Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/IJyGHNQL2NmlpvQ6dHFyDnsOoog.roa
File: IJyGHNQL2NmlpvQ6dHFyDnsOoog.roa (raw, json)
Hash identifier: DIxHeT0/Z1N00tUtbYi6GuFzFMfo+slXGoGvvaQpc+4=
Subject key identifier: 20:9C:86:1C:D4:0B:D8:D9:A5:A6:F4:3A:74:71:72:0E:7B:0E:A2:88
Certificate issuer: /CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Certificate serial: 18AF93
Authority key identifier: 69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/IJyGHNQL2NmlpvQ6dHFyDnsOoog.roa
Signing time: Fri 21 Jan 2022 14:00:46 +0000
ROA not before: Fri 21 Jan 2022 14:00:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136526
IP address blocks: 2.59.152.0/24 maxlen: 24
2.59.153.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
2.59.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1617811 (0x18af93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Validity
Not Before: Jan 21 14:00:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=209c861cd40bd8d9a5a6f43a7471720e7b0ea288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:29:c8:09:df:16:48:e8:00:70:3a:1c:3e:5f:
5a:9b:3b:77:c7:eb:c1:4f:dd:dd:22:22:ef:fa:02:
cb:d7:7e:48:2c:64:64:0d:b5:9d:2b:3c:21:cc:75:
b6:5d:f3:08:96:78:4f:ce:b9:32:c9:06:27:cf:d0:
e4:17:2e:af:c0:df:ea:dc:36:8e:ed:db:d5:a5:d0:
93:64:f5:00:b7:dd:1e:7b:ab:b9:e5:ac:ad:cb:27:
79:a6:ba:b8:cb:b9:4a:d5:24:81:33:eb:94:9c:b1:
86:b2:c4:5f:e2:ff:39:20:a7:bb:f4:86:eb:48:bb:
5d:ba:2b:b7:f6:0c:ee:7b:1d:2c:dd:0e:f4:3f:01:
f0:c2:7f:e9:ce:72:66:8e:c0:b5:61:44:37:1f:3f:
70:6d:dd:9e:54:70:09:3a:52:2b:ce:eb:b9:72:8f:
ab:59:a4:79:e1:92:26:2e:75:0e:90:17:be:f6:ad:
9b:1c:d5:71:11:b4:dd:f1:5e:97:83:ba:96:5f:28:
c9:bb:90:73:1b:72:11:84:2c:09:fc:56:47:88:32:
24:13:1f:05:2f:83:f3:19:60:df:40:41:84:34:f2:
34:81:dc:40:6b:09:8f:48:5b:01:6a:81:ed:3d:66:
97:d6:d4:e3:7b:a3:af:19:82:30:ed:df:13:4f:e7:
ac:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9C:86:1C:D4:0B:D8:D9:A5:A6:F4:3A:74:71:72:0E:7B:0E:A2:88
X509v3 Authority Key Identifier:
keyid:69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/IJyGHNQL2NmlpvQ6dHFyDnsOoog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/ad2rojw3_o32C-LeJT942rDLm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
Signature Algorithm: sha256WithRSAEncryption
47:97:8d:4f:93:aa:e8:98:2b:7a:d0:09:16:ca:16:0c:34:a5:
30:e6:6b:fe:da:ea:c0:3b:7b:8d:75:63:61:85:7c:8a:b7:27:
90:93:df:8d:ad:c9:8f:4f:37:a8:8d:ad:0e:34:bc:da:4c:0b:
ee:8e:e2:3b:ee:c6:a1:47:9e:5f:a1:cf:94:27:fb:05:de:ad:
92:58:19:85:23:7c:50:5e:13:58:b2:84:ea:0b:bf:a8:3c:52:
a7:fa:f4:3f:56:da:25:58:51:5b:a7:0f:8f:da:ae:14:ec:50:
8d:1a:15:ae:b7:81:fc:75:1e:d7:09:f5:ea:5b:cf:86:60:9a:
1a:23:57:01:97:f0:84:17:9e:26:23:3d:4c:b6:4d:d2:ad:d6:
9e:e7:3a:45:0d:e1:a5:46:28:02:4f:57:33:e5:0a:79:ff:67:
68:98:c3:d0:8b:b7:ee:85:49:37:b2:42:1c:04:56:7a:52:9b:
40:a6:9b:97:cb:17:c1:6c:68:d1:29:7a:ec:fe:7a:1b:15:a4:
b2:de:2b:5c:82:66:75:99:7a:f8:e4:e6:ef:47:30:67:60:1a:
39:31:55:f5:03:fe:d6:58:91:2c:e8:f6:ba:88:48:7a:b7:d6:
02:79:52:f7:97:4c:a0:5e:7b:a3:4d:f2:ca:3c:c3:d5:72:e1:
5e:f8:05:10
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDGK+TMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
ZGRhYmEyM2MzN2ZlOGRmNjBiZTJkZTI1M2Y3OGRhYjBjYjliZDcwHhcNMjIwMTIx
MTQwMDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMDljODYxY2Q0MGJk
OGQ5YTVhNmY0M2E3NDcxNzIwZTdiMGVhMjg4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4inICd8WSOgAcDocPl9amzt3x+vBT93dIiLv+gLL135ILGRk
DbWdKzwhzHW2XfMIlnhPzrkyyQYnz9DkFy6vwN/q3DaO7dvVpdCTZPUAt90ee6u5
5aytyyd5prq4y7lK1SSBM+uUnLGGssRf4v85IKe79IbrSLtduiu39gzuex0s3Q70
PwHwwn/pznJmjsC1YUQ3Hz9wbd2eVHAJOlIrzuu5co+rWaR54ZImLnUOkBe+9q2b
HNVxEbTd8V6Xg7qWXyjJu5BzG3IRhCwJ/FZHiDIkEx8FL4PzGWDfQEGENPI0gdxA
awmPSFsBaoHtPWaX1tTje6OvGYIw7d8TT+esOwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCCchhzUC9jZpab0OnRxcg57DqKIMB8GA1UdIwQYMBaAFGndq6I8N/6N9gvi
3iU/eNqwy5vXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YWQycm9qdzNfbzMyQy1MZUpUOTQyckRMbTljLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iMC9kY2Q4N2EtMjMwMy00NTUwLWJmZDYtMDgxYzViODYzMGIwLzEv
SUp5R0hOUUwyTm1scHZRNmRIRnlEbnNPb29nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9k
Y2Q4N2EtMjMwMy00NTUwLWJmZDYtMDgxYzViODYzMGIwLzEvYWQycm9qdzNfbzMy
Qy1MZUpUOTQyckRMbTljLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjuYMA0GCSqGSIb3DQEBCwUAA4IB
AQBHl41Pk6romCt60AkWyhYMNKUw5mv+2urAO3uNdWNhhXyKtyeQk9+NrcmPTzeo
ja0ONLzaTAvujuI77sahR55foc+UJ/sF3q2SWBmFI3xQXhNYsoTqC7+oPFKn+vQ/
VtolWFFbpw+P2q4U7FCNGhWut4H8dR7XCfXqW8+GYJoaI1cBl/CEF54mIz1Mtk3S
rdae5zpFDeGlRigCT1cz5Qp5/2domMPQi7fuhUk3skIcBFZ6UptAppuXyxfBbGjR
KXrs/nobFaSy3itcgmZ1mXr45ObvRzBnYBo5MVX1A/7WWJEs6Pa6iEh6t9YCeVL3
l0ygXnujTfLKPMPVcuFe+AUQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:01 2024 by rpki-client on console-ams.rpki-client.org