Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/O1pTcVyoA6zdVqq96RqhjYuhW2I.roa
File: O1pTcVyoA6zdVqq96RqhjYuhW2I.roa (raw, json)
Hash identifier: YzUGInKdZ/WJsiYpIWX5qt8vLFAnX6roEJTyDiw0EJA=
Subject key identifier: 3B:5A:53:71:5C:A8:03:AC:DD:56:AA:BD:E9:1A:A1:8D:8B:A1:5B:62
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 01856B6EB1DA77647424C420AA1A0362E9A1
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/O1pTcVyoA6zdVqq96RqhjYuhW2I.roa
Signing time: Sun 01 Jan 2023 03:44:54 +0000
ROA not before: Sun 01 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203355
IP address blocks: 2.58.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:b1:da:77:64:74:24:c4:20:aa:1a:03:62:e9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Jan 1 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b5a53715ca803acdd56aabde91aa18d8ba15b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:7e:b4:62:cf:95:e7:e4:3b:ed:f6:ed:81:
95:b0:b6:bb:c7:13:52:3e:7b:5c:05:d2:a7:89:92:
bc:77:15:e0:35:e7:66:de:e3:b1:9c:96:7c:aa:ad:
4e:b9:23:8c:af:30:f6:df:34:f8:ed:8e:37:cc:fc:
c5:cc:04:b3:ca:eb:25:30:ba:86:de:b3:c9:92:64:
82:8b:df:ff:da:66:87:d2:4f:2b:4d:c7:b0:80:91:
7d:2d:4a:fe:aa:7f:1a:2e:60:00:fd:53:be:6f:8f:
88:bf:99:d1:d9:5d:43:18:3b:ab:2c:93:0b:cd:4a:
60:35:74:36:91:3a:1a:e4:04:ea:f6:d0:fc:84:c2:
0c:df:9b:ea:35:da:e2:dc:f8:15:c0:eb:0e:cd:21:
34:b6:41:c0:12:ba:8b:0b:9a:d3:cf:ed:17:c9:f7:
d1:fd:3f:c1:79:05:eb:ba:00:5e:99:7e:e8:4b:ed:
44:84:cd:4a:ab:23:6b:22:b5:71:43:7a:6a:a2:05:
b0:46:98:7f:23:3d:cf:57:26:5c:6b:3e:62:36:67:
2f:f6:4b:32:a9:62:ea:a5:21:ab:e8:38:71:8c:4c:
0b:61:2f:d9:05:32:e1:b3:85:b6:93:b4:a9:4a:4e:
ba:1b:aa:c3:4d:d8:70:69:19:56:d9:92:dc:89:34:
ab:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5A:53:71:5C:A8:03:AC:DD:56:AA:BD:E9:1A:A1:8D:8B:A1:5B:62
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/O1pTcVyoA6zdVqq96RqhjYuhW2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.66.0/23
Signature Algorithm: sha256WithRSAEncryption
89:f6:93:7f:97:db:25:17:1d:ad:bb:d0:6d:11:cd:98:2b:8d:
91:18:46:53:1f:7e:42:8c:59:a8:53:21:04:05:9f:59:99:f7:
cf:9b:f2:78:0a:9d:f2:fa:f3:dd:d3:cc:72:8a:31:34:27:13:
70:6c:cf:4f:50:a6:cf:b5:1f:6b:c4:6c:0c:59:b3:5e:b0:99:
fb:1e:57:08:3f:99:ba:7b:b9:dc:3c:76:99:24:30:16:36:5c:
a9:77:2b:4e:bb:89:82:74:48:33:88:21:e8:b7:28:8f:90:c5:
0d:5e:d8:64:fd:a1:01:9b:a4:70:c5:eb:db:b9:59:18:b4:fc:
6d:e2:9e:f0:51:9d:c7:af:e4:3e:68:bb:60:22:f4:00:fd:60:
7e:c6:90:22:4a:f8:62:fe:d3:ae:b7:ff:39:42:40:28:0b:c2:
34:d2:32:33:2c:ef:ec:f8:dd:cd:01:90:81:82:22:65:23:18:
f3:cf:a9:78:cf:21:34:c1:8d:42:ed:c7:83:1e:2f:14:d4:ea:
0c:58:6f:55:9f:0a:f5:e7:15:5f:6e:8a:a2:56:61:49:37:81:
b2:3c:0b:78:ed:43:22:2e:e5:78:a6:31:11:5d:d4:5c:3c:d7:
52:f9:03:6b:9b:82:5b:df:3b:1e:ee:bd:2f:19:d1:90:af:61:
c4:6a:0b:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrbrHad2R0JMQgqhoDYumhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjMwMTAxMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjVhNTM3MTVjYTgwM2FjZGQ1NmFhYmRlOTFhYTE4ZDhiYTE1YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmZ+tGLPlefkO+327YGVsLa7xxNS
PntcBdKniZK8dxXgNedm3uOxnJZ8qq1OuSOMrzD23zT47Y43zPzFzASzyuslMLqG
3rPJkmSCi9//2maH0k8rTcewgJF9LUr+qn8aLmAA/VO+b4+Iv5nR2V1DGDurLJML
zUpgNXQ2kToa5ATq9tD8hMIM35vqNdri3PgVwOsOzSE0tkHAErqLC5rTz+0XyffR
/T/BeQXrugBemX7oS+1EhM1KqyNrIrVxQ3pqogWwRph/Iz3PVyZcaz5iNmcv9ksy
qWLqpSGr6DhxjEwLYS/ZBTLhs4W2k7SpSk66G6rDTdhwaRlW2ZLciTSrKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtaU3FcqAOs3VaqvekaoY2LoVtiMB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvTzFwVGNWeW9BNnpkVnFxOTZScWhqWXVoVzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjpCMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ9pN/l9slFx2tu9BtEc2YK42RGEZTH35CjFmoUyEE
BZ9ZmffPm/J4Cp3y+vPd08xyijE0JxNwbM9PUKbPtR9rxGwMWbNesJn7HlcIP5m6
e7ncPHaZJDAWNlypdytOu4mCdEgziCHotyiPkMUNXthk/aEBm6RwxevbuVkYtPxt
4p7wUZ3Hr+Q+aLtgIvQA/WB+xpAiSvhi/tOut/85QkAoC8I00jIzLO/s+N3NAZCB
giJlIxjzz6l4zyE0wY1C7ceDHi8U1OoMWG9Vnwr15xVfboqiVmFJN4GyPAt47UMi
LuV4pjERXdRcPNdS+QNrm4Jb3zse7r0vGdGQr2HEagsu
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:00:56 2025 by rpki-client