Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/TOXEwMgPIZ3nZApYaDZhoXO5uK0.roa
File: TOXEwMgPIZ3nZApYaDZhoXO5uK0.roa (raw, json)
Hash identifier: 04y9jyCkY5lBbFiyIipk3b6tQX+m3INXBU+Cg9JQYvE=
Subject key identifier: 4C:E5:C4:C0:C8:0F:21:9D:E7:64:0A:58:68:36:61:A1:73:B9:B8:AD
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018CC6B919604225430FD739CBFCD0695B86
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/TOXEwMgPIZ3nZApYaDZhoXO5uK0.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142111
IP address blocks: 2.59.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:19:60:42:25:43:0f:d7:39:cb:fc:d0:69:5b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ce5c4c0c80f219de7640a58683661a173b9b8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:37:04:fa:6d:ab:7b:5a:dc:d1:2b:b7:23:eb:
0c:bf:60:ff:ad:45:da:e0:44:f3:97:65:b7:4f:a3:
f7:1b:2f:c3:ee:17:37:64:63:77:4b:b6:17:bc:0e:
da:be:ad:71:7f:5c:c8:13:dd:c7:7c:d3:11:97:3e:
69:86:46:1e:4b:1a:c2:5f:9d:39:4a:21:bc:3c:84:
b2:e5:06:8f:03:dc:c1:e7:71:71:c2:c8:18:19:97:
64:e0:25:b7:06:b7:40:14:92:e9:f8:02:c8:b6:79:
ff:96:4a:80:98:9e:ed:8e:87:76:98:f0:a9:96:95:
df:6b:23:c6:ec:5a:4e:41:10:dc:e0:e9:da:d0:39:
ff:92:cd:80:29:1f:cf:8d:2c:da:77:6b:b4:bb:0d:
d1:b1:be:53:4c:a5:c4:e5:f7:a7:f9:5c:79:a5:d4:
9f:a4:16:20:5b:e1:5e:ad:d6:da:b0:32:65:69:be:
0a:08:ea:fa:ca:b8:e0:d9:58:81:74:c5:67:22:b2:
84:6f:e8:d0:cd:e9:df:4f:b8:82:aa:3a:35:56:ff:
b2:ee:7e:f8:ae:35:de:ee:83:18:38:0e:02:fe:53:
a1:96:20:0d:0e:38:cc:d3:fe:1e:3f:f2:22:32:9e:
7e:09:40:70:81:75:b4:5d:89:70:d0:d9:97:da:f6:
28:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E5:C4:C0:C8:0F:21:9D:E7:64:0A:58:68:36:61:A1:73:B9:B8:AD
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/TOXEwMgPIZ3nZApYaDZhoXO5uK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.182.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c3:cf:52:f0:6a:2e:8b:fc:96:4a:c7:ac:03:99:63:60:59:
3a:54:aa:37:e3:08:b5:22:47:54:19:be:a3:19:32:9e:9d:49:
7b:f3:2e:c8:a9:bd:7a:ef:0d:77:48:b5:6e:2b:31:4a:a3:4c:
01:0c:01:a9:4e:75:8f:48:b2:56:81:50:71:52:51:a6:a1:5d:
a6:ef:dd:04:08:4d:44:b1:df:82:c0:37:aa:33:90:27:12:e0:
9d:97:21:08:67:46:cc:28:93:13:c3:0f:eb:a8:5e:9a:ce:65:
7a:04:c7:a1:f5:04:ea:0b:21:3f:97:df:bb:a8:97:05:5f:df:
18:ba:ef:ac:d9:dc:84:97:ae:5b:d0:4d:63:87:f3:09:41:2c:
20:ab:0b:68:b7:f1:a1:f2:f6:78:86:e2:21:3c:1b:63:fa:02:
ef:c5:35:d9:91:33:b4:a3:33:a9:3d:5a:65:a7:8e:23:a1:30:
54:5b:0a:23:17:e3:fc:20:18:4b:4d:f4:97:0f:6f:af:7f:31:
28:2c:b9:0e:b4:9f:e5:75:79:be:13:3f:74:67:47:60:67:69:
e1:38:c8:ba:ae:b0:d0:7f:72:bf:86:4b:b3:31:eb:36:cf:68:
b1:79:50:57:69:a3:ef:34:dd:bf:3b:d9:a1:34:86:f5:1f:2b:
0a:db:18:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuRlgQiVDD9c5y/zQaVuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U1YzRjMGM4MGYyMTlkZTc2NDBhNTg2ODM2NjFhMTczYjliOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTcE+m2re1rc0Su3I+sMv2D/rUXa
4ETzl2W3T6P3Gy/D7hc3ZGN3S7YXvA7avq1xf1zIE93HfNMRlz5phkYeSxrCX505
SiG8PISy5QaPA9zB53FxwsgYGZdk4CW3BrdAFJLp+ALItnn/lkqAmJ7tjod2mPCp
lpXfayPG7FpOQRDc4Ona0Dn/ks2AKR/PjSzad2u0uw3Rsb5TTKXE5fen+Vx5pdSf
pBYgW+FerdbasDJlab4KCOr6yrjg2ViBdMVnIrKEb+jQzenfT7iCqjo1Vv+y7n74
rjXe7oMYOA4C/lOhliANDjjM0/4eP/IiMp5+CUBwgXW0XYlw0NmX2vYoBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzlxMDIDyGd52QKWGg2YaFzubitMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvVE9YRXdNZ1BJWjNuWkFwWWFEWmhvWE81dUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju2MA0G
CSqGSIb3DQEBCwUAA4IBAQAXw89S8Goui/yWSsesA5ljYFk6VKo34wi1IkdUGb6j
GTKenUl78y7Iqb167w13SLVuKzFKo0wBDAGpTnWPSLJWgVBxUlGmoV2m790ECE1E
sd+CwDeqM5AnEuCdlyEIZ0bMKJMTww/rqF6azmV6BMeh9QTqCyE/l9+7qJcFX98Y
uu+s2dyEl65b0E1jh/MJQSwgqwtot/Gh8vZ4huIhPBtj+gLvxTXZkTO0ozOpPVpl
p44joTBUWwojF+P8IBhLTfSXD2+vfzEoLLkOtJ/ldXm+Ez90Z0dgZ2nhOMi6rrDQ
f3K/hkuzMes2z2ixeVBXaaPvNN2/O9mhNIb1HysK2xhs
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:57:49 2025 by rpki-client