Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/CMn4uH6KlEhkSqK8-l2DKHQrXs4.roa
File: CMn4uH6KlEhkSqK8-l2DKHQrXs4.roa (raw, json)
Hash identifier: 6ZU9koUY22NXHlzyXCqjTDAGz3Mr99KQWc6UMKZWNds=
Subject key identifier: 08:C9:F8:B8:7E:8A:94:48:64:4A:A2:BC:FA:5D:83:28:74:2B:5E:CE
Certificate issuer: /CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Certificate serial: 0185707055DBC93263739310BA4D61585E36
Authority key identifier: C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/CMn4uH6KlEhkSqK8-l2DKHQrXs4.roa
Signing time: Mon 02 Jan 2023 03:04:48 +0000
ROA not before: Mon 02 Jan 2023 03:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 5.28.192.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:55:db:c9:32:63:73:93:10:ba:4d:61:58:5e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Validity
Not Before: Jan 2 03:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08c9f8b87e8a9448644aa2bcfa5d8328742b5ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8d:59:05:d0:7c:12:d6:97:9a:15:f4:16:4f:
2e:dd:05:c4:b2:94:26:73:92:25:92:86:a3:b3:05:
1d:88:b2:27:90:53:19:46:4d:a8:a6:e7:64:cc:f9:
dc:c8:27:43:49:b1:56:58:3b:11:9f:b8:3d:a7:5d:
15:b2:30:6f:7a:ab:8b:bc:48:88:06:ee:c7:6f:f2:
0f:79:1b:eb:b7:11:62:3d:61:79:03:22:3f:2b:d4:
16:04:3a:47:6d:d1:d4:db:3a:2d:4d:bf:e3:21:aa:
22:b0:fe:91:a4:5a:d3:fb:47:0d:eb:c1:cb:c7:9b:
c8:13:4d:2d:c1:6c:0e:97:f6:73:e1:ff:99:72:b4:
ed:f5:cb:7a:20:56:34:49:51:25:5d:ff:8e:7d:cd:
a7:c5:1a:11:09:2a:1a:52:8e:7a:7e:a4:04:92:94:
13:a0:e1:2c:6c:36:ce:30:57:4f:7f:46:67:19:fa:
02:d4:21:48:ef:cf:9e:1f:43:71:35:e5:3a:db:78:
f6:54:50:ce:77:e6:c8:00:e5:87:ab:ad:f9:c3:cc:
48:e8:04:7f:33:d9:76:d3:7a:9f:45:51:8b:ce:d1:
bc:8a:cb:67:1b:f5:da:2d:2e:f0:19:db:fb:78:de:
de:4d:ec:05:33:0f:6e:0a:3a:16:eb:99:f4:bb:55:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C9:F8:B8:7E:8A:94:48:64:4A:A2:BC:FA:5D:83:28:74:2B:5E:CE
X509v3 Authority Key Identifier:
keyid:C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/CMn4uH6KlEhkSqK8-l2DKHQrXs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/wI1zXzRsT8QqR5LOM4CKIhCoK7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:2b:76:de:db:8d:99:a7:3e:6e:0d:c4:96:2b:fd:55:75:65:
11:b9:a5:02:11:db:bd:bd:e7:5c:f5:92:ba:70:2e:d2:6a:57:
73:7b:c8:f9:4a:54:99:7a:49:94:d5:f8:b8:60:62:8a:e5:a6:
06:f3:48:39:62:3f:fc:50:38:c4:da:98:a4:23:e6:94:d8:c8:
d4:b3:fc:26:5c:cf:34:b5:72:44:66:80:63:f2:c3:25:3f:24:
48:22:aa:50:8d:77:d2:ac:81:c2:4c:b8:25:fd:49:89:d8:e4:
00:84:15:ad:3a:32:1a:45:e5:8c:49:2a:1a:2d:89:94:1a:40:
e5:f7:f9:41:76:e2:2d:ee:c0:aa:c3:10:9b:ec:36:9c:d0:15:
43:75:4b:5c:47:9b:a9:68:0d:b0:30:8c:11:e1:97:66:72:3c:
51:03:49:2b:a5:fc:8f:96:c4:79:51:6c:02:95:e1:32:9f:bf:
c4:9e:c8:e4:d8:d0:12:5d:24:d1:fc:a1:9c:1e:50:52:ca:7b:
d3:0d:37:3f:63:df:7d:f8:63:92:93:de:f9:0d:97:db:cd:bd:
10:5f:08:91:49:ff:8d:b8:45:fb:33:d4:59:3c:af:ce:b3:6e:
d7:82:ed:39:fd:63:8e:e6:04:a8:81:27:e2:16:72:de:b2:51:
eb:0f:85:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcFXbyTJjc5MQuk1hWF42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOGQ3MzVmMzQ2YzRmYzQyYTQ3OTJjZTMzODA4YTIyMTBh
ODJiYjUwHhcNMjMwMTAyMDMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM5ZjhiODdlOGE5NDQ4NjQ0YWEyYmNmYTVkODMyODc0MmI1ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY1ZBdB8EtaXmhX0Fk8u3QXEspQm
c5IlkoajswUdiLInkFMZRk2opudkzPncyCdDSbFWWDsRn7g9p10VsjBvequLvEiI
Bu7Hb/IPeRvrtxFiPWF5AyI/K9QWBDpHbdHU2zotTb/jIaoisP6RpFrT+0cN68HL
x5vIE00twWwOl/Zz4f+ZcrTt9ct6IFY0SVElXf+Ofc2nxRoRCSoaUo56fqQEkpQT
oOEsbDbOMFdPf0ZnGfoC1CFI78+eH0NxNeU623j2VFDOd+bIAOWHq635w8xI6AR/
M9l203qfRVGLztG8istnG/XaLS7wGdv7eN7eTewFMw9uCjoW65n0u1UK/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjJ+Lh+ipRIZEqivPpdgyh0K17OMB8GA1UdIwQY
MBaAFMCNc180bE/EKkeSzjOAiiIQqCu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUt
YzNmMjU3ZWIyMGNjLzEvQ01uNHVINktsRWhrU3FLOC1sMkRLSFFyWHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUtYzNmMjU3ZWIyMGNj
LzEvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGBRzAMA0G
CSqGSIb3DQEBCwUAA4IBAQAdK3be242Zpz5uDcSWK/1VdWURuaUCEdu9vedc9ZK6
cC7Saldze8j5SlSZekmU1fi4YGKK5aYG80g5Yj/8UDjE2pikI+aU2MjUs/wmXM80
tXJEZoBj8sMlPyRIIqpQjXfSrIHCTLgl/UmJ2OQAhBWtOjIaReWMSSoaLYmUGkDl
9/lBduIt7sCqwxCb7Dac0BVDdUtcR5upaA2wMIwR4ZdmcjxRA0krpfyPlsR5UWwC
leEyn7/Ensjk2NASXSTR/KGcHlBSynvTDTc/Y999+GOSk975DZfbzb0QXwiRSf+N
uEX7M9RZPK/Os27Xgu05/WOO5gSogSfiFnLeslHrD4V3
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:16:42 2025 by rpki-client