Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/28g4Blr7nuSyJeVmwy4cGLK9eb8.roa
File: 28g4Blr7nuSyJeVmwy4cGLK9eb8.roa (raw, json)
Hash identifier: Q3uRjW4ymMVkt8l5TduM8mGnhXb4GzyvEHZ5j93is8c=
Subject key identifier: DB:C8:38:06:5A:FB:9E:E4:B2:25:E5:66:C3:2E:1C:18:B2:BD:79:BF
Certificate issuer: /CN=b43258a18cf4d1228e5c79070dfa6331168320c5
Certificate serial: 019425FD7DC2AF1C831CF5D872709619250D
Authority key identifier: B4:32:58:A1:8C:F4:D1:22:8E:5C:79:07:0D:FA:63:31:16:83:20:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/28g4Blr7nuSyJeVmwy4cGLK9eb8.roa
Signing time: Thu 02 Jan 2025 07:49:17 +0000
ROA not before: Thu 02 Jan 2025 07:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 144.2.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:7d:c2:af:1c:83:1c:f5:d8:72:70:96:19:25:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43258a18cf4d1228e5c79070dfa6331168320c5
Validity
Not Before: Jan 2 07:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbc838065afb9ee4b225e566c32e1c18b2bd79bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:b5:55:3a:54:03:42:5b:61:34:b5:e2:d1:
b7:7a:22:5e:54:61:6a:4d:3f:7a:a2:96:52:0e:24:
30:53:9d:47:83:fe:8b:7d:b2:2b:78:90:42:40:d2:
00:66:13:e1:01:35:08:bb:ba:3a:d0:67:e5:5d:44:
4a:df:76:32:ce:48:b5:c2:28:16:b8:ee:ba:d3:73:
69:75:d9:1a:f4:ba:b4:e9:0d:36:da:f1:a4:de:45:
46:ed:20:02:df:47:0e:4c:bc:3f:de:33:d3:6e:43:
61:02:48:e0:27:af:af:75:4c:68:d8:16:2c:17:92:
64:5a:e5:27:c2:6e:46:ec:d0:a2:4b:a1:92:dc:ad:
f1:c6:04:2f:a9:5f:5d:29:0d:c9:93:f4:4d:77:c9:
c9:f0:92:52:50:50:67:3f:a1:c5:a9:17:28:33:bf:
cb:ee:6b:af:af:aa:91:a1:d2:54:d1:b4:fc:4a:b4:
21:9f:d4:06:53:ce:48:01:db:eb:e9:f0:e9:d1:d1:
5a:b6:5e:62:bb:47:77:66:a6:7d:33:b2:13:ae:78:
1b:97:5d:19:5b:b1:76:68:2d:c4:e9:46:d1:3f:9b:
d3:7d:66:34:60:a2:34:16:f1:35:78:29:76:05:79:
96:9a:21:87:fb:4b:2c:fe:b4:29:10:16:a8:3e:2f:
71:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C8:38:06:5A:FB:9E:E4:B2:25:E5:66:C3:2E:1C:18:B2:BD:79:BF
X509v3 Authority Key Identifier:
keyid:B4:32:58:A1:8C:F4:D1:22:8E:5C:79:07:0D:FA:63:31:16:83:20:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDJYoYz00SKOXHkHDfpjMRaDIMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/28g4Blr7nuSyJeVmwy4cGLK9eb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/03a325-a169-44ce-84ec-5728fb24bf0e/1/tDJYoYz00SKOXHkHDfpjMRaDIMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.154.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:91:a5:95:63:07:e1:7c:8e:9e:b6:1f:0d:f6:18:01:d1:0e:
9c:79:9c:89:8e:1a:ca:a1:30:6f:7f:13:9e:87:11:55:f6:f0:
15:b4:78:f3:09:87:f4:17:76:23:23:66:18:3b:a7:94:cf:2f:
34:4e:fe:f2:cf:66:94:a6:54:f5:cb:7a:97:28:b3:02:41:67:
2b:a5:71:99:88:55:b6:69:37:5e:2a:b6:2b:08:63:de:a5:a5:
ff:29:13:6b:57:e3:0e:e7:14:e2:2f:fe:54:3b:f2:2a:b1:14:
8a:19:26:d8:83:2d:b1:7e:d3:0b:ea:2f:7a:43:26:72:e6:79:
b4:75:b8:be:27:4d:af:c3:cc:14:52:c0:e6:fb:5c:60:23:ad:
ab:5d:01:cc:3d:35:34:c4:97:60:57:2f:3f:34:fc:5f:ba:5f:
44:b5:f0:ef:b5:52:d5:70:2e:67:d8:05:a6:74:d5:a9:84:69:
a0:d6:8b:0b:57:43:cf:6e:c9:01:c9:d9:db:57:35:15:95:db:
9f:fa:35:f3:77:b0:21:fd:cb:23:f8:16:9f:91:40:3e:97:32:
38:49:e3:e0:2d:74:71:3f:79:6b:0b:a9:d3:0d:58:20:9f:fc:
02:ac:97:7d:dd:00:6b:33:64:4e:ff:2e:c6:65:81:d0:d9:b0:
67:7f:99:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/X3CrxyDHPXYcnCWGSUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzI1OGExOGNmNGQxMjI4ZTVjNzkwNzBkZmE2MzMxMTY4
MzIwYzUwHhcNMjUwMTAyMDc0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM4MzgwNjVhZmI5ZWU0YjIyNWU1NjZjMzJlMWMxOGIyYmQ3OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveC1VTpUA0JbYTS14tG3eiJeVGFq
TT96opZSDiQwU51Hg/6LfbIreJBCQNIAZhPhATUIu7o60GflXURK33Yyzki1wigW
uO6603Npddka9Lq06Q022vGk3kVG7SAC30cOTLw/3jPTbkNhAkjgJ6+vdUxo2BYs
F5JkWuUnwm5G7NCiS6GS3K3xxgQvqV9dKQ3Jk/RNd8nJ8JJSUFBnP6HFqRcoM7/L
7muvr6qRodJU0bT8SrQhn9QGU85IAdvr6fDp0dFatl5iu0d3ZqZ9M7ITrngbl10Z
W7F2aC3E6UbRP5vTfWY0YKI0FvE1eCl2BXmWmiGH+0ss/rQpEBaoPi9xIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvIOAZa+57ksiXlZsMuHBiyvXm/MB8GA1UdIwQY
MBaAFLQyWKGM9NEijlx5Bw36YzEWgyDFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wM2EzMjUtYTE2OS00NGNlLTg0ZWMt
NTcyOGZiMjRiZjBlLzEvMjhnNEJscjdudVN5SmVWbXd5NGNHTEs5ZWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wM2EzMjUtYTE2OS00NGNlLTg0ZWMtNTcyOGZiMjRiZjBl
LzEvdERKWW9ZejAwU0tPWEhrSERmcGpNUmFESU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkAKaMA0G
CSqGSIb3DQEBCwUAA4IBAQBNkaWVYwfhfI6eth8N9hgB0Q6ceZyJjhrKoTBvfxOe
hxFV9vAVtHjzCYf0F3YjI2YYO6eUzy80Tv7yz2aUplT1y3qXKLMCQWcrpXGZiFW2
aTdeKrYrCGPepaX/KRNrV+MO5xTiL/5UO/IqsRSKGSbYgy2xftML6i96QyZy5nm0
dbi+J02vw8wUUsDm+1xgI62rXQHMPTU0xJdgVy8/NPxful9EtfDvtVLVcC5n2AWm
dNWphGmg1osLV0PPbskBydnbVzUVlduf+jXzd7Ah/csj+BafkUA+lzI4SePgLXRx
P3lrC6nTDVggn/wCrJd93QBrM2RO/y7GZYHQ2bBnf5mt
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:25:12 2025 by rpki-client