Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/BzbO2A6n_OCPC7Ob-NYOkt5QKAI.roa
File: BzbO2A6n_OCPC7Ob-NYOkt5QKAI.roa (raw, json)
Hash identifier: hZ3co42ZMVVhzAxxnjb7J2pqJk0px0j+uyIj7Bd7NQs=
Subject key identifier: 07:36:CE:D8:0E:A7:FC:E0:8F:0B:B3:9B:F8:D6:0E:92:DE:50:28:02
Certificate issuer: /CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Certificate serial: 0138EC41
Authority key identifier: 69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/BzbO2A6n_OCPC7Ob-NYOkt5QKAI.roa
Signing time: Sun 29 May 2022 10:49:13 +0000
ROA not before: Sun 29 May 2022 10:49:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.153.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
2.59.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20507713 (0x138ec41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Validity
Not Before: May 29 10:49:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0736ced80ea7fce08f0bb39bf8d60e92de502802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:f0:8f:e9:3c:4e:29:02:ca:5c:2b:56:8a:
19:25:2e:78:6a:dd:6b:c0:fc:fc:cf:17:c7:6d:5c:
5b:3a:74:0a:be:e4:ff:12:4d:fe:31:2b:ed:22:b1:
a6:65:67:23:11:e7:db:f7:33:18:72:09:5a:49:c1:
3e:1a:c4:62:4e:36:c3:73:cb:44:f0:e9:0b:6b:af:
89:0b:59:4c:36:41:76:91:3e:e8:49:03:95:a0:23:
72:5f:32:a7:61:34:0f:79:b0:6d:be:0b:90:1c:ed:
bc:4c:e6:a8:c7:c8:16:7d:4a:2a:af:fd:e1:5d:f8:
6c:c2:74:7e:b5:7b:63:2c:ec:94:0d:ec:96:c0:67:
a1:ac:2d:e5:90:47:75:be:c9:9f:75:7e:05:bd:31:
d5:ae:1c:63:9c:bc:a3:ed:28:b2:58:6e:42:2b:96:
8e:6b:18:e5:eb:b0:5c:95:f9:6b:6f:f7:a8:d1:c1:
87:b5:fe:2c:59:9a:d7:aa:86:83:c7:dd:c4:5f:b6:
a4:88:82:af:5f:c5:16:0a:eb:55:30:5e:a3:51:97:
d9:c1:fe:94:2a:b4:8b:2c:ba:20:9d:72:de:ee:28:
bf:f7:9d:ac:ca:c2:54:69:71:52:df:aa:70:1c:7a:
f8:47:d7:5a:41:d0:1b:ee:a9:fe:a2:ea:7d:36:52:
33:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:36:CE:D8:0E:A7:FC:E0:8F:0B:B3:9B:F8:D6:0E:92:DE:50:28:02
X509v3 Authority Key Identifier:
keyid:69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/BzbO2A6n_OCPC7Ob-NYOkt5QKAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/ad2rojw3_o32C-LeJT942rDLm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0-2.59.155.255
Signature Algorithm: sha256WithRSAEncryption
99:89:f5:5a:71:e0:23:3c:08:38:d7:29:f6:a1:ca:34:ff:c6:
73:eb:c0:74:1e:21:a6:81:d7:b1:a8:39:5a:3d:c7:73:14:58:
22:dc:e9:a9:23:8f:af:aa:6f:4a:fa:81:cd:cd:06:18:59:27:
5f:0c:05:a4:85:76:0a:0c:9a:fb:b9:57:7d:82:ce:05:67:12:
ad:8f:bd:28:42:7a:03:94:e8:ae:82:b0:19:50:4f:cc:e0:d6:
f9:71:6d:98:a7:84:24:9f:ff:c2:e9:5a:d4:a4:35:63:0e:8c:
03:37:dd:15:b8:53:7b:a7:dc:ff:50:25:f2:d6:62:aa:dd:ab:
0c:44:07:90:b1:1f:88:41:4b:97:a4:9b:3f:7b:f6:14:5c:fd:
89:c4:35:88:36:16:07:64:76:ad:4d:4c:80:50:1d:e3:54:af:
81:f7:3c:42:a4:84:0b:c2:1a:da:cb:6d:0a:0e:82:e2:23:e3:
77:e5:11:a0:ee:c7:5c:3a:ac:67:5a:74:b2:fc:8f:57:bb:96:
7a:1a:e3:2c:13:03:35:1e:08:0d:77:62:90:1f:54:f0:7b:8c:
a1:74:c4:c1:dc:a0:aa:a7:52:ae:15:eb:12:c7:ad:39:f3:29:
eb:48:7e:50:e5:8f:32:a1:01:8d:aa:e7:62:2e:bd:b2:17:78:
0a:84:82:cd
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEATjsQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OWRkYWJhMjNjMzdmZThkZjYwYmUyZGUyNTNmNzhkYWIwY2I5YmQ3MB4XDTIyMDUy
OTEwNDkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDczNmNlZDgwZWE3
ZmNlMDhmMGJiMzliZjhkNjBlOTJkZTUwMjgwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSt8I/pPE4pAspcK1aKGSUueGrda8D8/M8Xx21cWzp0Cr7k
/xJN/jEr7SKxpmVnIxHn2/czGHIJWknBPhrEYk42w3PLRPDpC2uviQtZTDZBdpE+
6EkDlaAjcl8yp2E0D3mwbb4LkBztvEzmqMfIFn1KKq/94V34bMJ0frV7YyzslA3s
lsBnoawt5ZBHdb7Jn3V+Bb0x1a4cY5y8o+0oslhuQiuWjmsY5euwXJX5a2/3qNHB
h7X+LFma16qGg8fdxF+2pIiCr1/FFgrrVTBeo1GX2cH+lCq0iyy6IJ1y3u4ov/ed
rMrCVGlxUt+qcBx6+EfXWkHQG+6p/qLqfTZSMxMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQHNs7YDqf84I8Ls5v41g6S3lAoAjAfBgNVHSMEGDAWgBRp3auiPDf+jfYL
4t4lP3jasMub1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FkMnJvanczX28zMkMtTGVKVDk0MnJETG05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvZGNkODdhLTIzMDMtNDU1MC1iZmQ2LTA4MWM1Yjg2MzBiMC8x
L0J6Yk8yQTZuX09DUEM3T2ItTllPa3Q1UUtBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
ZGNkODdhLTIzMDMtNDU1MC1iZmQ2LTA4MWM1Yjg2MzBiMC8xL2FkMnJvanczX28z
MkMtTGVKVDk0MnJETG05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAAjuZAwQCAjuYMA0GCSqGSIb3
DQEBCwUAA4IBAQCZifVaceAjPAg41yn2oco0/8Zz68B0HiGmgdexqDlaPcdzFFgi
3OmpI4+vqm9K+oHNzQYYWSdfDAWkhXYKDJr7uVd9gs4FZxKtj70oQnoDlOiugrAZ
UE/M4Nb5cW2Yp4Qkn//C6VrUpDVjDowDN90VuFN7p9z/UCXy1mKq3asMRAeQsR+I
QUuXpJs/e/YUXP2JxDWINhYHZHatTUyAUB3jVK+B9zxCpIQLwhray20KDoLiI+N3
5RGg7sdcOqxnWnSy/I9Xu5Z6GuMsEwM1HggNd2KQH1Twe4yhdMTB3KCqp1KuFesS
x6058ynrSH5Q5Y8yoQGNqudiLr2yF3gKhILN
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:05:47 2025 by rpki-client