Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/DsyqwESYp4bmMSs9uCFJzZRR7bA.roa
File: DsyqwESYp4bmMSs9uCFJzZRR7bA.roa (raw, json)
Hash identifier: E3RC3t5fdJdmxwazPUOCHAze3MC/dZe6+l07MFZq2yo=
Subject key identifier: 0E:CC:AA:C0:44:98:A7:86:E6:31:2B:3D:B8:21:49:CD:94:51:ED:B0
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 0194236A3EBD02035DBD358C18197FEED2BF
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/DsyqwESYp4bmMSs9uCFJzZRR7bA.roa
Signing time: Wed 01 Jan 2025 19:49:12 +0000
ROA not before: Wed 01 Jan 2025 19:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48347
IP address blocks: 176.58.60.0/24 maxlen: 24
176.58.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3e:bd:02:03:5d:bd:35:8c:18:19:7f:ee:d2:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 19:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eccaac04498a786e6312b3db82149cd9451edb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c8:64:de:dc:58:2b:90:fe:9d:ee:ff:be:88:
88:7c:be:6f:2f:b0:4d:e5:4f:36:ae:54:97:e6:37:
be:50:18:b0:84:1d:af:84:cf:4d:fe:2a:4e:53:89:
a2:91:b0:d8:bc:63:48:64:06:b0:c0:93:ed:6b:44:
78:5f:7f:52:ed:a5:3b:62:a0:92:4a:c4:3f:8f:da:
5b:f3:4b:66:18:8a:e8:59:b5:a2:f8:53:e9:37:6d:
fa:a5:55:10:8b:66:48:a1:7c:3a:b0:27:62:41:c5:
66:6f:8a:bb:e9:ac:8f:ce:c4:dc:c6:90:09:70:05:
93:51:b2:22:e4:a3:0d:b8:d7:31:1a:33:97:2f:3e:
38:48:b4:d1:aa:ba:50:34:5e:cb:21:c0:9f:7b:03:
f8:16:c0:17:e3:71:75:6a:b7:7d:28:28:45:3d:36:
78:ff:f9:f9:03:95:21:6b:a3:ff:8b:a8:69:76:a7:
3b:38:0a:de:aa:0d:17:f7:31:a5:0f:17:35:22:bd:
7b:1e:33:c8:1b:16:ae:2d:90:75:6f:f8:15:56:12:
26:2b:46:aa:9c:d5:09:7c:4e:e0:f5:04:da:1c:49:
e0:f1:18:ef:a4:99:0b:90:99:d0:9b:c7:9b:a0:29:
6b:0e:9a:9b:25:cb:57:f5:ae:b1:b1:63:d5:91:df:
87:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CC:AA:C0:44:98:A7:86:E6:31:2B:3D:B8:21:49:CD:94:51:ED:B0
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/DsyqwESYp4bmMSs9uCFJzZRR7bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.60.0/23
Signature Algorithm: sha256WithRSAEncryption
47:9a:2e:85:bb:ea:9b:a4:ab:ae:b0:e7:14:c8:e0:03:d7:d4:
d4:c4:a2:5b:7e:d1:04:07:f2:d0:dd:24:cc:9f:d2:b7:e1:a1:
4d:12:3e:54:d2:d5:8a:51:dd:eb:38:48:7f:27:9b:5a:99:92:
ad:f7:c7:c0:e9:38:eb:e4:f9:29:fe:34:f1:c4:bd:6f:44:2f:
dc:23:12:b8:0b:e2:e7:5e:78:21:a1:cf:8c:97:72:cb:7e:c0:
8b:2e:33:b3:bf:02:c0:8a:ed:1e:1e:78:1f:9f:22:fc:95:dd:
7f:02:12:b0:be:c8:95:aa:9a:2b:9d:6e:6c:28:65:7a:5b:85:
fb:f4:71:79:c6:68:86:c0:76:37:f7:62:3d:34:a0:bc:30:4f:
a8:da:6d:92:0e:b2:89:98:a6:16:80:a1:5a:bf:f5:9e:61:4c:
2d:da:91:36:05:af:94:c1:61:8e:01:88:00:ec:33:fc:6e:10:
d6:64:68:30:b7:93:bf:65:37:ca:05:53:51:d4:38:fd:82:0b:
b8:b0:61:25:d9:01:f9:0d:bb:99:17:f4:1f:76:ce:8f:88:7d:
75:a4:84:e7:52:21:ec:b1:29:5a:1c:39:64:4a:a7:b4:a2:ee:
fd:d7:7f:01:f4:f3:00:b3:46:e9:41:b3:4e:20:d7:1a:82:c3:
ed:db:ca:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaj69AgNdvTWMGBl/7tK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjUwMTAxMTk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNjYWFjMDQ0OThhNzg2ZTYzMTJiM2RiODIxNDljZDk0NTFlZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6chk3txYK5D+ne7/voiIfL5vL7BN
5U82rlSX5je+UBiwhB2vhM9N/ipOU4mikbDYvGNIZAawwJPta0R4X39S7aU7YqCS
SsQ/j9pb80tmGIroWbWi+FPpN236pVUQi2ZIoXw6sCdiQcVmb4q76ayPzsTcxpAJ
cAWTUbIi5KMNuNcxGjOXLz44SLTRqrpQNF7LIcCfewP4FsAX43F1ard9KChFPTZ4
//n5A5Uha6P/i6hpdqc7OAreqg0X9zGlDxc1Ir17HjPIGxauLZB1b/gVVhImK0aq
nNUJfE7g9QTaHEng8RjvpJkLkJnQm8eboClrDpqbJctX9a6xsWPVkd+HKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7MqsBEmKeG5jErPbghSc2UUe2wMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvRHN5cXdFU1lwNGJtTVNzOXVDRkp6WlJSN2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsDo8MA0G
CSqGSIb3DQEBCwUAA4IBAQBHmi6Fu+qbpKuusOcUyOAD19TUxKJbftEEB/LQ3STM
n9K34aFNEj5U0tWKUd3rOEh/J5tamZKt98fA6Tjr5Pkp/jTxxL1vRC/cIxK4C+Ln
Xnghoc+Ml3LLfsCLLjOzvwLAiu0eHngfnyL8ld1/AhKwvsiVqpornW5sKGV6W4X7
9HF5xmiGwHY392I9NKC8ME+o2m2SDrKJmKYWgKFav/WeYUwt2pE2Ba+UwWGOAYgA
7DP8bhDWZGgwt5O/ZTfKBVNR1Dj9ggu4sGEl2QH5DbuZF/Qfds6PiH11pITnUiHs
sSlaHDlkSqe0ou79138B9PMAs0bpQbNOINcagsPt28rs
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:48 2025 by rpki-client