Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa
File: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (raw, json)
Hash identifier: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=
Subject key identifier: 77:15:DB:80:D4:17:21:C6:5F:FB:04:71:C6:9C:4A:6E:C8:D3:02:14
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019420686883EB9AF9FF6D3FC80E7755CB01
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46337
IP address blocks: 199.103.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:68:83:eb:9a:f9:ff:6d:3f:c8:0e:77:55:cb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7715db80d41721c65ffb0471c69c4a6ec8d30214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:42:08:b3:80:a8:b9:9a:18:6b:35:30:7c:0e:
60:54:05:5b:65:de:5f:a0:7f:d5:e5:a0:20:4d:37:
24:8c:36:ba:00:6a:ab:7d:11:8e:d4:9f:29:02:51:
f3:65:0d:e9:1d:0c:c7:7c:7c:e8:94:ff:e6:e7:cc:
3e:67:a0:c4:f6:7a:e3:d7:d2:ea:b8:08:4e:ea:59:
7b:13:95:4c:98:f9:11:74:21:8d:13:75:7f:4e:d1:
ff:08:fd:7c:75:43:79:12:2c:4d:c7:38:75:b3:29:
37:e7:ee:32:c4:38:95:7e:46:9d:63:c7:08:b5:d2:
a9:6c:3c:9f:b2:39:dc:53:65:74:d7:2c:20:27:fa:
36:27:49:d3:19:e1:9b:2e:fc:01:7c:c9:78:79:9e:
41:ae:bc:35:c9:ac:62:6b:32:49:bb:13:cb:44:4e:
2e:4e:de:f0:2f:38:60:8a:cc:67:1b:26:f4:9e:18:
10:3e:fe:5c:e5:06:92:82:b1:79:c4:f8:0a:4b:28:
65:47:1f:ed:fa:54:de:0e:87:be:54:79:23:82:65:
fb:81:23:5a:17:3c:c9:ce:3c:29:70:c4:67:da:74:
8d:b6:93:ab:2c:73:4a:3c:da:c4:1b:89:c4:90:b1:
2b:2f:05:a3:b2:9f:01:bc:8e:76:7f:c6:58:f0:ba:
42:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:15:DB:80:D4:17:21:C6:5F:FB:04:71:C6:9C:4A:6E:C8:D3:02:14
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a2:fb:24:32:4f:24:a2:1f:67:fc:50:49:27:40:26:6e:39:
d7:ef:c3:3d:03:c5:d2:43:85:8f:b4:40:f5:b3:cc:4d:7b:f4:
27:76:15:50:0c:be:09:91:7d:c8:cd:c2:c5:35:d9:5e:81:1b:
bd:14:9b:c0:db:23:2b:33:ff:64:52:de:ec:69:95:1c:0f:c8:
2f:38:73:06:9f:97:79:ad:4b:06:37:73:2b:c8:37:a7:c4:7b:
ce:29:da:8c:66:b5:f4:64:3d:5e:f1:93:8d:46:17:b5:86:76:
4b:d3:4c:1d:3f:9a:9e:2f:f0:ee:89:4f:e9:2f:d2:96:32:dd:
56:ea:4d:cf:42:8b:5a:eb:fc:cd:2b:3e:f3:74:f0:c6:00:7f:
6b:e3:a5:04:d7:d5:a5:b4:71:c5:eb:ef:aa:b3:e6:69:88:c1:
6a:60:22:da:93:2a:d7:5d:25:59:d0:82:42:24:64:90:f6:04:
b9:6e:da:7e:ea:96:2c:aa:8d:3d:5d:30:95:4f:3a:4e:50:55:
37:71:96:8a:46:da:79:0c:aa:a5:fb:39:95:58:a6:fc:d5:1e:
5d:b1:32:73:b3:ea:19:7c:13:a3:a9:f2:72:3b:03:ef:2c:0e:
51:09:2a:c9:a4:24:63:a0:7a:2c:bb:2b:7e:a3:27:47:66:6e:
51:e7:db:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGiD65r5/20/yA53VcsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzE1ZGI4MGQ0MTcyMWM2NWZmYjA0NzFjNjljNGE2ZWM4ZDMwMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UIIs4CouZoYazUwfA5gVAVbZd5f
oH/V5aAgTTckjDa6AGqrfRGO1J8pAlHzZQ3pHQzHfHzolP/m58w+Z6DE9nrj19Lq
uAhO6ll7E5VMmPkRdCGNE3V/TtH/CP18dUN5EixNxzh1syk35+4yxDiVfkadY8cI
tdKpbDyfsjncU2V01ywgJ/o2J0nTGeGbLvwBfMl4eZ5Brrw1yaxiazJJuxPLRE4u
Tt7wLzhgisxnGyb0nhgQPv5c5QaSgrF5xPgKSyhlRx/t+lTeDoe+VHkjgmX7gSNa
FzzJzjwpcMRn2nSNtpOrLHNKPNrEG4nEkLErLwWjsp8BvI52f8ZY8LpCWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcV24DUFyHGX/sEccacSm7I0wIUMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvZHhYYmdOUVhJY1pmLXdSeHhweEtic2pUQWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx2c6MA0G
CSqGSIb3DQEBCwUAA4IBAQBHovskMk8koh9n/FBJJ0AmbjnX78M9A8XSQ4WPtED1
s8xNe/QndhVQDL4JkX3IzcLFNdlegRu9FJvA2yMrM/9kUt7saZUcD8gvOHMGn5d5
rUsGN3MryDenxHvOKdqMZrX0ZD1e8ZONRhe1hnZL00wdP5qeL/DuiU/pL9KWMt1W
6k3PQota6/zNKz7zdPDGAH9r46UE19WltHHF6++qs+ZpiMFqYCLakyrXXSVZ0IJC
JGSQ9gS5btp+6pYsqo09XTCVTzpOUFU3cZaKRtp5DKql+zmVWKb81R5dsTJzs+oZ
fBOjqfJyOwPvLA5RCSrJpCRjoHosuyt+oydHZm5R59sT
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:01:09 2025 by rpki-client