Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/PpOX7ziw2WHfyVTAxrFQ8yxNwpo.roa
File: PpOX7ziw2WHfyVTAxrFQ8yxNwpo.roa (raw, json)
Hash identifier: kla0e9Mbpou3F8Lzn+FGro8ttJ1mAvQmL7wOuecz8CI=
Subject key identifier: 3E:93:97:EF:38:B0:D9:61:DF:C9:54:C0:C6:B1:50:F3:2C:4D:C2:9A
Certificate issuer: /CN=80695eb990427a585cf03b22d805878709c910d2
Certificate serial: 018570B98692D137DFA2ED7540FED3DFC05B
Authority key identifier: 80:69:5E:B9:90:42:7A:58:5C:F0:3B:22:D8:05:87:87:09:C9:10:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGleuZBCelhc8Dsi2AWHhwnJENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/PpOX7ziw2WHfyVTAxrFQ8yxNwpo.roa
Signing time: Mon 02 Jan 2023 04:24:44 +0000
ROA not before: Mon 02 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2.59.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:86:92:d1:37:df:a2:ed:75:40:fe:d3:df:c0:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80695eb990427a585cf03b22d805878709c910d2
Validity
Not Before: Jan 2 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e9397ef38b0d961dfc954c0c6b150f32c4dc29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0d:7b:1f:38:49:cc:c0:88:24:25:c4:02:ac:
99:83:fb:4f:49:69:16:94:f6:1a:0b:c1:05:a1:43:
3f:6c:2f:18:60:b2:5b:21:dc:b8:62:ab:c8:e6:4f:
b0:4a:93:c2:40:d1:43:ed:a0:b1:c3:7e:b6:de:23:
f6:76:54:01:00:52:d6:04:88:e7:39:ae:89:01:83:
b9:0e:49:94:95:40:2a:5b:ce:45:7a:36:b7:c3:58:
02:b6:38:4f:0e:b0:68:50:fa:1e:94:dd:a2:94:45:
76:be:10:16:98:20:44:52:8f:7c:f7:5d:ce:68:4f:
32:6f:0a:75:5f:94:f8:5c:ab:f7:47:a1:88:be:da:
d9:a9:95:cb:de:fb:31:f0:d2:20:86:27:c4:5e:b2:
5c:db:0a:f1:77:3e:77:88:6c:6d:1c:85:58:f0:51:
7a:b7:e5:2e:33:31:8d:3a:ed:a9:0a:65:63:1d:e8:
92:b7:a9:9c:38:27:9f:97:65:05:af:9a:b6:80:6b:
ca:02:e1:c5:a0:6f:20:d4:1c:e2:9a:8d:f6:3c:09:
4b:80:38:14:11:de:31:c6:7b:c9:d5:98:7b:a3:a2:
f8:78:aa:ac:47:d8:2c:ac:b2:be:43:f9:cf:ea:47:
24:6f:7b:4a:35:7d:1d:21:ad:02:65:da:57:ee:b9:
cd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:93:97:EF:38:B0:D9:61:DF:C9:54:C0:C6:B1:50:F3:2C:4D:C2:9A
X509v3 Authority Key Identifier:
keyid:80:69:5E:B9:90:42:7A:58:5C:F0:3B:22:D8:05:87:87:09:C9:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGleuZBCelhc8Dsi2AWHhwnJENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/PpOX7ziw2WHfyVTAxrFQ8yxNwpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/4e4320-c384-4847-b238-ee67a966b092/1/gGleuZBCelhc8Dsi2AWHhwnJENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.128.0/22
Signature Algorithm: sha256WithRSAEncryption
34:ce:1e:a4:9c:8f:33:18:3a:30:b2:01:b8:e6:41:f4:2a:8d:
06:a2:39:a3:80:0c:02:b3:ef:bb:14:03:44:5d:af:c1:d9:37:
d5:91:13:07:5f:73:c2:bf:67:16:ff:e0:fc:91:07:86:a2:b3:
ff:01:fc:cb:ad:f3:96:0a:de:fd:02:2a:fd:c6:97:77:cd:a6:
45:42:72:8f:4c:3e:44:4e:b2:d2:06:21:23:98:a3:12:57:42:
50:c3:80:1b:e1:ea:ce:23:df:86:64:0a:ea:1c:58:94:5e:df:
49:df:48:04:1c:64:cf:7c:24:a2:d8:46:08:8d:52:70:49:ea:
8d:e8:0f:13:29:da:f4:bd:e3:ad:d4:b1:ad:58:08:cb:6a:47:
25:4c:4e:94:10:d9:08:40:7b:f1:9a:e6:ed:71:78:a6:ab:de:
c9:d3:37:e3:5f:e7:60:c0:a7:ec:8f:0f:f5:02:8c:47:c3:e1:
19:b3:48:b5:cd:16:b5:7d:25:33:d8:d4:61:89:cf:0c:f5:14:
8a:26:8f:4b:05:b3:05:0c:1d:e6:04:6f:c3:b1:e4:08:65:31:
52:b4:43:97:19:76:38:bb:c3:d5:e6:11:82:e7:0e:62:4d:c7:
ec:d4:07:bb:51:0f:99:8f:d8:fb:46:61:32:fe:1f:cf:35:31:
56:49:c8:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYaS0Tffou11QP7T38BbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjk1ZWI5OTA0MjdhNTg1Y2YwM2IyMmQ4MDU4Nzg3MDlj
OTEwZDIwHhcNMjMwMTAyMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTkzOTdlZjM4YjBkOTYxZGZjOTU0YzBjNmIxNTBmMzJjNGRjMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg17HzhJzMCIJCXEAqyZg/tPSWkW
lPYaC8EFoUM/bC8YYLJbIdy4YqvI5k+wSpPCQNFD7aCxw3623iP2dlQBAFLWBIjn
Oa6JAYO5DkmUlUAqW85Feja3w1gCtjhPDrBoUPoelN2ilEV2vhAWmCBEUo98913O
aE8ybwp1X5T4XKv3R6GIvtrZqZXL3vsx8NIghifEXrJc2wrxdz53iGxtHIVY8FF6
t+UuMzGNOu2pCmVjHeiSt6mcOCefl2UFr5q2gGvKAuHFoG8g1Bzimo32PAlLgDgU
Ed4xxnvJ1Zh7o6L4eKqsR9gsrLK+Q/nP6kckb3tKNX0dIa0CZdpX7rnNmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6Tl+84sNlh38lUwMaxUPMsTcKaMB8GA1UdIwQY
MBaAFIBpXrmQQnpYXPA7ItgFh4cJyRDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dsZXVaQkNlbGhjOERzaTJBV0hod25KRU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80ZTQzMjAtYzM4NC00ODQ3LWIyMzgt
ZWU2N2E5NjZiMDkyLzEvUHBPWDd6aXcyV0hmeVZUQXhyRlE4eXhOd3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80ZTQzMjAtYzM4NC00ODQ3LWIyMzgtZWU2N2E5NjZiMDky
LzEvZ0dsZXVaQkNlbGhjOERzaTJBV0hod25KRU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjuAMA0G
CSqGSIb3DQEBCwUAA4IBAQA0zh6knI8zGDowsgG45kH0Ko0GojmjgAwCs++7FANE
Xa/B2TfVkRMHX3PCv2cW/+D8kQeGorP/AfzLrfOWCt79Air9xpd3zaZFQnKPTD5E
TrLSBiEjmKMSV0JQw4Ab4erOI9+GZArqHFiUXt9J30gEHGTPfCSi2EYIjVJwSeqN
6A8TKdr0veOt1LGtWAjLakclTE6UENkIQHvxmubtcXimq97J0zfjX+dgwKfsjw/1
AoxHw+EZs0i1zRa1fSUz2NRhic8M9RSKJo9LBbMFDB3mBG/DseQIZTFStEOXGXY4
u8PV5hGC5w5iTcfs1Ae7UQ+Zj9j7RmEy/h/PNTFWScg0
-----END CERTIFICATE-----
Generated at Fri May 9 11:26:53 2025 by rpki-client