Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/951bce-2850-4943-8f00-db2c57f4ef16/1/TJKRQbRuvDSDZyucPaqU760l18U.roa
File: TJKRQbRuvDSDZyucPaqU760l18U.roa (raw, json)
Hash identifier: gKuY1GA/NcHekZckeHEZ/7H1szBu0AiOQJ9VIhFkajs=
Subject key identifier: 4C:92:91:41:B4:6E:BC:34:83:67:2B:9C:3D:AA:94:EF:AD:25:D7:C5
Certificate issuer: /CN=90fc2c12ea17021ba8ace0621897f0856dac2559
Certificate serial: 0194236A4DDABD2FB66BF8AF8F7D8281799D
Authority key identifier: 90:FC:2C:12:EA:17:02:1B:A8:AC:E0:62:18:97:F0:85:6D:AC:25:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPwsEuoXAhuorOBiGJfwhW2sJVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/951bce-2850-4943-8f00-db2c57f4ef16/1/TJKRQbRuvDSDZyucPaqU760l18U.roa
Signing time: Wed 01 Jan 2025 19:49:16 +0000
ROA not before: Wed 01 Jan 2025 19:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41436
IP address blocks: 2.59.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4d:da:bd:2f:b6:6b:f8:af:8f:7d:82:81:79:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90fc2c12ea17021ba8ace0621897f0856dac2559
Validity
Not Before: Jan 1 19:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c929141b46ebc3483672b9c3daa94efad25d7c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:76:4b:8e:02:f4:79:af:b2:63:08:89:d9:
00:6c:e4:33:63:5f:ff:fe:a6:9d:1e:40:d3:e8:95:
cd:da:ee:23:6f:a0:a4:51:42:13:c2:cb:10:f7:69:
73:ac:fa:dc:8b:5b:1e:18:fd:5c:cf:20:a8:cf:87:
46:32:5a:b2:c4:50:bd:32:aa:ef:ec:9f:8e:d1:9e:
6d:4c:aa:6c:c2:5c:ac:b8:42:9a:03:d6:ee:36:6c:
94:02:e0:8e:2e:e8:98:66:d6:92:6a:e7:5e:20:0f:
fa:8c:89:80:d4:4a:75:cc:fc:b4:5b:17:e5:3f:1c:
da:9c:3b:86:87:e8:f8:4b:ca:83:60:be:86:ca:e1:
5b:60:96:97:8e:46:0c:da:ab:cb:5b:10:2c:25:1f:
7c:0c:e7:f7:d5:ac:bc:f3:5b:1e:1a:93:34:d6:08:
9f:b3:2b:1a:6f:ac:a3:4d:9c:a6:af:6e:a5:e8:27:
12:da:c5:df:d8:82:32:1a:94:92:8a:67:23:42:2e:
85:7d:9a:fc:88:85:4f:1e:3f:44:61:f1:f5:4d:d9:
ea:58:b6:4e:cd:d6:37:c4:ec:a9:da:f6:8d:31:05:
20:35:22:3d:c2:1b:c1:55:72:17:eb:d5:64:67:ef:
23:44:46:88:18:f2:97:a1:5b:4d:45:ab:e5:d9:07:
92:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:92:91:41:B4:6E:BC:34:83:67:2B:9C:3D:AA:94:EF:AD:25:D7:C5
X509v3 Authority Key Identifier:
keyid:90:FC:2C:12:EA:17:02:1B:A8:AC:E0:62:18:97:F0:85:6D:AC:25:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPwsEuoXAhuorOBiGJfwhW2sJVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/951bce-2850-4943-8f00-db2c57f4ef16/1/TJKRQbRuvDSDZyucPaqU760l18U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/951bce-2850-4943-8f00-db2c57f4ef16/1/kPwsEuoXAhuorOBiGJfwhW2sJVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.118.0/24
Signature Algorithm: sha256WithRSAEncryption
95:db:d9:b0:5d:39:57:8d:de:c3:41:20:71:7a:d0:c5:53:7d:
c3:4e:29:ca:7a:6a:3d:10:5d:8a:81:f4:4d:f3:16:01:06:22:
43:3d:7f:da:34:53:ab:c1:66:6d:32:67:41:d9:a2:ad:bb:01:
ab:70:dc:f8:e0:82:d0:1f:51:a7:7c:0d:90:81:b4:0b:b0:27:
ac:8d:ba:24:35:21:24:07:30:19:49:49:f6:2a:7d:1b:e0:5c:
14:8e:d4:ea:6d:50:e3:c0:eb:0d:95:39:8e:61:d3:0b:fa:aa:
74:23:52:ae:ce:25:d1:60:e8:5f:aa:9c:33:59:af:cf:62:83:
38:41:1e:59:f2:49:b6:aa:43:ca:9f:ef:7b:e5:18:e2:79:4a:
15:fc:e4:e9:11:53:ba:96:44:d3:bc:a6:b8:a0:e0:35:0a:77:
75:ce:a6:9b:4d:82:27:4c:9a:db:a8:93:8f:ec:62:ff:a7:c9:
e6:d0:db:be:0b:52:e8:da:b3:56:81:52:f4:5c:78:14:71:7a:
66:14:b2:62:fe:c2:a1:d6:27:bd:0f:d5:56:df:bb:8a:1d:b2:
74:bf:b7:ee:23:18:8c:ce:14:67:8d:c4:6f:94:9d:5b:e7:6b:
24:68:2a:f3:06:69:38:9a:17:30:67:bd:e1:2a:98:d7:62:0e:
c6:8c:75:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjak3avS+2a/ivj32CgXmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZmMyYzEyZWExNzAyMWJhOGFjZTA2MjE4OTdmMDg1NmRh
YzI1NTkwHhcNMjUwMTAxMTk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzkyOTE0MWI0NmViYzM0ODM2NzJiOWMzZGFhOTRlZmFkMjVkN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujt2S44C9HmvsmMIidkAbOQzY1//
/qadHkDT6JXN2u4jb6CkUUITwssQ92lzrPrci1seGP1czyCoz4dGMlqyxFC9Mqrv
7J+O0Z5tTKpswlysuEKaA9buNmyUAuCOLuiYZtaSaudeIA/6jImA1Ep1zPy0Wxfl
PxzanDuGh+j4S8qDYL6GyuFbYJaXjkYM2qvLWxAsJR98DOf31ay881seGpM01gif
sysab6yjTZymr26l6CcS2sXf2IIyGpSSimcjQi6FfZr8iIVPHj9EYfH1TdnqWLZO
zdY3xOyp2vaNMQUgNSI9whvBVXIX69VkZ+8jREaIGPKXoVtNRavl2QeSHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEySkUG0brw0g2crnD2qlO+tJdfFMB8GA1UdIwQY
MBaAFJD8LBLqFwIbqKzgYhiX8IVtrCVZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1B3c0V1b1hBaHVvck9CaUdKZndoVzJzSlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85NTFiY2UtMjg1MC00OTQzLThmMDAt
ZGIyYzU3ZjRlZjE2LzEvVEpLUlFiUnV2RFNEWnl1Y1BhcVU3NjBsMThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85NTFiY2UtMjg1MC00OTQzLThmMDAtZGIyYzU3ZjRlZjE2
LzEva1B3c0V1b1hBaHVvck9CaUdKZndoVzJzSlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjt2MA0G
CSqGSIb3DQEBCwUAA4IBAQCV29mwXTlXjd7DQSBxetDFU33DTinKemo9EF2KgfRN
8xYBBiJDPX/aNFOrwWZtMmdB2aKtuwGrcNz44ILQH1GnfA2QgbQLsCesjbokNSEk
BzAZSUn2Kn0b4FwUjtTqbVDjwOsNlTmOYdML+qp0I1KuziXRYOhfqpwzWa/PYoM4
QR5Z8km2qkPKn+975RjieUoV/OTpEVO6lkTTvKa4oOA1Cnd1zqabTYInTJrbqJOP
7GL/p8nm0Nu+C1Lo2rNWgVL0XHgUcXpmFLJi/sKh1ie9D9VW37uKHbJ0v7fuIxiM
zhRnjcRvlJ1b52skaCrzBmk4mhcwZ73hKpjXYg7GjHWS
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:26 2025 by rpki-client