Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/oQAxk7DmcnkE8gAgc8u_DElF-kg.roa
File: oQAxk7DmcnkE8gAgc8u_DElF-kg.roa (raw, json)
Hash identifier: RKIB56TKAkAiZfQvsKRhL8fA4e1HRpRnbbUaPTVQ+OQ=
Subject key identifier: A1:00:31:93:B0:E6:72:79:04:F2:00:20:73:CB:BF:0C:49:45:FA:48
Certificate issuer: /CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Certificate serial: 0139116A
Authority key identifier: 69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/oQAxk7DmcnkE8gAgc8u_DElF-kg.roa
Signing time: Sun 29 May 2022 10:49:14 +0000
ROA not before: Sun 29 May 2022 10:49:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137427
IP address blocks: 2.59.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20517226 (0x139116a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Validity
Not Before: May 29 10:49:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1003193b0e6727904f2002073cbbf0c4945fa48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:23:92:a5:16:92:83:96:dc:e8:1b:ad:f1:f6:
c0:d2:4d:f7:b6:56:a6:dc:13:5d:96:5a:00:d5:25:
40:3c:27:e5:18:a6:b1:6c:f4:0c:a7:bf:b9:1d:fe:
a2:27:61:80:98:6d:3b:11:d6:89:d4:a7:5b:83:b4:
56:51:e7:45:bb:dc:10:f3:8b:d4:62:bb:17:a8:37:
5b:a3:f4:93:cd:9a:12:b2:a8:58:64:a5:f4:0a:b3:
36:12:61:10:ab:60:9a:e0:8d:50:8b:70:2d:08:93:
68:96:ab:ec:65:1e:ab:e7:67:70:30:40:f8:29:3d:
93:38:d2:e8:3a:c8:99:10:22:8e:7b:38:1f:d3:01:
3d:e0:ff:e1:24:87:c8:28:f9:d3:95:e0:e2:ed:c6:
42:d6:eb:44:82:7b:c5:e8:36:4d:c0:01:77:a4:8e:
09:f7:24:d5:16:ee:51:7d:35:71:fb:4a:b3:d8:92:
5c:95:f2:a2:3d:74:6f:f9:f0:55:95:7a:8f:e0:3d:
95:a3:7f:49:a4:06:67:1e:2c:86:f7:70:3f:69:bc:
84:69:2c:32:d8:d8:52:08:c0:55:45:3e:48:d5:b4:
6b:33:d2:b5:d8:8f:65:3a:31:b3:81:e0:96:11:e4:
ff:eb:a4:b5:94:ce:5a:25:47:f1:3d:d8:0b:0d:eb:
15:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:00:31:93:B0:E6:72:79:04:F2:00:20:73:CB:BF:0C:49:45:FA:48
X509v3 Authority Key Identifier:
keyid:69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/oQAxk7DmcnkE8gAgc8u_DElF-kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/ad2rojw3_o32C-LeJT942rDLm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
Signature Algorithm: sha256WithRSAEncryption
46:6c:dd:11:69:82:7b:8e:4c:28:a8:e3:0a:f4:10:cb:16:fe:
f6:97:8b:ec:81:a9:2b:87:05:db:45:f6:7b:d3:db:38:03:6c:
9e:0b:6d:8b:8f:23:58:5e:52:00:d8:5b:a4:11:d3:32:fa:97:
59:c6:56:b3:42:85:9e:5f:5d:4f:90:79:46:f4:d2:57:e0:cd:
db:45:9d:74:33:34:1e:36:6c:a1:0d:82:7b:cc:91:60:3a:36:
f8:d0:64:1d:f2:91:07:2b:dc:50:d9:ca:b2:e2:75:78:02:46:
e7:45:b3:b5:33:3e:68:08:e3:4e:f6:65:dd:e8:97:ae:a4:a3:
e8:e6:37:90:10:c7:6d:73:0f:fb:ac:ca:2f:0c:a5:ea:f0:28:
e1:8b:73:b1:2e:c9:66:6d:52:77:09:b3:e2:fc:6e:9e:5e:a8:
42:29:87:c0:d6:68:77:8e:a2:ad:10:ec:5a:01:3a:9c:01:28:
ef:fe:21:3e:41:2b:ad:21:f6:96:b1:fc:1f:2b:27:33:67:68:
88:14:cc:95:b1:0c:9d:04:42:76:2a:f5:5c:c6:b7:de:f0:ba:
75:de:cd:4f:32:ba:14:5d:fe:aa:c5:bb:a8:64:38:57:da:61:
26:c9:23:0c:db:63:05:8a:09:18:83:36:47:ae:02:1a:a8:52:
6f:6b:97:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATkRajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OWRkYWJhMjNjMzdmZThkZjYwYmUyZGUyNTNmNzhkYWIwY2I5YmQ3MB4XDTIyMDUy
OTEwNDkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEwMDMxOTNiMGU2
NzI3OTA0ZjIwMDIwNzNjYmJmMGM0OTQ1ZmE0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwjkqUWkoOW3OgbrfH2wNJN97ZWptwTXZZaANUlQDwn5Rim
sWz0DKe/uR3+oidhgJhtOxHWidSnW4O0VlHnRbvcEPOL1GK7F6g3W6P0k82aErKo
WGSl9AqzNhJhEKtgmuCNUItwLQiTaJar7GUeq+dncDBA+Ck9kzjS6DrImRAijns4
H9MBPeD/4SSHyCj505Xg4u3GQtbrRIJ7xeg2TcABd6SOCfck1RbuUX01cftKs9iS
XJXyoj10b/nwVZV6j+A9laN/SaQGZx4shvdwP2m8hGksMtjYUgjAVUU+SNW0azPS
tdiPZToxs4HglhHk/+uktZTOWiVH8T3YCw3rFZECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShADGTsOZyeQTyACBzy78MSUX6SDAfBgNVHSMEGDAWgBRp3auiPDf+jfYL
4t4lP3jasMub1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FkMnJvanczX28zMkMtTGVKVDk0MnJETG05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvZGNkODdhLTIzMDMtNDU1MC1iZmQ2LTA4MWM1Yjg2MzBiMC8x
L29RQXhrN0RtY25rRThnQWdjOHVfREVsRi1rZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
ZGNkODdhLTIzMDMtNDU1MC1iZmQ2LTA4MWM1Yjg2MzBiMC8xL2FkMnJvanczX28z
MkMtTGVKVDk0MnJETG05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI7mTANBgkqhkiG9w0BAQsFAAOC
AQEARmzdEWmCe45MKKjjCvQQyxb+9peL7IGpK4cF20X2e9PbOANsngtti48jWF5S
ANhbpBHTMvqXWcZWs0KFnl9dT5B5RvTSV+DN20WddDM0HjZsoQ2Ce8yRYDo2+NBk
HfKRByvcUNnKsuJ1eAJG50WztTM+aAjjTvZl3eiXrqSj6OY3kBDHbXMP+6zKLwyl
6vAo4YtzsS7JZm1Sdwmz4vxunl6oQimHwNZod46irRDsWgE6nAEo7/4hPkErrSH2
lrH8HysnM2doiBTMlbEMnQRCdir1XMa33vC6dd7NTzK6FF3+qsW7qGQ4V9phJskj
DNtjBYoJGIM2R64CGqhSb2uXZg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:15:12 2025 by rpki-client