1AohfKL
k+NDbmvyE80ewl1B7s9Bl05DlCvkmTHQPU9KmKte8HcYZkj5elN/yZj8AnCoQYrn
tq/u9RMBHL5J6ftpqyvcp+IXReaIWKxfYCTDciAm2rmaUmjTilJ2qgjB0+g9aKIW
2B+7D8w7tifb+hapsDHS6UvF1Ok3oW/aZ+WENCujyILxqNbnNeKwd+0/21efZgxJ
s4Eagc0J8fqwBcYKwytmKKVMwSUyCVGNEUpgSh6ddGmiDPm4o3YJAEpD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:10 2025 by rpki-client