Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/DdbfGJMt1O33yfz9uqIypBBYsTE.roa
File: DdbfGJMt1O33yfz9uqIypBBYsTE.roa (raw, json)
Hash identifier: g/7+Wh33G86yF44/Pc78Wfr5sc4vVkTLhY96zTbraWQ=
Subject key identifier: 0D:D6:DF:18:93:2D:D4:ED:F7:C9:FC:FD:BA:A2:32:A4:10:58:B1:31
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 040AA97A
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/DdbfGJMt1O33yfz9uqIypBBYsTE.roa
Signing time: Sat 01 Jan 2022 08:03:35 +0000
ROA not before: Sat 01 Jan 2022 08:03:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212786
IP address blocks: 2.59.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67807610 (0x40aa97a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Jan 1 08:03:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dd6df18932dd4edf7c9fcfdbaa232a41058b131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f6:92:61:e5:e6:ff:50:a1:54:6d:ac:81:48:
4d:b8:30:70:c5:9f:16:23:5b:b7:f9:93:0e:ea:3b:
53:6a:6e:87:cf:25:5c:ce:1c:11:9e:99:ec:00:89:
48:64:6b:5b:7e:a6:59:4f:a2:61:4f:4a:e2:b0:6f:
68:b6:61:44:63:45:c8:b3:3e:4f:e2:b6:58:59:46:
42:70:79:e0:bd:22:4b:f6:d8:f4:db:0c:08:3b:f7:
55:87:99:f1:06:af:45:54:e6:16:5d:c1:f5:15:b5:
0f:0c:af:68:43:42:11:60:c0:84:c5:13:cf:e7:13:
49:b0:dc:0a:f5:38:1a:a2:68:fb:72:0d:28:56:af:
e8:7b:bb:e4:da:59:57:37:e6:06:45:62:40:ec:c8:
c0:fc:38:4e:c2:38:56:9c:22:e7:d2:bf:53:46:d3:
57:3d:5a:80:cc:a6:8e:15:58:9a:f5:93:d2:a8:85:
1e:b8:e6:d6:b3:ed:3d:0e:4b:0a:17:38:81:7d:34:
a5:e5:f4:78:b7:3d:35:d3:3b:af:00:4a:25:8d:4f:
58:84:19:bd:b1:77:0c:ef:0b:1b:03:20:b4:54:b0:
2b:9c:7c:d9:60:f6:84:74:35:4c:b8:00:29:1d:ff:
94:c2:78:c2:29:35:48:25:7c:70:a3:94:cf:4d:a3:
8e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D6:DF:18:93:2D:D4:ED:F7:C9:FC:FD:BA:A2:32:A4:10:58:B1:31
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/DdbfGJMt1O33yfz9uqIypBBYsTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.60.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:f7:ed:50:b6:18:1c:7d:e5:70:30:83:c1:6b:d5:91:37:2b:
be:c3:f4:10:17:59:61:1a:cb:18:5c:a5:ff:7f:1a:8c:f8:e2:
83:06:60:31:d2:ce:17:e7:43:05:01:7d:fe:c9:06:0f:4e:da:
c6:75:67:ae:c0:86:e9:f5:a9:df:37:57:32:73:3d:62:e7:bc:
34:75:ce:41:5f:25:ee:2b:e1:7c:e5:de:67:35:6a:f6:94:fc:
0d:e0:35:28:c7:fc:33:39:94:ec:cf:94:a7:9b:fb:28:3a:3e:
c7:5e:40:4a:bb:4b:39:e9:2e:fc:5a:af:75:bc:af:88:ed:08:
71:e2:2e:da:76:ed:8e:45:87:17:42:0e:2e:cd:5a:ca:95:4c:
09:88:3e:a6:77:3f:8d:c0:4f:6b:58:c9:2c:b7:cd:a4:cc:00:
15:1e:0f:83:b1:a3:e1:fe:20:26:3a:d9:fd:98:49:82:a8:83:
e1:37:0c:30:9c:ec:7d:04:9b:52:ca:08:c4:a0:a9:35:53:65:
f1:d7:da:23:c2:2b:ba:0c:03:00:97:88:c1:83:37:a8:5d:80:
6d:9e:5c:ba:9b:4b:f7:2f:e4:82:ad:aa:37:10:ad:42:0e:9f:
d1:de:05:25:1c:d9:fb:5b:da:bd:87:51:29:84:30:62:46:18:
28:56:23:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBAqpejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjQwMzkzOTkwMTdmYTA5M2RjOGQ1MDM3OTlmNmNhNDAzZjBiZDA1MB4XDTIyMDEw
MTA4MDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRkNmRmMTg5MzJk
ZDRlZGY3YzlmY2ZkYmFhMjMyYTQxMDU4YjEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMH2kmHl5v9QoVRtrIFITbgwcMWfFiNbt/mTDuo7U2puh88l
XM4cEZ6Z7ACJSGRrW36mWU+iYU9K4rBvaLZhRGNFyLM+T+K2WFlGQnB54L0iS/bY
9NsMCDv3VYeZ8QavRVTmFl3B9RW1DwyvaENCEWDAhMUTz+cTSbDcCvU4GqJo+3IN
KFav6Hu75NpZVzfmBkViQOzIwPw4TsI4Vpwi59K/U0bTVz1agMymjhVYmvWT0qiF
Hrjm1rPtPQ5LChc4gX00peX0eLc9NdM7rwBKJY1PWIQZvbF3DO8LGwMgtFSwK5x8
2WD2hHQ1TLgAKR3/lMJ4wik1SCV8cKOUz02jjucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQN1t8Yky3U7ffJ/P26ojKkEFixMTAfBgNVHSMEGDAWgBRiQDk5kBf6CT3I
1QN5n2ykA/C9BTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrQTVPWkFYLWdrOXlOVURlWjlzcEFQd3ZRVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvZWIyMzlhLTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8x
L0RkYmZHSk10MU8zM3lmejl1cUl5cEJCWXNURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ZWIyMzlhLTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8xL1lrQTVPWkFYLWdr
OXlOVURlWjlzcEFQd3ZRVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI7PDANBgkqhkiG9w0BAQsFAAOC
AQEAPfftULYYHH3lcDCDwWvVkTcrvsP0EBdZYRrLGFyl/38ajPjigwZgMdLOF+dD
BQF9/skGD07axnVnrsCG6fWp3zdXMnM9Yue8NHXOQV8l7ivhfOXeZzVq9pT8DeA1
KMf8MzmU7M+Up5v7KDo+x15ASrtLOeku/FqvdbyviO0IceIu2nbtjkWHF0IOLs1a
ypVMCYg+pnc/jcBPa1jJLLfNpMwAFR4Pg7Gj4f4gJjrZ/ZhJgqiD4TcMMJzsfQSb
UsoIxKCpNVNl8dfaI8IrugwDAJeIwYM3qF2AbZ5cuptL9y/kgq2qNxCtQg6f0d4F
JRzZ+1vavYdRKYQwYkYYKFYjIg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:35 2025 by rpki-client