Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/JWj3tKr92iI3FArqDOi_l0a6z3c.roa
File: JWj3tKr92iI3FArqDOi_l0a6z3c.roa (raw, json)
Hash identifier: PIFJg53roplWC6728OyiOXz2XLCQXC6KqsHlKbYH+/U=
Subject key identifier: 25:68:F7:B4:AA:FD:DA:22:37:14:0A:EA:0C:E8:BF:97:46:BA:CF:77
Certificate issuer: /CN=eaeea20bbbdb9a5d1cdc7114e2af518e76b1426e
Certificate serial: 0185707065182E2F931BF573825831A9619E
Authority key identifier: EA:EE:A2:0B:BB:DB:9A:5D:1C:DC:71:14:E2:AF:51:8E:76:B1:42:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6u6iC7vbml0c3HEU4q9RjnaxQm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/JWj3tKr92iI3FArqDOi_l0a6z3c.roa
Signing time: Mon 02 Jan 2023 03:04:52 +0000
ROA not before: Mon 02 Jan 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2.57.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:65:18:2e:2f:93:1b:f5:73:82:58:31:a9:61:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaeea20bbbdb9a5d1cdc7114e2af518e76b1426e
Validity
Not Before: Jan 2 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2568f7b4aafdda2237140aea0ce8bf9746bacf77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:08:ab:03:7b:cc:c2:b3:f6:dd:4e:11:e7:bb:
b5:1f:cb:9f:e5:be:3e:5a:ba:a6:68:29:6f:b1:f9:
07:fe:ea:cc:56:92:a2:a8:6e:8f:56:20:ce:0a:c5:
56:1f:b2:65:d8:80:e8:17:9f:57:96:92:4d:0c:ee:
e0:db:9e:80:ce:65:0d:af:39:03:72:1e:62:c2:c4:
c2:52:45:3c:5e:ab:b6:81:b8:0d:ec:cb:a4:e7:d3:
7d:c4:02:85:38:63:01:7f:ed:3f:c6:61:2a:33:60:
53:73:0b:04:e5:10:c7:6d:c8:a7:0b:8a:c1:fa:e8:
6e:43:99:a4:cb:2e:54:61:a0:51:c9:a8:22:fb:35:
6c:e4:d6:6e:c0:0e:97:91:3f:95:9a:35:f7:94:d0:
ce:8f:86:df:f3:08:ce:c0:77:85:73:67:28:32:65:
24:b5:0a:d1:a2:2e:f9:ce:1a:03:70:bb:09:7c:b4:
7e:33:1e:80:e7:f0:b3:86:70:a7:25:45:93:a5:04:
a0:e3:12:17:79:a6:28:5e:0b:fb:f0:ce:eb:44:37:
41:57:1a:06:b0:ab:f1:55:9d:84:f0:fc:e8:9d:15:
46:cd:0a:04:d8:92:66:24:46:65:2c:7c:15:59:6b:
ba:29:a8:ca:7d:6a:65:c2:5e:66:cd:37:31:c5:2a:
9b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:68:F7:B4:AA:FD:DA:22:37:14:0A:EA:0C:E8:BF:97:46:BA:CF:77
X509v3 Authority Key Identifier:
keyid:EA:EE:A2:0B:BB:DB:9A:5D:1C:DC:71:14:E2:AF:51:8E:76:B1:42:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6u6iC7vbml0c3HEU4q9RjnaxQm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/JWj3tKr92iI3FArqDOi_l0a6z3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/6u6iC7vbml0c3HEU4q9RjnaxQm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:83:bd:5b:f1:04:8a:89:27:bf:3c:1a:5f:c1:d6:21:6d:f7:
07:ef:96:4f:ee:5e:d8:0c:53:59:b5:21:39:c3:9a:10:23:65:
b3:a1:57:a6:42:8b:65:9c:70:9b:84:5f:ae:1a:d3:a5:e1:7b:
de:2a:b0:40:21:28:d6:76:46:b7:4c:52:2a:5e:fc:3f:8e:b9:
99:60:09:e2:4b:48:00:38:a9:26:ba:1d:86:1f:07:b4:1b:04:
23:7e:fb:c3:bd:4a:d6:7d:36:bc:97:44:fb:10:9c:69:cb:e0:
b6:bf:23:09:58:81:dd:5a:d7:e9:fa:95:71:08:34:e0:a6:50:
88:2f:7a:26:dd:d0:4e:33:11:fb:af:97:60:a3:2f:2e:f9:05:
f6:6a:f3:d9:d9:78:43:7c:8c:cc:16:35:fa:4e:57:44:08:63:
5b:f9:ed:bb:44:76:7f:1d:3e:17:93:ab:5c:e6:b8:ef:f7:c2:
b6:0a:b6:c3:25:99:37:69:fd:75:c0:23:1e:37:ec:cb:f9:b8:
d7:8f:6e:5a:5a:3e:e9:00:be:a2:74:d7:b2:46:37:d0:ba:ea:
c9:85:23:e4:33:8d:77:a2:aa:fb:f9:c9:b2:c3:0f:52:42:e1:
d8:5a:c0:6a:51:1c:87:00:95:a6:fb:cf:2e:69:7b:d2:6f:1e:
81:50:4b:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcGUYLi+TG/VzglgxqWGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZWVhMjBiYmJkYjlhNWQxY2RjNzExNGUyYWY1MThlNzZi
MTQyNmUwHhcNMjMwMTAyMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY4ZjdiNGFhZmRkYTIyMzcxNDBhZWEwY2U4YmY5NzQ2YmFjZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAirA3vMwrP23U4R57u1H8uf5b4+
WrqmaClvsfkH/urMVpKiqG6PViDOCsVWH7Jl2IDoF59XlpJNDO7g256AzmUNrzkD
ch5iwsTCUkU8Xqu2gbgN7Muk59N9xAKFOGMBf+0/xmEqM2BTcwsE5RDHbcinC4rB
+uhuQ5mkyy5UYaBRyagi+zVs5NZuwA6XkT+VmjX3lNDOj4bf8wjOwHeFc2coMmUk
tQrRoi75zhoDcLsJfLR+Mx6A5/CzhnCnJUWTpQSg4xIXeaYoXgv78M7rRDdBVxoG
sKvxVZ2E8PzonRVGzQoE2JJmJEZlLHwVWWu6KajKfWplwl5mzTcxxSqbWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVo97Sq/doiNxQK6gzov5dGus93MB8GA1UdIwQY
MBaAFOruogu725pdHNxxFOKvUY52sUJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnU2aUM3dmJtbDBjM0hFVTRxOVJqbmF4UW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83ZGY4NTktMjg1MS00M2MzLWEzMmIt
YWIwNDcyMDkzMGNmLzEvSldqM3RLcjkyaUkzRkFycURPaV9sMGE2ejNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83ZGY4NTktMjg1MS00M2MzLWEzMmItYWIwNDcyMDkzMGNm
LzEvNnU2aUM3dmJtbDBjM0hFVTRxOVJqbmF4UW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkMMA0G
CSqGSIb3DQEBCwUAA4IBAQCjg71b8QSKiSe/PBpfwdYhbfcH75ZP7l7YDFNZtSE5
w5oQI2WzoVemQotlnHCbhF+uGtOl4XveKrBAISjWdka3TFIqXvw/jrmZYAniS0gA
OKkmuh2GHwe0GwQjfvvDvUrWfTa8l0T7EJxpy+C2vyMJWIHdWtfp+pVxCDTgplCI
L3om3dBOMxH7r5dgoy8u+QX2avPZ2XhDfIzMFjX6TldECGNb+e27RHZ/HT4Xk6tc
5rjv98K2CrbDJZk3af11wCMeN+zL+bjXj25aWj7pAL6idNeyRjfQuurJhSPkM413
oqr7+cmyww9SQuHYWsBqURyHAJWm+88uaXvSbx6BUEu+
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:10:49 2025 by rpki-client