Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/2Edq5JTJVisrAqLfXt5_NJUJDbM.roa
File: 2Edq5JTJVisrAqLfXt5_NJUJDbM.roa (raw, json)
Hash identifier: geoZQyYlWiCExYXUdgJ8UlsNNZ0X5FW7DiVU1GTxN74=
Subject key identifier: D8:47:6A:E4:94:C9:56:2B:2B:02:A2:DF:5E:DE:7F:34:95:09:0D:B3
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01957FE8D402FEBF0ECA05391D15B4BBFF96
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/2Edq5JTJVisrAqLfXt5_NJUJDbM.roa
Signing time: Mon 10 Mar 2025 11:55:19 +0000
ROA not before: Mon 10 Mar 2025 11:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:e8:d4:02:fe:bf:0e:ca:05:39:1d:15:b4:bb:ff:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Mar 10 11:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8476ae494c9562b2b02a2df5ede7f3495090db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:91:4d:62:7b:e6:b6:c7:85:6a:54:28:99:
ba:35:46:d8:d4:4b:a1:8b:23:1f:03:f0:cc:df:58:
92:b4:27:b1:74:a4:6f:67:89:7e:3a:2f:ac:a4:4a:
e7:6e:fd:ec:e7:8c:63:97:30:55:7a:4f:99:60:0e:
39:9b:4f:97:7f:18:84:f5:5b:68:10:99:51:3a:27:
0a:ed:48:7e:40:f0:b8:6b:31:b1:bd:fc:5f:0f:74:
59:33:bf:f9:dd:9d:37:81:e1:58:ee:b0:d0:4b:9a:
dd:30:84:c1:1f:8e:51:b8:28:05:66:97:3c:1c:ca:
58:f5:7c:8c:a7:2f:5a:40:a6:c0:9f:23:07:64:d3:
62:98:35:30:7a:74:e7:38:88:d2:c4:17:f8:21:5d:
be:3e:41:a3:c3:b5:98:b2:59:33:cb:19:dc:37:13:
b7:e0:f2:21:68:a4:f5:73:f4:5d:9d:41:d5:63:02:
1e:4c:31:2e:c7:bc:ca:22:4a:73:c0:9f:55:d2:ad:
88:42:a8:97:38:82:56:4c:7f:3b:6c:f7:e8:3c:6d:
82:90:72:75:2a:03:a9:5b:c4:68:4d:6e:59:55:7c:
88:ec:ca:97:9a:56:29:c4:5f:2d:ad:3c:d4:f7:bd:
a9:0d:93:01:e3:c5:55:62:c9:14:ee:16:29:d0:6b:
6f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:47:6A:E4:94:C9:56:2B:2B:02:A2:DF:5E:DE:7F:34:95:09:0D:B3
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/2Edq5JTJVisrAqLfXt5_NJUJDbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.91.0-198.38.95.255
Signature Algorithm: sha256WithRSAEncryption
8e:ba:7d:26:49:99:b9:55:2f:ce:c0:ad:23:64:85:67:6c:aa:
1f:c1:b2:90:1a:45:22:7e:30:10:d6:db:35:28:21:19:fd:6d:
d2:c1:b3:df:48:bb:1e:1d:de:cb:d0:8e:64:b4:53:a2:78:8a:
99:9e:c9:0b:43:af:8b:25:ef:c4:6a:37:43:92:f3:f1:1b:d5:
62:4a:f6:07:06:b4:13:48:57:22:a4:ea:0c:aa:36:ec:f7:f4:
f1:eb:a7:8b:3b:79:65:2c:b3:0a:27:25:86:56:7f:28:ab:f0:
87:a3:eb:0f:3b:5f:39:1e:a9:27:e1:93:7b:5b:78:9e:66:0e:
33:87:55:2f:53:6b:63:80:b2:f3:5e:49:fd:4f:e7:62:d0:2e:
89:02:f8:a9:c8:7f:d5:eb:4c:4a:5c:57:4d:3c:74:d0:5f:cf:
56:ec:55:6b:56:44:3e:d2:05:3e:94:6c:e5:d5:b2:3f:4f:b1:
16:bc:f6:5a:70:13:56:b3:a3:2d:14:d1:b2:75:5c:5e:cc:5d:
44:c3:1b:97:05:45:0d:7e:1c:d0:17:b8:35:c9:fa:a7:6f:b5:
44:17:8c:1a:a3:05:ed:ca:27:34:96:b8:5a:ae:da:3c:6e:f7:
2b:0c:fe:be:80:43:a0:c5:f2:4d:2f:62:f7:ac:a4:e6:d5:d6:
4b:0d:68:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZV/6NQC/r8OygU5HRW0u/+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMzEwMTE1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ3NmFlNDk0Yzk1NjJiMmIwMmEyZGY1ZWRlN2YzNDk1MDkwZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8mRTWJ75rbHhWpUKJm6NUbY1Euh
iyMfA/DM31iStCexdKRvZ4l+Oi+spErnbv3s54xjlzBVek+ZYA45m0+XfxiE9Vto
EJlROicK7Uh+QPC4azGxvfxfD3RZM7/53Z03geFY7rDQS5rdMITBH45RuCgFZpc8
HMpY9XyMpy9aQKbAnyMHZNNimDUwenTnOIjSxBf4IV2+PkGjw7WYslkzyxncNxO3
4PIhaKT1c/RdnUHVYwIeTDEux7zKIkpzwJ9V0q2IQqiXOIJWTH87bPfoPG2CkHJ1
KgOpW8RoTW5ZVXyI7MqXmlYpxF8trTzU972pDZMB48VVYskU7hYp0GtvdQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNhHauSUyVYrKwKi317efzSVCQ2zMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvMkVkcTVKVEpWaXNyQXFMZlh0NV9OSlVKRGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADGJlsD
BAXGJkAwDQYJKoZIhvcNAQELBQADggEBAI66fSZJmblVL87ArSNkhWdsqh/BspAa
RSJ+MBDW2zUoIRn9bdLBs99Iux4d3svQjmS0U6J4ipmeyQtDr4sl78RqN0OS8/Eb
1WJK9gcGtBNIVyKk6gyqNuz39PHrp4s7eWUsswonJYZWfyir8Iej6w87XzkeqSfh
k3tbeJ5mDjOHVS9Ta2OAsvNeSf1P52LQLokC+KnIf9XrTEpcV008dNBfz1bsVWtW
RD7SBT6UbOXVsj9PsRa89lpwE1azoy0U0bJ1XF7MXUTDG5cFRQ1+HNAXuDXJ+qdv
tUQXjBqjBe3KJzSWuFqu2jxu9ysM/r6AQ6DF8k0vYvespObV1ksNaOA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:43:32 2025 by rpki-client