Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/1O4zkVBVig8F7COAsN-sUpWsTM4.roa
File: 1O4zkVBVig8F7COAsN-sUpWsTM4.roa (raw, json)
Hash identifier: UeOg+bXAIJZiyn+QoxcIAD0DJymcNjQ1DzPfdZOlyP8=
Subject key identifier: D4:EE:33:91:50:55:8A:0F:05:EC:23:80:B0:DF:AC:52:95:AC:4C:CE
Certificate issuer: /CN=c3623ffbcd2d81f7b379fab425736514a9c8bf53
Certificate serial: 0193717A24373C4AED09E3D5768208615B8A
Authority key identifier: C3:62:3F:FB:CD:2D:81:F7:B3:79:FA:B4:25:73:65:14:A9:C8:BF:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w2I_-80tgfezefq0JXNlFKnIv1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/1O4zkVBVig8F7COAsN-sUpWsTM4.roa
Signing time: Thu 28 Nov 2024 06:34:10 +0000
ROA not before: Thu 28 Nov 2024 06:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35820
IP address blocks: 139.28.132.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:7a:24:37:3c:4a:ed:09:e3:d5:76:82:08:61:5b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3623ffbcd2d81f7b379fab425736514a9c8bf53
Validity
Not Before: Nov 28 06:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4ee339150558a0f05ec2380b0dfac5295ac4cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:75:12:08:e1:2a:ad:e1:17:0b:e9:72:51:
eb:a2:8e:6b:2a:5c:be:3c:ee:69:de:d7:b4:00:56:
6a:6f:f7:ff:27:ee:98:b8:8b:18:d8:40:26:3b:fc:
e1:b4:78:85:98:8e:5f:25:46:74:e5:44:c9:9c:30:
7f:90:63:ea:2c:b0:66:48:a0:0b:23:28:46:c6:a3:
ad:83:ea:d3:cf:93:5a:01:45:ab:63:50:12:26:52:
b1:90:af:23:55:ff:0b:c3:79:84:72:48:eb:fa:c6:
c5:91:29:bf:02:f3:82:bf:4b:ba:14:38:26:bd:13:
a2:76:bd:df:3c:cc:f2:5f:b8:2e:7f:1f:d0:f8:10:
4a:d1:97:96:a6:5d:3b:91:31:43:1c:07:da:c1:97:
53:4f:53:ca:a1:7d:b2:ee:12:7d:97:41:d6:1c:22:
55:f8:dd:67:ff:fe:76:4a:4b:97:9e:ed:45:70:e8:
ed:96:59:ea:77:c8:a1:b7:e3:08:38:79:77:26:35:
00:16:1b:cb:b7:71:a7:79:ac:7e:39:4f:a7:88:de:
3d:70:40:82:77:b9:75:00:2b:49:c7:16:d4:5b:13:
b0:89:c4:3d:53:1e:c9:11:3b:52:bf:72:aa:9a:eb:
2a:4d:3b:d3:94:72:a9:ce:c5:9f:11:4a:30:10:07:
8a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EE:33:91:50:55:8A:0F:05:EC:23:80:B0:DF:AC:52:95:AC:4C:CE
X509v3 Authority Key Identifier:
keyid:C3:62:3F:FB:CD:2D:81:F7:B3:79:FA:B4:25:73:65:14:A9:C8:BF:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w2I_-80tgfezefq0JXNlFKnIv1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/1O4zkVBVig8F7COAsN-sUpWsTM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/w2I_-80tgfezefq0JXNlFKnIv1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.132.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:98:f8:b4:3f:58:47:7a:49:6d:e7:f1:f2:27:b0:60:db:4e:
ec:73:e7:f2:e7:a0:0c:5d:fe:9e:b7:de:b8:f5:ed:b2:16:7f:
bd:ce:d2:ea:28:4e:06:c2:c5:bc:99:9f:e6:20:f6:4c:f1:28:
33:39:61:e4:51:90:dc:5f:8d:8c:61:77:26:52:b2:5f:de:66:
89:7a:4d:b2:55:5b:d1:dc:da:94:b3:ab:eb:c9:e7:8b:d9:07:
a4:08:6c:38:fa:af:7a:9b:47:1a:ee:90:18:40:41:2b:a3:d3:
42:da:3e:d8:f9:ab:c3:55:ed:63:6e:48:be:24:e0:a3:12:64:
e6:61:25:09:d9:65:79:1c:e2:97:9e:d3:d5:48:b3:4e:db:71:
a0:ef:ed:17:b8:31:22:cd:e8:a5:3c:9b:9d:79:16:6f:b1:d7:
be:0e:9b:d1:ed:93:f7:35:3b:05:f6:aa:ce:79:23:e2:63:b9:
db:04:00:66:59:f3:a2:76:8c:03:2f:03:33:cd:35:b9:2c:86:
73:35:e7:44:fa:57:3f:5a:d3:81:cc:76:41:80:c4:30:d4:a7:
0f:7d:a2:cb:9f:69:3a:d5:b3:af:a4:e0:8a:f4:a8:3e:94:33:
53:99:e7:f3:74:43:f9:d5:12:a6:a2:0f:90:b0:aa:35:5a:d4:
23:ad:da:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNxeiQ3PErtCePVdoIIYVuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNjIzZmZiY2QyZDgxZjdiMzc5ZmFiNDI1NzM2NTE0YTlj
OGJmNTMwHhcNMjQxMTI4MDYzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVlMzM5MTUwNTU4YTBmMDVlYzIzODBiMGRmYWM1Mjk1YWM0Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEN1EgjhKq3hFwvpclHroo5rKly+
PO5p3te0AFZqb/f/J+6YuIsY2EAmO/zhtHiFmI5fJUZ05UTJnDB/kGPqLLBmSKAL
IyhGxqOtg+rTz5NaAUWrY1ASJlKxkK8jVf8Lw3mEckjr+sbFkSm/AvOCv0u6FDgm
vROidr3fPMzyX7gufx/Q+BBK0ZeWpl07kTFDHAfawZdTT1PKoX2y7hJ9l0HWHCJV
+N1n//52SkuXnu1FcOjtllnqd8iht+MIOHl3JjUAFhvLt3Gneax+OU+niN49cECC
d7l1ACtJxxbUWxOwicQ9Ux7JETtSv3KqmusqTTvTlHKpzsWfEUowEAeKXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTuM5FQVYoPBewjgLDfrFKVrEzOMB8GA1UdIwQY
MBaAFMNiP/vNLYH3s3n6tCVzZRSpyL9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzJJXy04MHRnZmV6ZWZxMEpYTmxGS25JdjFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NGUxOWMtM2VmMy00ZmJiLTg1YWUt
ZTZjNjAwMzIyMDhjLzEvMU80emtWQlZpZzhGN0NPQXNOLXNVcFdzVE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NGUxOWMtM2VmMy00ZmJiLTg1YWUtZTZjNjAwMzIyMDhj
LzEvdzJJXy04MHRnZmV6ZWZxMEpYTmxGS25JdjFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixyEMA0G
CSqGSIb3DQEBCwUAA4IBAQCnmPi0P1hHeklt5/HyJ7Bg207sc+fy56AMXf6et964
9e2yFn+9ztLqKE4GwsW8mZ/mIPZM8SgzOWHkUZDcX42MYXcmUrJf3maJek2yVVvR
3NqUs6vryeeL2QekCGw4+q96m0ca7pAYQEEro9NC2j7Y+avDVe1jbki+JOCjEmTm
YSUJ2WV5HOKXntPVSLNO23Gg7+0XuDEizeilPJudeRZvsde+DpvR7ZP3NTsF9qrO
eSPiY7nbBABmWfOidowDLwMzzTW5LIZzNedE+lc/WtOBzHZBgMQw1KcPfaLLn2k6
1bOvpOCK9Kg+lDNTmefzdEP51RKmog+QsKo1WtQjrdp7
-----END CERTIFICATE-----
Generated at Wed May 7 22:53:24 2025 by rpki-client