Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/hkBIDQjoRPEAl-rDnDgbQ62wmuM.roa
File: hkBIDQjoRPEAl-rDnDgbQ62wmuM.roa (raw, json)
Hash identifier: yxcmJ6S0j/NKOW+FdED+3Su6peZewaOOZmQhAL5ayxM=
Subject key identifier: 86:40:48:0D:08:E8:44:F1:00:97:EA:C3:9C:38:1B:43:AD:B0:9A:E3
Certificate issuer: /CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Certificate serial: 01856E2F7FFFFD8F477831C94CAAF2AD37E6
Authority key identifier: 69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/hkBIDQjoRPEAl-rDnDgbQ62wmuM.roa
Signing time: Sun 01 Jan 2023 16:34:44 +0000
ROA not before: Sun 01 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.153.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
2.59.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:7f:ff:fd:8f:47:78:31:c9:4c:aa:f2:ad:37:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Validity
Not Before: Jan 1 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8640480d08e844f10097eac39c381b43adb09ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:13:a7:62:25:06:dc:7a:8f:f5:b3:65:af:31:
72:42:82:8a:26:79:ad:c4:73:0b:3e:de:66:e7:53:
7b:fb:57:8b:8f:13:04:5e:f9:c6:6f:e0:b8:dd:14:
e7:19:5e:72:f8:83:19:66:14:a6:66:69:e5:7c:54:
30:83:75:30:07:ee:45:9b:74:14:c2:08:ca:eb:4f:
32:60:6d:ec:d7:20:79:fb:05:2b:27:64:c6:ae:fa:
25:32:bb:6a:dc:63:10:e2:f8:86:6a:03:c2:0c:cf:
dc:81:23:77:5f:62:91:b4:93:b4:e6:6e:e9:84:e8:
9c:72:05:da:87:a7:bd:b5:b2:b4:20:fe:d2:87:65:
e9:01:ce:e4:8e:59:95:dc:e5:43:01:ff:8b:56:79:
dd:78:ce:e2:f0:d7:e5:33:36:2f:30:a2:b4:e8:58:
f7:e8:1b:63:cc:fc:45:e4:05:cf:4e:f9:9c:4c:97:
4f:95:cd:ec:64:6b:7e:62:bc:cd:87:c9:6c:ff:19:
2c:06:de:b2:3f:03:e7:23:72:e3:a3:38:e3:40:1b:
e6:fd:bc:33:e2:a9:65:34:b4:13:de:10:c1:af:91:
f0:b5:2c:e8:b9:13:b3:ec:5b:a7:87:a1:55:28:42:
79:19:d5:5e:94:0e:1d:f1:53:9f:53:aa:a7:47:40:
c2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:40:48:0D:08:E8:44:F1:00:97:EA:C3:9C:38:1B:43:AD:B0:9A:E3
X509v3 Authority Key Identifier:
keyid:69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/hkBIDQjoRPEAl-rDnDgbQ62wmuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/ad2rojw3_o32C-LeJT942rDLm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0-2.59.155.255
Signature Algorithm: sha256WithRSAEncryption
6f:58:3e:4a:e1:c3:d2:c8:a9:a5:cf:e4:eb:3f:9c:63:de:fa:
12:be:82:5f:63:9c:d8:8a:6b:8f:b2:ac:9e:45:9a:fb:73:b3:
e6:32:a4:dd:38:a3:c5:23:8e:fc:e9:84:35:9f:1c:b3:a7:23:
0b:59:4f:af:86:a4:20:99:55:a9:02:a4:8b:bb:18:cc:a4:47:
3a:8a:14:33:19:26:54:16:16:b0:a2:ad:0e:7b:2e:14:99:48:
52:d9:25:14:fc:bb:86:6f:ca:bc:52:e9:bd:00:1c:ab:28:c5:
ff:e9:f3:bb:9c:a8:ef:a2:52:2f:64:76:4f:eb:6f:06:4f:33:
34:a6:60:70:1a:0b:da:47:78:27:23:58:71:3b:e6:20:f7:e8:
14:25:a3:2e:5b:25:7b:fe:e7:ba:f8:9f:d6:6a:be:59:11:c5:
6f:49:ac:46:34:fc:68:bc:f3:69:2b:c4:ee:c4:88:f0:7b:9b:
d9:3e:f6:9d:fd:4d:b5:26:94:7f:d3:4f:37:39:7d:a2:9a:6c:
08:03:3b:86:d6:a5:31:34:67:3f:8b:94:f0:55:9d:e6:0d:2a:
01:4e:da:4b:16:cf:a7:14:ff:a9:88:75:bd:7a:c6:73:fe:b6:
4a:ef:eb:26:4f:d8:19:25:05:8f:11:c3:d2:7d:ec:d0:ee:7d:
36:69:ca:c9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuL3///Y9HeDHJTKryrTfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZGRhYmEyM2MzN2ZlOGRmNjBiZTJkZTI1M2Y3OGRhYjBj
YjliZDcwHhcNMjMwMTAxMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQwNDgwZDA4ZTg0NGYxMDA5N2VhYzM5YzM4MWI0M2FkYjA5YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxOnYiUG3HqP9bNlrzFyQoKKJnmt
xHMLPt5m51N7+1eLjxMEXvnGb+C43RTnGV5y+IMZZhSmZmnlfFQwg3UwB+5Fm3QU
wgjK608yYG3s1yB5+wUrJ2TGrvolMrtq3GMQ4viGagPCDM/cgSN3X2KRtJO05m7p
hOiccgXah6e9tbK0IP7Sh2XpAc7kjlmV3OVDAf+LVnndeM7i8NflMzYvMKK06Fj3
6BtjzPxF5AXPTvmcTJdPlc3sZGt+YrzNh8ls/xksBt6yPwPnI3LjozjjQBvm/bwz
4qllNLQT3hDBr5HwtSzouROz7Funh6FVKEJ5GdVelA4d8VOfU6qnR0DCywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIZASA0I6ETxAJfqw5w4G0OtsJrjMB8GA1UdIwQY
MBaAFGndq6I8N/6N9gvi3iU/eNqwy5vXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWQycm9qdzNfbzMyQy1MZUpUOTQyckRMbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kY2Q4N2EtMjMwMy00NTUwLWJmZDYt
MDgxYzViODYzMGIwLzEvaGtCSURRam9SUEVBbC1yRG5EZ2JRNjJ3bXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kY2Q4N2EtMjMwMy00NTUwLWJmZDYtMDgxYzViODYzMGIw
LzEvYWQycm9qdzNfbzMyQy1MZUpUOTQyckRMbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAACO5kD
BAICO5gwDQYJKoZIhvcNAQELBQADggEBAG9YPkrhw9LIqaXP5Os/nGPe+hK+gl9j
nNiKa4+yrJ5Fmvtzs+YypN04o8UjjvzphDWfHLOnIwtZT6+GpCCZVakCpIu7GMyk
RzqKFDMZJlQWFrCirQ57LhSZSFLZJRT8u4ZvyrxS6b0AHKsoxf/p87ucqO+iUi9k
dk/rbwZPMzSmYHAaC9pHeCcjWHE75iD36BQloy5bJXv+57r4n9ZqvlkRxW9JrEY0
/Gi882krxO7EiPB7m9k+9p39TbUmlH/TTzc5faKabAgDO4bWpTE0Zz+LlPBVneYN
KgFO2ksWz6cU/6mIdb16xnP+tkrv6yZP2BklBY8Rw9J97NDufTZpysk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:11 2024 by rpki-client on console-fra.rpki-client.org