Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/XkB9FyUrl_hEf3t16Nf8MwiEenY.roa
File: XkB9FyUrl_hEf3t16Nf8MwiEenY.roa (raw, json)
Hash identifier: 5GPl48iaR95a+Okk+L+GbhS4ryo9ZnK1AHkg6Sf4x5s=
Subject key identifier: 5E:40:7D:17:25:2B:97:F8:44:7F:7B:75:E8:D7:FC:33:08:84:7A:76
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 019423D6CEA7C9EC2D9BF13A15A6FC01B3C2
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/XkB9FyUrl_hEf3t16Nf8MwiEenY.roa
Signing time: Wed 01 Jan 2025 21:47:47 +0000
ROA not before: Wed 01 Jan 2025 21:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214461
IP address blocks: 62.113.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ce:a7:c9:ec:2d:9b:f1:3a:15:a6:fc:01:b3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Jan 1 21:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e407d17252b97f8447f7b75e8d7fc3308847a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ba:2d:8c:05:72:3a:75:3d:c7:75:c8:67:11:
b9:f7:aa:e6:17:23:a0:91:b4:bc:fb:22:a6:9d:0e:
53:9f:c4:6c:5a:19:fa:5a:48:8f:24:a4:72:7e:76:
d3:be:a1:d9:5b:37:f3:6f:0c:86:9f:df:2c:63:6c:
81:c1:a4:bc:73:e3:7e:a1:f9:28:75:35:d4:69:6d:
22:9a:ff:01:9d:e0:47:cd:48:09:5c:e4:a8:54:58:
2b:46:f1:44:a1:94:2e:5f:6f:c5:e5:76:be:76:40:
96:56:da:54:52:68:e4:91:7b:ae:92:dc:e0:7a:3a:
ee:09:59:db:8b:3b:60:28:cb:e5:b7:67:e4:f7:c4:
c0:e7:f9:ee:ab:89:29:f8:cf:a0:47:6b:01:52:1d:
a0:fa:59:bc:12:81:28:db:62:3e:96:6f:77:08:54:
a4:04:9b:70:21:21:51:28:1a:22:0b:1a:a4:09:20:
14:83:96:f2:11:a8:ca:e3:d1:e7:ae:98:5c:2e:c6:
ca:2c:63:aa:7d:50:82:8c:12:cc:1e:60:ce:dc:59:
2d:fe:51:d5:31:15:40:ce:68:ba:46:6d:11:9c:e4:
01:67:a2:d0:e8:4b:5f:63:d1:ee:a9:a4:41:71:e7:
b1:1c:77:f8:78:8c:03:7c:68:69:04:aa:33:67:42:
5a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:40:7D:17:25:2B:97:F8:44:7F:7B:75:E8:D7:FC:33:08:84:7A:76
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/XkB9FyUrl_hEf3t16Nf8MwiEenY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.59.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:35:95:ab:96:8b:b5:95:d0:68:02:09:bd:b2:f4:81:11:62:
2e:95:65:74:87:8d:30:b8:1a:04:6e:83:67:fd:a5:d0:96:3a:
2f:a9:e1:ec:02:9c:de:5a:4a:12:a1:04:e3:12:49:2d:44:22:
a5:38:3e:78:4b:cf:8c:b8:65:f5:ea:a4:45:38:43:ef:96:ed:
ea:37:ae:dd:d4:d4:b8:bd:d4:c6:6a:ed:1e:7e:5c:b3:45:fc:
e0:24:3c:e0:74:81:6f:d0:30:48:75:36:cd:02:16:4f:9d:c7:
a9:db:12:60:dc:5e:53:40:4a:75:2f:62:0b:d1:67:13:e9:0e:
f3:a2:0a:31:88:a4:9a:ed:c6:1f:90:03:5a:20:6e:9f:7a:ab:
26:90:5b:65:12:15:4c:41:c4:47:02:1b:b2:33:5d:a2:86:2b:
3b:73:36:4a:71:8f:66:d7:e8:70:45:8e:a4:37:f7:5b:28:9b:
8c:9b:1d:22:d0:00:94:21:24:83:fe:7e:f6:e7:8c:7d:84:d4:
12:8e:aa:f7:03:c2:41:d4:74:24:3f:09:f2:0e:c6:a9:be:0a:
d6:3b:b5:7a:30:41:ee:df:9e:d2:a7:f2:19:c3:2b:b2:a1:4c:
81:95:76:9d:92:70:e6:e4:35:7a:63:2a:50:fa:55:e9:6c:99:
ea:eb:b1:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1s6nyewtm/E6Fab8AbPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjUwMTAxMjE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQwN2QxNzI1MmI5N2Y4NDQ3ZjdiNzVlOGQ3ZmMzMzA4ODQ3YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrotjAVyOnU9x3XIZxG596rmFyOg
kbS8+yKmnQ5Tn8RsWhn6WkiPJKRyfnbTvqHZWzfzbwyGn98sY2yBwaS8c+N+ofko
dTXUaW0imv8BneBHzUgJXOSoVFgrRvFEoZQuX2/F5Xa+dkCWVtpUUmjkkXuuktzg
ejruCVnbiztgKMvlt2fk98TA5/nuq4kp+M+gR2sBUh2g+lm8EoEo22I+lm93CFSk
BJtwISFRKBoiCxqkCSAUg5byEajK49HnrphcLsbKLGOqfVCCjBLMHmDO3Fkt/lHV
MRVAzmi6Rm0RnOQBZ6LQ6EtfY9HuqaRBceexHHf4eIwDfGhpBKozZ0JayQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5AfRclK5f4RH97dejX/DMIhHp2MB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvWGtCOUZ5VXJsX2hFZjN0MTZOZjhNd2lFZW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPnE7MA0G
CSqGSIb3DQEBCwUAA4IBAQCbNZWrlou1ldBoAgm9svSBEWIulWV0h40wuBoEboNn
/aXQljovqeHsApzeWkoSoQTjEkktRCKlOD54S8+MuGX16qRFOEPvlu3qN67d1NS4
vdTGau0eflyzRfzgJDzgdIFv0DBIdTbNAhZPncep2xJg3F5TQEp1L2IL0WcT6Q7z
ogoxiKSa7cYfkANaIG6feqsmkFtlEhVMQcRHAhuyM12ihis7czZKcY9m1+hwRY6k
N/dbKJuMmx0i0ACUISSD/n7254x9hNQSjqr3A8JB1HQkPwnyDsapvgrWO7V6MEHu
357Sp/IZwyuyoUyBlXadknDm5DV6YypQ+lXpbJnq67Hl
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:45:40 2025 by rpki-client