Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/5e91ef-a0e0-46c8-8ebb-c5f2ab047177/1/Iokt9hU4wtzhEDfpFlMLW2yTgi0.roa
File: Iokt9hU4wtzhEDfpFlMLW2yTgi0.roa (raw, json)
Hash identifier: 2JW59a0NktZFG7+SVeaP/RwO86F7bzE/yFYnyrMb/t8=
Subject key identifier: 22:89:2D:F6:15:38:C2:DC:E1:10:37:E9:16:53:0B:5B:6C:93:82:2D
Certificate issuer: /CN=a2a65fafc2fd19f56e191e7b87d8079db45a229c
Certificate serial: 0185702701009933EE669D816B00150A5A37
Authority key identifier: A2:A6:5F:AF:C2:FD:19:F5:6E:19:1E:7B:87:D8:07:9D:B4:5A:22:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oqZfr8L9GfVuGR57h9gHnbRaIpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/5e91ef-a0e0-46c8-8ebb-c5f2ab047177/1/Iokt9hU4wtzhEDfpFlMLW2yTgi0.roa
Signing time: Mon 02 Jan 2023 01:44:42 +0000
ROA not before: Mon 02 Jan 2023 01:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 62.204.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:27:01:00:99:33:ee:66:9d:81:6b:00:15:0a:5a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2a65fafc2fd19f56e191e7b87d8079db45a229c
Validity
Not Before: Jan 2 01:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22892df61538c2dce11037e916530b5b6c93822d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b0:80:4f:41:eb:d7:40:87:18:d5:39:e5:4c:
8d:79:eb:ab:7a:09:03:53:75:b6:06:14:93:99:d1:
17:8d:87:89:02:a7:0f:ba:56:02:6c:80:29:7a:0d:
79:4e:1d:6b:9e:15:9a:e5:7b:3e:04:6e:b5:93:ca:
77:b6:af:29:4a:21:8d:3d:93:46:b9:a9:56:b4:1a:
c0:50:95:c3:c7:34:44:6f:72:16:93:35:99:67:9b:
56:4c:46:73:ea:22:b6:85:0f:65:31:c5:fb:a8:8d:
b5:03:15:87:17:12:d1:70:1c:61:ba:fc:88:ff:a8:
dd:ff:71:99:89:4b:3b:a6:bb:f7:c4:f9:ae:18:f8:
11:ea:dd:34:86:38:c7:37:6f:ac:a7:a1:64:9b:0c:
be:2a:09:50:35:3a:e8:05:ea:bc:85:4e:c1:76:a5:
5f:0c:94:49:f1:82:29:fd:90:5a:95:08:e9:da:90:
8c:8f:52:ba:52:b4:e2:8c:71:e1:40:2f:a1:87:98:
69:c4:05:15:75:07:36:a2:64:45:18:b0:a1:78:6a:
da:11:e2:62:46:e7:00:d9:90:72:33:e4:13:e3:44:
cc:e1:52:7c:1c:3c:f9:04:ab:a5:6e:fc:24:5e:eb:
24:23:c5:58:fc:3a:cc:71:53:66:1f:96:38:24:ca:
7b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:89:2D:F6:15:38:C2:DC:E1:10:37:E9:16:53:0B:5B:6C:93:82:2D
X509v3 Authority Key Identifier:
keyid:A2:A6:5F:AF:C2:FD:19:F5:6E:19:1E:7B:87:D8:07:9D:B4:5A:22:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oqZfr8L9GfVuGR57h9gHnbRaIpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/5e91ef-a0e0-46c8-8ebb-c5f2ab047177/1/Iokt9hU4wtzhEDfpFlMLW2yTgi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/5e91ef-a0e0-46c8-8ebb-c5f2ab047177/1/oqZfr8L9GfVuGR57h9gHnbRaIpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.39.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:50:13:a8:e0:46:a3:1a:e6:9e:f7:4d:a6:4e:12:6f:a0:88:
d9:21:98:8a:a3:49:b7:74:2d:72:64:e1:68:7f:91:e6:41:cc:
92:e3:f4:63:fd:26:39:ab:7b:ce:03:c4:03:cd:89:d2:ee:2b:
8f:d7:77:af:ca:e7:79:5e:92:e3:07:87:00:b6:9a:99:28:1a:
9c:a2:e3:e1:95:53:28:0b:92:28:ef:fd:53:f3:21:f8:b7:f2:
df:c1:93:6a:45:f1:35:1d:55:ac:be:d8:61:3b:20:60:bf:11:
e3:fa:39:1c:28:b9:ec:02:46:fb:1e:94:ee:36:b4:fb:97:87:
f8:0a:6a:87:50:bd:31:97:f9:4f:51:b5:ca:73:4b:fe:62:1c:
5e:4c:3c:c2:7a:2f:12:0a:9b:4a:15:cd:eb:97:2d:ea:b5:e8:
d3:4d:2b:16:31:11:5b:d2:70:47:88:f1:fc:81:99:15:a6:db:
a6:fa:a0:30:17:c3:2d:b9:55:4f:96:27:f8:02:7b:91:a5:00:
d5:69:77:ee:d6:a6:a9:f9:9b:74:90:96:0e:74:8a:0b:6c:e6:
4f:86:91:ad:45:b7:00:af:77:25:aa:4b:57:2f:6f:d8:d5:41:
51:c6:3b:e0:ae:83:16:8c:a3:13:34:fa:65:72:22:de:72:d9:
66:e6:f0:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwJwEAmTPuZp2BawAVClo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYTY1ZmFmYzJmZDE5ZjU2ZTE5MWU3Yjg3ZDgwNzlkYjQ1
YTIyOWMwHhcNMjMwMTAyMDE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg5MmRmNjE1MzhjMmRjZTExMDM3ZTkxNjUzMGI1YjZjOTM4MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLCAT0Hr10CHGNU55UyNeeuregkD
U3W2BhSTmdEXjYeJAqcPulYCbIApeg15Th1rnhWa5Xs+BG61k8p3tq8pSiGNPZNG
ualWtBrAUJXDxzREb3IWkzWZZ5tWTEZz6iK2hQ9lMcX7qI21AxWHFxLRcBxhuvyI
/6jd/3GZiUs7prv3xPmuGPgR6t00hjjHN2+sp6Fkmwy+KglQNTroBeq8hU7BdqVf
DJRJ8YIp/ZBalQjp2pCMj1K6UrTijHHhQC+hh5hpxAUVdQc2omRFGLCheGraEeJi
RucA2ZByM+QT40TM4VJ8HDz5BKulbvwkXuskI8VY/DrMcVNmH5Y4JMp7QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKJLfYVOMLc4RA36RZTC1tsk4ItMB8GA1UdIwQY
MBaAFKKmX6/C/Rn1bhkee4fYB520WiKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3FaZnI4TDlHZlZ1R1I1N2g5Z0huYlJhSXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni81ZTkxZWYtYTBlMC00NmM4LThlYmIt
YzVmMmFiMDQ3MTc3LzEvSW9rdDloVTR3dHpoRURmcEZsTUxXMnlUZ2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni81ZTkxZWYtYTBlMC00NmM4LThlYmItYzVmMmFiMDQ3MTc3
LzEvb3FaZnI4TDlHZlZ1R1I1N2g5Z0huYlJhSXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPswnMA0G
CSqGSIb3DQEBCwUAA4IBAQA+UBOo4EajGuae902mThJvoIjZIZiKo0m3dC1yZOFo
f5HmQcyS4/Rj/SY5q3vOA8QDzYnS7iuP13evyud5XpLjB4cAtpqZKBqcouPhlVMo
C5Io7/1T8yH4t/LfwZNqRfE1HVWsvthhOyBgvxHj+jkcKLnsAkb7HpTuNrT7l4f4
CmqHUL0xl/lPUbXKc0v+YhxeTDzCei8SCptKFc3rly3qtejTTSsWMRFb0nBHiPH8
gZkVptum+qAwF8MtuVVPlif4AnuRpQDVaXfu1qap+Zt0kJYOdIoLbOZPhpGtRbcA
r3clqktXL2/Y1UFRxjvgroMWjKMTNPplciLectlm5vDA
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:13 2025 by rpki-client