Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/gmLFCJhJzSMHke94AG3NczB-ZyY.roa
File: gmLFCJhJzSMHke94AG3NczB-ZyY.roa (raw, json)
Hash identifier: TVt8TYP8ODiIhrt1KC2Sae32touGrNG+bfkWdEFIVsE=
Subject key identifier: 82:62:C5:08:98:49:CD:23:07:91:EF:78:00:6D:CD:73:30:7E:67:26
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 019424B3EC02C2952970075BA115BF96690E
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/gmLFCJhJzSMHke94AG3NczB-ZyY.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208841
IP address blocks: 2.58.204.0/24 maxlen: 24
2.58.205.0/24 maxlen: 24
2.58.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ec:02:c2:95:29:70:07:5b:a1:15:bf:96:69:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8262c5089849cd230791ef78006dcd73307e6726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:83:ea:4c:11:94:37:97:b4:cf:d3:6c:b5:99:
7f:26:ce:07:8b:95:ae:44:18:00:c9:ad:db:28:ec:
0a:38:eb:7c:a1:15:dc:26:9a:e9:2c:4f:ca:bf:cb:
67:05:af:d8:ac:a9:3c:dc:5a:96:ef:b3:12:31:56:
8c:dd:c9:1d:cd:a4:2d:94:2b:0d:a2:76:e3:ed:88:
03:51:1a:e8:04:f5:66:fa:0c:88:a6:84:25:18:a8:
27:9b:a2:77:f6:26:0d:99:4c:ee:7f:11:f0:09:ed:
ac:91:be:f7:79:c4:28:01:ae:39:db:67:eb:0b:5c:
01:23:7b:f9:67:4d:09:bc:bb:ae:5b:57:94:6c:c1:
3d:e7:7a:00:89:2b:b1:a5:84:82:4b:ff:b5:67:af:
7c:62:e2:91:28:6c:6c:43:4e:b0:44:ec:ba:1c:43:
af:59:f2:91:2b:f2:33:d6:76:43:e9:4a:d7:5e:e1:
a5:32:59:c9:bd:1d:2e:68:61:12:ce:d0:31:14:6c:
24:4e:a0:b4:a7:6d:a2:70:f4:eb:13:71:05:6e:21:
3e:0c:c2:3e:12:af:b5:96:f4:38:5d:8c:fa:1f:78:
54:7a:83:a8:5f:1b:2f:82:c8:74:42:bc:82:c7:e6:
ad:24:2f:a2:9a:af:6a:b7:14:47:ea:e9:fa:a2:03:
62:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:62:C5:08:98:49:CD:23:07:91:EF:78:00:6D:CD:73:30:7E:67:26
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/gmLFCJhJzSMHke94AG3NczB-ZyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.204.0/23
2.58.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:87:44:08:ee:7b:a5:00:8e:d8:c2:30:18:6a:c9:59:5a:d2:
8a:7b:98:63:fa:83:9c:13:72:ef:f6:13:64:c8:e3:13:db:fd:
c4:2c:8e:cc:de:b4:cb:4d:0a:27:c0:8f:95:e5:f8:71:35:f5:
e8:06:c3:57:5c:e7:73:19:78:6f:92:dc:86:57:13:d9:42:21:
4d:a5:31:2a:fa:34:a2:f0:15:ee:5d:d4:96:88:24:f1:f1:e3:
ad:98:63:12:53:8f:19:f8:bf:ea:94:6a:19:02:2a:37:ca:eb:
c2:38:84:3c:00:4f:41:ee:91:a7:49:02:2d:02:41:90:62:dd:
a4:46:f8:22:d2:36:7d:8a:f6:66:f9:94:8f:72:f9:44:80:f0:
55:e4:d3:22:bf:20:ad:da:ff:37:e9:61:42:64:85:cc:68:49:
0d:70:c6:5e:e2:3f:09:39:08:cb:34:a5:17:58:65:04:ec:92:
74:8c:a6:45:99:96:39:fe:8b:16:1e:5d:35:54:f0:63:57:47:
61:0d:9a:2f:01:c6:24:ae:2d:b3:d6:f5:36:4d:cf:dd:f9:f7:
dc:21:bb:e4:9d:3d:c1:5e:d0:5d:04:97:cd:bc:9a:98:12:10:
eb:71:4d:2c:62:1e:90:f6:30:cf:2d:e8:6d:6c:e8:4a:d2:b2:
dd:c9:60:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks+wCwpUpcAdboRW/lmkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjYyYzUwODk4NDljZDIzMDc5MWVmNzgwMDZkY2Q3MzMwN2U2NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4PqTBGUN5e0z9NstZl/Js4Hi5Wu
RBgAya3bKOwKOOt8oRXcJprpLE/Kv8tnBa/YrKk83FqW77MSMVaM3ckdzaQtlCsN
onbj7YgDURroBPVm+gyIpoQlGKgnm6J39iYNmUzufxHwCe2skb73ecQoAa4522fr
C1wBI3v5Z00JvLuuW1eUbME953oAiSuxpYSCS/+1Z698YuKRKGxsQ06wROy6HEOv
WfKRK/Iz1nZD6UrXXuGlMlnJvR0uaGESztAxFGwkTqC0p22icPTrE3EFbiE+DMI+
Eq+1lvQ4XYz6H3hUeoOoXxsvgsh0QryCx+atJC+imq9qtxRH6un6ogNiJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIJixQiYSc0jB5HveABtzXMwfmcmMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvZ21MRkNKaEp6U01Ia2U5NEFHM05jekItWnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjrMAwQA
AjrPMA0GCSqGSIb3DQEBCwUAA4IBAQCPh0QI7nulAI7YwjAYaslZWtKKe5hj+oOc
E3Lv9hNkyOMT2/3ELI7M3rTLTQonwI+V5fhxNfXoBsNXXOdzGXhvktyGVxPZQiFN
pTEq+jSi8BXuXdSWiCTx8eOtmGMSU48Z+L/qlGoZAio3yuvCOIQ8AE9B7pGnSQIt
AkGQYt2kRvgi0jZ9ivZm+ZSPcvlEgPBV5NMivyCt2v836WFCZIXMaEkNcMZe4j8J
OQjLNKUXWGUE7JJ0jKZFmZY5/osWHl01VPBjV0dhDZovAcYkri2z1vU2Tc/d+ffc
IbvknT3BXtBdBJfNvJqYEhDrcU0sYh6Q9jDPLehtbOhK0rLdyWA6
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:24 2025 by rpki-client