Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/M2Kelg9WxvDQBMzJqioPXlZdWcE.roa
File: M2Kelg9WxvDQBMzJqioPXlZdWcE.roa (raw, json)
Hash identifier: mQA6DzGnOtrnPFm8tdzPvg5lmx/E+CRmFPMNFXsiBjg=
Subject key identifier: 33:62:9E:96:0F:56:C6:F0:D0:04:CC:C9:AA:2A:0F:5E:56:5D:59:C1
Certificate issuer: /CN=279f3652e4458fa001c6738a41425b07e70c91a1
Certificate serial: 01941F8C6DE05540DA2E1C0E6E1B16021859
Authority key identifier: 27:9F:36:52:E4:45:8F:A0:01:C6:73:8A:41:42:5B:07:E7:0C:91:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J582UuRFj6ABxnOKQUJbB-cMkaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/M2Kelg9WxvDQBMzJqioPXlZdWcE.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39305
IP address blocks: 139.28.68.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6d:e0:55:40:da:2e:1c:0e:6e:1b:16:02:18:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279f3652e4458fa001c6738a41425b07e70c91a1
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33629e960f56c6f0d004ccc9aa2a0f5e565d59c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:08:fc:89:63:ac:70:a7:be:21:84:37:89:
fb:06:7b:cd:f3:c4:06:86:ef:12:34:07:be:f2:e1:
2e:58:ec:8d:69:5a:bf:62:43:4f:69:58:0d:2d:28:
7c:08:d1:d7:1f:b1:e8:86:39:19:e0:66:45:ef:09:
ba:15:75:0b:08:4a:d8:8d:f7:c8:2b:4d:06:81:73:
3b:1e:f5:9e:dc:6e:d9:7b:c9:da:40:a7:05:e0:b2:
2b:48:7d:21:ff:57:f3:7b:3e:0b:a8:51:69:8c:42:
c6:29:6f:55:4b:ce:c1:73:62:fd:2c:3e:25:4c:79:
c3:12:0b:51:5a:d5:85:ce:7a:d0:f3:b6:91:ba:32:
71:e0:ed:57:2e:ab:2f:67:6a:0e:5a:50:a5:f9:fa:
88:a5:5f:07:66:eb:36:77:a0:b5:9b:a1:2a:05:fb:
42:0a:ea:85:5f:f5:b0:a9:a8:fb:d5:a8:52:a3:5a:
49:d2:8f:e8:5e:41:7a:05:e8:ae:05:43:c9:c2:7f:
aa:53:9f:ad:69:46:38:5d:79:9f:a2:42:d0:3e:5f:
6d:df:a2:a9:29:b9:86:a2:3c:be:3a:12:1b:14:56:
28:5a:e8:a3:16:d5:24:66:32:2e:79:5b:22:94:35:
f7:dd:55:f0:c8:fb:2b:1c:02:29:00:73:67:01:ad:
49:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:62:9E:96:0F:56:C6:F0:D0:04:CC:C9:AA:2A:0F:5E:56:5D:59:C1
X509v3 Authority Key Identifier:
keyid:27:9F:36:52:E4:45:8F:A0:01:C6:73:8A:41:42:5B:07:E7:0C:91:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J582UuRFj6ABxnOKQUJbB-cMkaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/M2Kelg9WxvDQBMzJqioPXlZdWcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b9c2e2-37b6-42c6-acda-f8e6bfe1adfb/1/J582UuRFj6ABxnOKQUJbB-cMkaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.68.0/22
Signature Algorithm: sha256WithRSAEncryption
25:d8:5f:03:f9:91:b2:27:b4:08:0a:96:6d:09:19:cc:c8:60:
2b:0a:b9:ad:a8:b4:17:78:41:fb:ae:39:3d:7d:9d:72:20:4e:
0d:4b:35:a8:53:01:2c:34:c6:4c:a0:24:1e:d1:06:2e:e8:dd:
65:ec:ff:e5:67:72:fe:94:8b:ea:05:ee:a0:88:f2:19:f8:15:
06:52:fa:88:a9:1a:74:9e:56:9a:00:3e:79:6f:07:f2:fa:26:
84:fd:f4:8c:9d:77:3b:33:29:74:e5:85:82:6b:6c:93:e8:1d:
60:67:1b:29:87:03:b2:44:fe:0c:37:05:12:c8:72:63:4d:39:
61:68:a3:80:9a:30:18:35:63:0a:a0:86:f2:07:90:21:ed:f3:
41:91:13:fd:f5:db:52:a3:9e:39:fe:00:d6:6b:68:96:c3:ea:
d9:f7:2e:69:9c:1b:92:69:ec:64:79:27:f6:ff:c9:de:4d:12:
c1:31:9f:41:33:93:43:e5:33:ff:06:e6:a4:bf:25:52:68:95:
9c:66:4b:c8:ff:18:9d:7c:10:03:dc:50:00:f3:56:f5:0c:34:
c4:21:09:65:bc:20:62:44:d5:3b:ef:0f:61:2d:f7:06:08:27:
f5:0d:b9:c9:b9:94:35:88:09:6b:af:66:de:8a:ae:90:8d:a9:
f9:81:41:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjG3gVUDaLhwObhsWAhhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWYzNjUyZTQ0NThmYTAwMWM2NzM4YTQxNDI1YjA3ZTcw
YzkxYTEwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzYyOWU5NjBmNTZjNmYwZDAwNGNjYzlhYTJhMGY1ZTU2NWQ1OWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvYI/IljrHCnviGEN4n7BnvN88QG
hu8SNAe+8uEuWOyNaVq/YkNPaVgNLSh8CNHXH7HohjkZ4GZF7wm6FXULCErYjffI
K00GgXM7HvWe3G7Ze8naQKcF4LIrSH0h/1fzez4LqFFpjELGKW9VS87Bc2L9LD4l
THnDEgtRWtWFznrQ87aRujJx4O1XLqsvZ2oOWlCl+fqIpV8HZus2d6C1m6EqBftC
CuqFX/Wwqaj71ahSo1pJ0o/oXkF6BeiuBUPJwn+qU5+taUY4XXmfokLQPl9t36Kp
KbmGojy+OhIbFFYoWuijFtUkZjIueVsilDX33VXwyPsrHAIpAHNnAa1JSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNinpYPVsbw0ATMyaoqD15WXVnBMB8GA1UdIwQY
MBaAFCefNlLkRY+gAcZzikFCWwfnDJGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjU4MlV1UkZqNkFCeG5PS1FVSmJCLWNNa2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iOWMyZTItMzdiNi00MmM2LWFjZGEt
ZjhlNmJmZTFhZGZiLzEvTTJLZWxnOVd4dkRRQk16SnFpb1BYbFpkV2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iOWMyZTItMzdiNi00MmM2LWFjZGEtZjhlNmJmZTFhZGZi
LzEvSjU4MlV1UkZqNkFCeG5PS1FVSmJCLWNNa2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxEMA0G
CSqGSIb3DQEBCwUAA4IBAQAl2F8D+ZGyJ7QICpZtCRnMyGArCrmtqLQXeEH7rjk9
fZ1yIE4NSzWoUwEsNMZMoCQe0QYu6N1l7P/lZ3L+lIvqBe6giPIZ+BUGUvqIqRp0
nlaaAD55bwfy+iaE/fSMnXc7Myl05YWCa2yT6B1gZxsphwOyRP4MNwUSyHJjTTlh
aKOAmjAYNWMKoIbyB5Ah7fNBkRP99dtSo545/gDWa2iWw+rZ9y5pnBuSaexkeSf2
/8neTRLBMZ9BM5ND5TP/BuakvyVSaJWcZkvI/xidfBAD3FAA81b1DDTEIQllvCBi
RNU77w9hLfcGCCf1DbnJuZQ1iAlrr2beiq6Qjan5gUG0
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:52 2025 by rpki-client