Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/pnw5hX6YWp8_oO15hCrGK7FTjC0.roa
File: pnw5hX6YWp8_oO15hCrGK7FTjC0.roa (raw, json)
Hash identifier: 4/9JLJ6jiTQwJm7862GV9SNQJD3YwzbDqt/66CYUsjQ=
Subject key identifier: A6:7C:39:85:7E:98:5A:9F:3F:A0:ED:79:84:2A:C6:2B:B1:53:8C:2D
Certificate issuer: /CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Certificate serial: 018B957EC980333D2D234A08398250A0772F
Authority key identifier: 69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/pnw5hX6YWp8_oO15hCrGK7FTjC0.roa
Signing time: Fri 03 Nov 2023 14:03:16 +0000
ROA not before: Fri 03 Nov 2023 14:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.152.0/24 maxlen: 24
2.59.153.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
2.59.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:7e:c9:80:33:3d:2d:23:4a:08:39:82:50:a0:77:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69ddaba23c37fe8df60be2de253f78dab0cb9bd7
Validity
Not Before: Nov 3 14:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a67c39857e985a9f3fa0ed79842ac62bb1538c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:46:84:34:00:9d:a2:32:76:ca:66:60:0a:a8:
48:6b:40:4a:61:fb:55:d9:8a:44:8a:37:f6:db:c4:
96:9e:5b:63:eb:61:34:ae:43:33:69:1d:4b:50:47:
80:d0:e2:0e:cb:4c:a0:2f:b0:68:ed:a6:ba:ac:3d:
a6:8c:dc:07:6a:6e:33:42:01:77:fe:3b:0a:c8:b7:
e8:5e:14:4f:d2:bd:3f:a0:e1:6a:7f:f0:7c:d8:36:
18:73:d4:02:59:e0:33:1b:2c:6f:29:48:98:ed:04:
73:13:f8:9b:26:f2:55:40:7e:5d:24:c7:dc:3f:ba:
56:06:d8:4c:a7:62:75:5e:05:ce:47:38:8b:2e:1c:
89:1d:87:0a:3c:e4:c1:36:db:25:3c:38:f8:ab:da:
d7:a2:1f:b4:68:98:ab:98:8f:96:5d:07:b6:8f:b6:
85:e4:de:b6:f2:cf:83:1d:5c:43:b0:83:70:93:a7:
41:b1:f5:aa:ce:6c:dc:5d:c4:0b:70:63:a7:d1:87:
75:6a:9b:c0:b9:40:c6:a6:ae:b7:b5:40:db:4c:6c:
da:7b:3f:b7:11:ef:14:0c:92:e0:b5:54:a1:db:1f:
38:c0:b5:66:76:37:ab:d0:7e:69:84:ca:28:2d:e8:
56:02:4b:4f:86:3d:f3:38:76:56:e4:56:2e:e2:43:
75:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7C:39:85:7E:98:5A:9F:3F:A0:ED:79:84:2A:C6:2B:B1:53:8C:2D
X509v3 Authority Key Identifier:
keyid:69:DD:AB:A2:3C:37:FE:8D:F6:0B:E2:DE:25:3F:78:DA:B0:CB:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad2rojw3_o32C-LeJT942rDLm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/pnw5hX6YWp8_oO15hCrGK7FTjC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/dcd87a-2303-4550-bfd6-081c5b8630b0/1/ad2rojw3_o32C-LeJT942rDLm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:fc:32:bf:b6:13:cf:b5:c3:d4:15:58:7d:d9:6b:f7:f7:28:
a5:64:74:af:d4:52:b4:b8:d3:cb:3b:5a:5c:83:be:c1:d4:44:
5c:63:21:88:4b:6c:5e:cd:9e:97:9a:43:83:64:65:3c:4a:ed:
76:60:a1:74:55:3f:44:32:92:c5:93:8a:cb:25:43:4d:84:d5:
41:51:66:fe:2b:d4:22:45:ba:65:2d:39:53:f9:9c:3d:54:44:
c8:1a:fc:f0:2b:aa:4a:95:51:b1:01:d3:88:7c:d5:cd:fb:e1:
6e:ab:f3:a1:41:de:58:76:82:8c:fd:94:59:28:39:e9:b1:9f:
02:be:07:1d:db:22:7f:a7:ca:b0:9e:34:fc:85:e7:55:c5:b7:
38:58:83:e9:b5:7a:84:86:21:df:16:c9:26:26:6e:da:3b:b8:
12:58:99:c2:73:00:f1:c4:5b:58:1a:69:e3:62:d7:ee:25:47:
c8:69:e6:a9:8e:c3:db:63:ac:a1:8f:b7:dd:09:16:9b:dc:42:
f1:eb:8b:01:5d:ce:2f:61:e1:94:d5:6f:d6:ae:b7:3e:99:ba:
9c:86:de:aa:df:d9:a0:53:93:1d:3c:f2:90:63:b6:9b:be:7e:
81:b2:b1:1a:40:26:56:2a:87:cc:8f:f9:4d:c0:ab:6b:f7:87:
01:25:3d:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuVfsmAMz0tI0oIOYJQoHcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZGRhYmEyM2MzN2ZlOGRmNjBiZTJkZTI1M2Y3OGRhYjBj
YjliZDcwHhcNMjMxMTAzMTQwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdjMzk4NTdlOTg1YTlmM2ZhMGVkNzk4NDJhYzYyYmIxNTM4YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUaENACdojJ2ymZgCqhIa0BKYftV
2YpEijf228SWnltj62E0rkMzaR1LUEeA0OIOy0ygL7Bo7aa6rD2mjNwHam4zQgF3
/jsKyLfoXhRP0r0/oOFqf/B82DYYc9QCWeAzGyxvKUiY7QRzE/ibJvJVQH5dJMfc
P7pWBthMp2J1XgXORziLLhyJHYcKPOTBNtslPDj4q9rXoh+0aJirmI+WXQe2j7aF
5N628s+DHVxDsINwk6dBsfWqzmzcXcQLcGOn0Yd1apvAuUDGpq63tUDbTGzaez+3
Ee8UDJLgtVSh2x84wLVmdjer0H5phMooLehWAktPhj3zOHZW5FYu4kN1owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZ8OYV+mFqfP6DteYQqxiuxU4wtMB8GA1UdIwQY
MBaAFGndq6I8N/6N9gvi3iU/eNqwy5vXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWQycm9qdzNfbzMyQy1MZUpUOTQyckRMbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kY2Q4N2EtMjMwMy00NTUwLWJmZDYt
MDgxYzViODYzMGIwLzEvcG53NWhYNllXcDhfb08xNWhDckdLN0ZUakMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kY2Q4N2EtMjMwMy00NTUwLWJmZDYtMDgxYzViODYzMGIw
LzEvYWQycm9qdzNfbzMyQy1MZUpUOTQyckRMbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjuYMA0G
CSqGSIb3DQEBCwUAA4IBAQCk/DK/thPPtcPUFVh92Wv39yilZHSv1FK0uNPLO1pc
g77B1ERcYyGIS2xezZ6XmkODZGU8Su12YKF0VT9EMpLFk4rLJUNNhNVBUWb+K9Qi
RbplLTlT+Zw9VETIGvzwK6pKlVGxAdOIfNXN++Fuq/OhQd5YdoKM/ZRZKDnpsZ8C
vgcd2yJ/p8qwnjT8hedVxbc4WIPptXqEhiHfFskmJm7aO7gSWJnCcwDxxFtYGmnj
YtfuJUfIaeapjsPbY6yhj7fdCRab3ELx64sBXc4vYeGU1W/Wrrc+mbqcht6q39mg
U5MdPPKQY7abvn6BsrEaQCZWKofMj/lNwKtr94cBJT13
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:01 2024 by rpki-client on console-ams.rpki-client.org