Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3e6f96-0cf8-4d66-84ba-b41335b00587/1/iDJMZTn0ZQsbFebdZO8EqvngV-M.roa
File: iDJMZTn0ZQsbFebdZO8EqvngV-M.roa (raw, json)
Hash identifier: DFTmsPgWe97cJSGWeErnYcp9qELmEJE971RJTfF9FUc=
Subject key identifier: 88:32:4C:65:39:F4:65:0B:1B:15:E6:DD:64:EF:04:AA:F9:E0:57:E3
Certificate issuer: /CN=13edf4be313ae1c1be69881e2e4447ef2bf0b196
Certificate serial: 01942521747F36FDE7C8AEA7794CD782DDA8
Authority key identifier: 13:ED:F4:BE:31:3A:E1:C1:BE:69:88:1E:2E:44:47:EF:2B:F0:B1:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-30vjE64cG-aYgeLkRH7yvwsZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/3e6f96-0cf8-4d66-84ba-b41335b00587/1/iDJMZTn0ZQsbFebdZO8EqvngV-M.roa
Signing time: Thu 02 Jan 2025 03:48:56 +0000
ROA not before: Thu 02 Jan 2025 03:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202376
IP address blocks: 2.59.166.0/24 maxlen: 24
2.59.167.0/24 maxlen: 24
2a09:f540::/32 maxlen: 32
2a09:f541::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:74:7f:36:fd:e7:c8:ae:a7:79:4c:d7:82:dd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13edf4be313ae1c1be69881e2e4447ef2bf0b196
Validity
Not Before: Jan 2 03:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88324c6539f4650b1b15e6dd64ef04aaf9e057e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:57:10:63:ef:33:2f:0e:7e:cf:63:1f:75:af:
b9:81:18:49:54:07:04:d7:90:e2:62:3a:2f:31:83:
85:70:e0:dc:7a:90:6d:42:2e:78:2a:9e:f1:e3:92:
60:1c:45:21:51:d2:2e:1e:fa:69:de:43:7c:c7:40:
37:f2:46:f4:62:6e:1b:98:7d:0e:1b:28:d0:25:e0:
fc:38:b1:ee:61:15:c8:01:ee:e5:ce:9a:e8:11:92:
af:46:a9:29:7d:d9:8f:56:8f:cb:d1:d2:69:5f:35:
c3:be:aa:f5:40:c4:58:a7:b8:d8:15:6a:db:be:74:
5f:70:a5:4d:a6:18:b5:d0:f9:da:f4:ed:54:e5:da:
8c:35:a0:ff:52:ad:3f:23:b5:fe:60:9b:a8:4b:08:
1d:78:fb:fd:87:d8:60:02:2c:d8:36:24:3d:21:c6:
3d:6c:9d:b1:28:31:b1:e9:62:f2:2d:9d:70:d5:46:
1d:52:b6:ae:e8:6a:24:f6:7c:a7:67:52:77:68:02:
21:31:51:b2:32:9c:b6:c8:d6:2b:d9:11:01:cd:bb:
03:d0:a3:70:fa:9e:ee:5d:7c:9c:0f:f5:92:65:8c:
74:55:c8:43:1f:62:b4:af:5d:cf:ab:f5:6c:b9:0c:
d0:22:3f:68:ed:07:1c:75:db:35:9c:8b:9b:41:d9:
cc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:32:4C:65:39:F4:65:0B:1B:15:E6:DD:64:EF:04:AA:F9:E0:57:E3
X509v3 Authority Key Identifier:
keyid:13:ED:F4:BE:31:3A:E1:C1:BE:69:88:1E:2E:44:47:EF:2B:F0:B1:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-30vjE64cG-aYgeLkRH7yvwsZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3e6f96-0cf8-4d66-84ba-b41335b00587/1/iDJMZTn0ZQsbFebdZO8EqvngV-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3e6f96-0cf8-4d66-84ba-b41335b00587/1/E-30vjE64cG-aYgeLkRH7yvwsZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.166.0/23
IPv6:
2a09:f540::/31
Signature Algorithm: sha256WithRSAEncryption
91:bc:ea:d7:0f:9e:74:ed:7f:65:69:63:3a:60:e7:c0:67:83:
6e:52:d5:22:98:91:a1:06:5b:3d:f2:46:86:2e:8a:aa:10:1d:
fd:a3:f6:fb:5f:d0:39:d2:89:48:ba:9a:c3:33:ac:6a:a3:fd:
b0:75:81:18:06:56:62:f2:6d:cc:b8:20:b4:1a:ad:0d:7c:e2:
9a:37:b9:23:63:ed:7c:be:86:8a:dc:4b:7d:3b:f2:54:d5:14:
3f:df:11:12:31:cc:93:37:ed:5e:22:eb:6e:1a:20:5a:06:1f:
c9:6e:32:2f:73:60:4a:e6:98:d5:0d:1d:ae:4c:ab:75:d2:5f:
26:3f:aa:2b:39:3f:25:3d:69:95:ac:d7:5b:22:34:cc:9d:25:
18:a1:bc:f9:1c:f4:ae:df:2d:53:84:2e:53:8a:87:eb:be:62:
aa:a0:b0:fb:23:bd:79:f8:e0:ab:1c:16:47:f0:35:e1:c9:8e:
2d:11:b2:29:80:ef:a6:4b:c6:9b:8a:6a:ae:82:0b:f6:19:85:
c2:ca:14:8e:f2:ba:7b:e0:ed:23:4d:fa:59:d7:71:ac:f2:ad:
5e:bf:f2:28:f7:65:63:7f:91:d3:13:cb:c5:31:d7:ba:58:58:
ec:c4:6d:d1:40:25:56:ba:5b:56:ea:73:c1:0c:e5:9a:79:72:
bb:c2:11:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIXR/Nv3nyK6neUzXgt2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWRmNGJlMzEzYWUxYzFiZTY5ODgxZTJlNDQ0N2VmMmJm
MGIxOTYwHhcNMjUwMTAyMDM0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODMyNGM2NTM5ZjQ2NTBiMWIxNWU2ZGQ2NGVmMDRhYWY5ZTA1N2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1cQY+8zLw5+z2Mfda+5gRhJVAcE
15DiYjovMYOFcODcepBtQi54Kp7x45JgHEUhUdIuHvpp3kN8x0A38kb0Ym4bmH0O
GyjQJeD8OLHuYRXIAe7lzproEZKvRqkpfdmPVo/L0dJpXzXDvqr1QMRYp7jYFWrb
vnRfcKVNphi10Pna9O1U5dqMNaD/Uq0/I7X+YJuoSwgdePv9h9hgAizYNiQ9IcY9
bJ2xKDGx6WLyLZ1w1UYdUrau6Gok9nynZ1J3aAIhMVGyMpy2yNYr2REBzbsD0KNw
+p7uXXycD/WSZYx0VchDH2K0r13Pq/VsuQzQIj9o7Qccdds1nIubQdnM3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIgyTGU59GULGxXm3WTvBKr54FfjMB8GA1UdIwQY
MBaAFBPt9L4xOuHBvmmIHi5ER+8r8LGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS0zMHZqRTY0Y0ctYVlnZUxrUkg3eXZ3c1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZTZmOTYtMGNmOC00ZDY2LTg0YmEt
YjQxMzM1YjAwNTg3LzEvaURKTVpUbjBaUXNiRmViZFpPOEVxdm5nVi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZTZmOTYtMGNmOC00ZDY2LTg0YmEtYjQxMzM1YjAwNTg3
LzEvRS0zMHZqRTY0Y0ctYVlnZUxrUkg3eXZ3c1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjumMA0E
AgACMAcDBQEqCfVAMA0GCSqGSIb3DQEBCwUAA4IBAQCRvOrXD5507X9laWM6YOfA
Z4NuUtUimJGhBls98kaGLoqqEB39o/b7X9A50olIuprDM6xqo/2wdYEYBlZi8m3M
uCC0Gq0NfOKaN7kjY+18voaK3Et9O/JU1RQ/3xESMcyTN+1eIutuGiBaBh/JbjIv
c2BK5pjVDR2uTKt10l8mP6orOT8lPWmVrNdbIjTMnSUYobz5HPSu3y1ThC5Tiofr
vmKqoLD7I715+OCrHBZH8DXhyY4tEbIpgO+mS8abimquggv2GYXCyhSO8rp74O0j
TfpZ13Gs8q1ev/Io92Vjf5HTE8vFMde6WFjsxG3RQCVWultW6nPBDOWaeXK7whGR
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:50:29 2025 by rpki-client