Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/N2pXldcv0rTYfGOpDpYjT5TQU24.roa
File: N2pXldcv0rTYfGOpDpYjT5TQU24.roa (raw, json)
Hash identifier: z6kQ5XGbE4K+4NsazpN96HiiAsN4gmVzKwU1eBKucVw=
Subject key identifier: 37:6A:57:95:D7:2F:D2:B4:D8:7C:63:A9:0E:96:23:4F:94:D0:53:6E
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 01941F8C99FE896C1BDAA4E8B834D1F6DC27
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/N2pXldcv0rTYfGOpDpYjT5TQU24.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212043
IP address blocks: 5.59.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:99:fe:89:6c:1b:da:a4:e8:b8:34:d1:f6:dc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=376a5795d72fd2b4d87c63a90e96234f94d0536e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:19:4f:5b:ec:0a:d9:1f:27:8d:04:b8:17:ed:
4b:cd:ac:83:27:ad:44:93:32:b3:cc:e6:ce:49:6b:
e9:f5:1b:c9:4b:91:83:c3:d8:92:cc:ce:fd:4c:61:
32:66:23:ba:ec:77:0e:12:88:f9:b6:6d:2f:f3:d9:
8e:aa:17:1f:3d:62:0d:1d:cf:0e:51:5b:76:f9:5d:
31:2c:d6:d2:25:d8:cf:fc:50:ec:22:f9:49:03:9d:
0c:de:c1:81:2a:2e:00:84:20:51:da:39:84:57:d1:
c8:e5:d2:79:fd:d3:03:de:0b:cd:54:31:d6:19:49:
65:3f:39:08:58:05:31:5c:71:13:ee:75:73:7c:ae:
59:6b:24:22:1f:58:09:6b:6f:58:49:c4:74:73:0a:
0e:5f:e5:14:c1:c1:f5:8f:e1:a1:bc:65:02:2e:37:
a8:dd:19:59:bf:50:a9:dd:79:96:0e:fb:23:33:aa:
5e:89:d7:e3:7b:82:c1:a8:aa:f2:65:90:4d:00:e8:
23:33:13:a6:3d:f6:f5:d6:1f:f5:96:ed:95:a5:20:
cd:4f:44:64:da:88:56:4d:04:97:30:0d:5e:d2:d2:
0c:34:cf:8c:be:12:6c:91:9d:50:3d:94:5a:70:76:
73:4a:8c:eb:1f:da:1b:eb:52:c9:28:ff:be:8b:46:
f0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6A:57:95:D7:2F:D2:B4:D8:7C:63:A9:0E:96:23:4F:94:D0:53:6E
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/N2pXldcv0rTYfGOpDpYjT5TQU24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.240.0/24
Signature Algorithm: sha256WithRSAEncryption
35:cb:84:bc:8d:09:ee:da:0a:48:ae:48:66:ed:46:3a:9e:2e:
7c:d1:c1:f1:01:7c:f5:29:06:f6:5c:41:79:f1:0d:3f:fb:77:
95:43:b1:2a:78:98:b8:99:41:67:51:30:f2:7e:16:b1:08:9d:
b6:cd:47:71:a5:13:f0:d9:44:69:ba:86:35:fb:aa:64:1c:5d:
2f:fe:36:16:c1:af:c3:58:a9:81:e7:d2:d3:71:cc:9d:18:38:
a9:a0:00:2c:62:3e:26:af:e0:01:23:77:56:58:70:18:9c:7d:
e1:8c:43:06:b5:f4:e0:10:45:87:e2:a8:79:b6:5d:bb:ef:36:
86:50:1d:86:82:54:b5:21:76:5e:7b:1c:fe:6c:cd:11:e4:96:
b4:4c:df:f2:39:2f:ab:82:f5:61:ad:21:df:c9:93:a9:4b:c1:
05:e1:5d:74:b6:3d:9e:b0:5b:ed:a8:31:55:91:d3:f0:5c:aa:
bd:1b:43:49:a2:8b:16:ab:39:9e:83:ed:fc:c6:64:18:f4:5c:
7e:7c:d1:1e:80:93:ff:85:c1:77:16:f0:df:22:60:c9:31:5a:
14:e7:27:ff:37:56:e9:02:06:7b:b4:9b:c9:ba:0d:65:7f:98:
5d:b6:50:ee:a3:29:b8:08:8b:4c:59:b4:9f:aa:aa:04:b7:fa:
22:7b:be:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJn+iWwb2qTouDTR9twnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzZhNTc5NWQ3MmZkMmI0ZDg3YzYzYTkwZTk2MjM0Zjk0ZDA1MzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hlPW+wK2R8njQS4F+1LzayDJ61E
kzKzzObOSWvp9RvJS5GDw9iSzM79TGEyZiO67HcOEoj5tm0v89mOqhcfPWINHc8O
UVt2+V0xLNbSJdjP/FDsIvlJA50M3sGBKi4AhCBR2jmEV9HI5dJ5/dMD3gvNVDHW
GUllPzkIWAUxXHET7nVzfK5ZayQiH1gJa29YScR0cwoOX+UUwcH1j+GhvGUCLjeo
3RlZv1Cp3XmWDvsjM6peidfje4LBqKryZZBNAOgjMxOmPfb11h/1lu2VpSDNT0Rk
2ohWTQSXMA1e0tIMNM+MvhJskZ1QPZRacHZzSozrH9ob61LJKP++i0bwGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdqV5XXL9K02HxjqQ6WI0+U0FNuMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvTjJwWGxkY3YwclRZZkdPcERwWWpUNVRRVTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTvwMA0G
CSqGSIb3DQEBCwUAA4IBAQA1y4S8jQnu2gpIrkhm7UY6ni580cHxAXz1KQb2XEF5
8Q0/+3eVQ7EqeJi4mUFnUTDyfhaxCJ22zUdxpRPw2URpuoY1+6pkHF0v/jYWwa/D
WKmB59LTccydGDipoAAsYj4mr+ABI3dWWHAYnH3hjEMGtfTgEEWH4qh5tl277zaG
UB2GglS1IXZeexz+bM0R5Ja0TN/yOS+rgvVhrSHfyZOpS8EF4V10tj2esFvtqDFV
kdPwXKq9G0NJoosWqzmeg+38xmQY9Fx+fNEegJP/hcF3FvDfImDJMVoU5yf/N1bp
AgZ7tJvJug1lf5hdtlDuoym4CItMWbSfqqoEt/oie76L
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:29 2025 by rpki-client