Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/jAktozzjvPKI90Hj6_BDs74ACO8.roa
File: jAktozzjvPKI90Hj6_BDs74ACO8.roa (raw, json)
Hash identifier: GYJwDtTxQQVs7ysCB68s83Mj/0YXizCaiSbbN3afx/U=
Subject key identifier: 8C:09:2D:A3:3C:E3:BC:F2:88:F7:41:E3:EB:F0:43:B3:BE:00:08:EF
Certificate issuer: /CN=80695eb990427a585cf03b22d805878709c910d2
Certificate serial: 018CC2DAB65316993B62B797C5814979C8C8
Authority key identifier: 80:69:5E:B9:90:42:7A:58:5C:F0:3B:22:D8:05:87:87:09:C9:10:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGleuZBCelhc8Dsi2AWHhwnJENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/jAktozzjvPKI90Hj6_BDs74ACO8.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2.59.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b6:53:16:99:3b:62:b7:97:c5:81:49:79:c8:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80695eb990427a585cf03b22d805878709c910d2
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c092da33ce3bcf288f741e3ebf043b3be0008ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:46:d4:43:75:c4:c8:38:1a:9b:71:4f:c2:
5d:d3:aa:db:be:4e:0f:cb:e9:72:1d:c4:47:2e:d5:
20:84:77:cd:90:a7:65:cf:b2:e4:c0:7a:3c:ec:3b:
b9:32:3b:77:38:b7:48:bc:d5:f4:31:80:fb:b1:53:
5c:ba:87:af:72:d3:f0:24:c2:bc:f6:76:23:5b:d1:
78:77:de:50:89:71:93:c3:75:c7:10:38:6d:f8:99:
50:09:52:a0:5c:32:6b:cb:16:52:4c:cd:eb:63:90:
f0:8e:9d:18:36:f8:8c:b2:e2:26:fb:21:fb:40:59:
25:f8:d4:9d:87:37:ea:5d:08:83:3b:b7:ab:1f:bf:
c5:1e:d9:2e:ba:d3:85:0f:c0:a9:7b:4d:2f:fe:ae:
21:1c:d3:e1:8c:71:6a:df:a0:2a:1e:11:20:59:04:
0c:a7:2f:bc:62:b9:f3:10:d1:88:2d:21:5f:a1:91:
79:73:d9:2a:a9:ea:d8:e3:cd:cb:53:51:ad:32:66:
62:5b:49:58:5d:61:e0:cc:69:bd:e4:3a:4d:15:3d:
a3:b9:c0:cb:a0:e2:c9:44:6c:ad:ca:18:21:dc:1b:
9e:91:e5:58:ca:02:f7:85:70:b1:9c:75:73:af:54:
3f:4e:d1:40:fa:97:2d:3c:f1:e5:b2:12:9c:5a:c5:
85:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:09:2D:A3:3C:E3:BC:F2:88:F7:41:E3:EB:F0:43:B3:BE:00:08:EF
X509v3 Authority Key Identifier:
keyid:80:69:5E:B9:90:42:7A:58:5C:F0:3B:22:D8:05:87:87:09:C9:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGleuZBCelhc8Dsi2AWHhwnJENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/jAktozzjvPKI90Hj6_BDs74ACO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/gGleuZBCelhc8Dsi2AWHhwnJENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.128.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:54:e6:9e:ae:2d:86:02:d7:0c:bc:16:31:7c:73:9a:6d:e5:
b6:53:ae:fe:b5:2d:52:2f:f5:46:83:85:8c:d2:49:37:9f:17:
8b:d1:fd:77:53:1a:de:d7:98:e9:7b:89:72:e4:da:d4:10:22:
f5:d1:a0:ee:b1:52:ef:7b:21:57:a4:62:19:a4:61:25:da:13:
84:86:43:08:27:cd:b9:bd:7b:49:4f:b7:f1:27:f7:3f:74:3f:
ac:1b:10:8e:19:f3:aa:26:94:82:e6:44:f7:af:a6:e7:83:b7:
c1:07:12:83:15:a3:d9:d3:9e:e4:ba:83:83:6e:45:10:dc:bc:
6b:74:3b:0d:ac:d8:80:b0:cc:ce:06:00:0e:d0:6c:28:6c:99:
c5:8f:89:1c:4b:32:b2:3d:f7:fb:34:cc:62:7b:fd:df:7b:96:
86:11:67:19:e4:01:eb:95:1d:6a:e8:b0:8e:9b:17:b9:ab:67:
c4:da:e8:98:55:76:73:fb:cc:c0:3c:a1:e4:e0:5d:82:43:5d:
3b:d2:1c:31:d4:fa:23:c0:19:e5:fd:64:9c:99:ce:82:e6:c5:
9f:d9:5c:e1:30:2e:57:eb:72:69:13:32:b2:85:fb:23:cd:65:
99:7f:e6:91:46:bf:eb:ff:3c:bb:8a:01:3c:af:86:c5:c6:f1:
55:7f:0e:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2rZTFpk7YreXxYFJecjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjk1ZWI5OTA0MjdhNTg1Y2YwM2IyMmQ4MDU4Nzg3MDlj
OTEwZDIwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA5MmRhMzNjZTNiY2YyODhmNzQxZTNlYmYwNDNiM2JlMDAwOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvFG1EN1xMg4GptxT8Jd06rbvk4P
y+lyHcRHLtUghHfNkKdlz7LkwHo87Du5Mjt3OLdIvNX0MYD7sVNcuoevctPwJMK8
9nYjW9F4d95QiXGTw3XHEDht+JlQCVKgXDJryxZSTM3rY5Dwjp0YNviMsuIm+yH7
QFkl+NSdhzfqXQiDO7erH7/FHtkuutOFD8Cpe00v/q4hHNPhjHFq36AqHhEgWQQM
py+8YrnzENGILSFfoZF5c9kqqerY483LU1GtMmZiW0lYXWHgzGm95DpNFT2jucDL
oOLJRGytyhgh3BuekeVYygL3hXCxnHVzr1Q/TtFA+pctPPHlshKcWsWF6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwJLaM847zyiPdB4+vwQ7O+AAjvMB8GA1UdIwQY
MBaAFIBpXrmQQnpYXPA7ItgFh4cJyRDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dsZXVaQkNlbGhjOERzaTJBV0hod25KRU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80ZTQzMjAtYzM4NC00ODQ3LWIyMzgt
ZWU2N2E5NjZiMDkyLzEvakFrdG96emp2UEtJOTBIajZfQkRzNzRBQ084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80ZTQzMjAtYzM4NC00ODQ3LWIyMzgtZWU2N2E5NjZiMDky
LzEvZ0dsZXVaQkNlbGhjOERzaTJBV0hod25KRU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjuAMA0G
CSqGSIb3DQEBCwUAA4IBAQBrVOaeri2GAtcMvBYxfHOabeW2U67+tS1SL/VGg4WM
0kk3nxeL0f13Uxre15jpe4ly5NrUECL10aDusVLveyFXpGIZpGEl2hOEhkMIJ825
vXtJT7fxJ/c/dD+sGxCOGfOqJpSC5kT3r6bng7fBBxKDFaPZ057kuoODbkUQ3Lxr
dDsNrNiAsMzOBgAO0GwobJnFj4kcSzKyPff7NMxie/3fe5aGEWcZ5AHrlR1q6LCO
mxe5q2fE2uiYVXZz+8zAPKHk4F2CQ1070hwx1PojwBnl/WScmc6C5sWf2VzhMC5X
63JpEzKyhfsjzWWZf+aRRr/r/zy7igE8r4bFxvFVfw6v
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:08:33 2025 by rpki-client