Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/60lbisj9EBvEk8CkvIEbp4prM3I.roa
File: 60lbisj9EBvEk8CkvIEbp4prM3I.roa (raw, json)
Hash identifier: cqYnW2I6KAO2XW2NYFnEXuAIZkVjJlu5WB2aqpTSh88=
Subject key identifier: EB:49:5B:8A:C8:FD:10:1B:C4:93:C0:A4:BC:81:1B:A7:8A:6B:33:72
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 019423D7E76D508917F5AD9DFC2CADB4782A
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/60lbisj9EBvEk8CkvIEbp4prM3I.roa
Signing time: Wed 01 Jan 2025 21:48:59 +0000
ROA not before: Wed 01 Jan 2025 21:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209185
IP address blocks: 2.58.112.0/24 maxlen: 24
2a09:e440::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:e7:6d:50:89:17:f5:ad:9d:fc:2c:ad:b4:78:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 1 21:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb495b8ac8fd101bc493c0a4bc811ba78a6b3372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:78:9d:8b:95:7e:34:45:a3:e6:ca:a6:b8:
bf:f2:4b:e1:5f:3f:b6:4d:9f:44:15:04:b5:af:36:
37:6c:82:11:5a:a5:58:90:39:f7:89:83:ed:70:be:
5b:c5:22:07:67:3a:6e:56:ac:e6:a9:c9:28:6a:c5:
82:a5:ac:78:7a:cf:a9:bb:2c:ec:71:91:9e:61:07:
79:c7:fd:2f:19:c3:da:24:6c:8a:ea:11:a8:92:6c:
3d:73:a1:cc:93:f5:8b:31:8a:85:6d:2e:37:7d:e4:
b8:a9:39:50:a0:79:d6:20:72:9a:20:d9:b1:8c:bd:
e8:9b:b0:22:ff:b5:c1:36:2c:67:0e:07:b5:75:0e:
bd:47:74:af:b7:dd:90:5b:37:40:38:f8:de:ab:42:
cf:38:a5:f3:b4:a0:e2:72:56:2c:c3:c5:35:03:cb:
b7:77:9b:77:b7:8c:45:c8:f9:10:ab:de:2e:79:31:
69:f9:6c:6f:56:55:6e:7b:61:3a:3c:0e:8d:58:4c:
c8:24:6c:3b:ec:3e:6d:43:f5:5d:07:d5:40:47:2e:
58:54:42:43:41:81:71:32:98:eb:5f:b0:c9:53:e7:
8c:4f:8c:30:34:00:13:3f:d1:87:61:e3:6d:3a:cc:
e7:f1:66:b0:a9:e7:c3:15:06:dd:67:ef:af:c4:75:
ab:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:49:5B:8A:C8:FD:10:1B:C4:93:C0:A4:BC:81:1B:A7:8A:6B:33:72
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/60lbisj9EBvEk8CkvIEbp4prM3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.112.0/24
IPv6:
2a09:e440::/40
Signature Algorithm: sha256WithRSAEncryption
3c:a5:b8:a9:94:2c:db:d2:38:6e:d3:ab:22:c0:7e:4a:62:e6:
76:14:5a:fa:25:3d:94:3c:d9:41:6e:ab:51:68:7b:e0:b2:81:
33:41:b2:0d:b2:08:0c:0f:9c:b6:43:cd:d8:3a:42:4d:7b:8d:
f9:19:44:88:33:6d:79:d3:6e:ca:be:d1:21:86:af:5a:e3:5a:
ab:25:8d:a4:d2:bd:47:a3:06:fb:86:fd:49:ab:80:16:94:34:
1f:ca:51:c2:98:c5:71:5f:d8:10:19:7a:85:e1:5f:96:2f:b2:
0f:5e:a9:c2:36:1b:45:44:c8:92:f1:89:3d:a7:d8:e3:90:a9:
98:1d:cf:4d:d1:30:23:56:46:33:bc:35:03:91:dc:fe:da:a3:
21:23:c6:15:9c:d9:07:b1:e7:a4:95:d4:a7:5f:bf:b8:9f:39:
21:05:2a:82:e8:8c:2e:9c:e7:cf:8e:ee:4f:7a:92:c4:1c:37:
34:bd:fd:c2:8f:f5:f1:0b:54:8b:ae:2c:64:59:89:dc:bd:57:
45:19:03:04:17:4d:db:75:69:21:77:bc:7c:59:7c:54:86:1c:
13:94:b4:54:5e:1f:b0:6a:29:7c:e4:ca:5f:a0:5b:67:da:a5:
25:16:f2:37:23:a9:ae:66:18:51:6d:05:2a:cf:a7:42:cd:d9:
56:ba:c8:67
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQj1+dtUIkX9a2d/CyttHgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjUwMTAxMjE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ5NWI4YWM4ZmQxMDFiYzQ5M2MwYTRiYzgxMWJhNzhhNmIzMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJh4nYuVfjRFo+bKpri/8kvhXz+2
TZ9EFQS1rzY3bIIRWqVYkDn3iYPtcL5bxSIHZzpuVqzmqckoasWCpax4es+puyzs
cZGeYQd5x/0vGcPaJGyK6hGokmw9c6HMk/WLMYqFbS43feS4qTlQoHnWIHKaINmx
jL3om7Ai/7XBNixnDge1dQ69R3Svt92QWzdAOPjeq0LPOKXztKDiclYsw8U1A8u3
d5t3t4xFyPkQq94ueTFp+WxvVlVue2E6PA6NWEzIJGw77D5tQ/VdB9VARy5YVEJD
QYFxMpjrX7DJU+eMT4wwNAATP9GHYeNtOszn8WawqefDFQbdZ++vxHWrTQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOtJW4rI/RAbxJPApLyBG6eKazNyMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvNjBsYmlzajlFQnZFazhDa3ZJRWJwNHByTTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAAjpwMA4E
AgACMAgDBgAqCeRAADANBgkqhkiG9w0BAQsFAAOCAQEAPKW4qZQs29I4btOrIsB+
SmLmdhRa+iU9lDzZQW6rUWh74LKBM0GyDbIIDA+ctkPN2DpCTXuN+RlEiDNtedNu
yr7RIYavWuNaqyWNpNK9R6MG+4b9SauAFpQ0H8pRwpjFcV/YEBl6heFfli+yD16p
wjYbRUTIkvGJPafY45CpmB3PTdEwI1ZGM7w1A5Hc/tqjISPGFZzZB7HnpJXUp1+/
uJ85IQUqguiMLpznz47uT3qSxBw3NL39wo/18QtUi64sZFmJ3L1XRRkDBBdN23Vp
IXe8fFl8VIYcE5S0VF4fsGopfOTKX6BbZ9qlJRbyNyOprmYYUW0FKs+nQs3ZVrrI
Zw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:13 2025 by rpki-client