Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/a0919d-a019-419e-acc2-4c84abefc09c/1/aWhXSn5YcqkgqC17cvoC0KWZrTU.roa
File: aWhXSn5YcqkgqC17cvoC0KWZrTU.roa (raw, json)
Hash identifier: RC0BOPxXFBcQ2B/YGHeQ2QxUHe+ahcJTWfP3AOPkJlc=
Subject key identifier: 69:68:57:4A:7E:58:72:A9:20:A8:2D:7B:72:FA:02:D0:A5:99:AD:35
Certificate issuer: /CN=87842da169e2b8a204b9c4f1f5f3c22076640d6a
Certificate serial: 01918ED118AE811F86199B33D4B89F1B5FAC
Authority key identifier: 87:84:2D:A1:69:E2:B8:A2:04:B9:C4:F1:F5:F3:C2:20:76:64:0D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4QtoWniuKIEucTx9fPCIHZkDWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/a0919d-a019-419e-acc2-4c84abefc09c/1/aWhXSn5YcqkgqC17cvoC0KWZrTU.roa
Signing time: Mon 26 Aug 2024 13:12:33 +0000
ROA not before: Mon 26 Aug 2024 13:12:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209445
IP address blocks: 139.28.180.0/22 maxlen: 22
139.28.180.0/23 maxlen: 23
139.28.182.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:d1:18:ae:81:1f:86:19:9b:33:d4:b8:9f:1b:5f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87842da169e2b8a204b9c4f1f5f3c22076640d6a
Validity
Not Before: Aug 26 13:12:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6968574a7e5872a920a82d7b72fa02d0a599ad35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a5:6f:f4:3c:05:28:83:f8:ab:0c:57:1b:2b:
22:eb:a4:f6:39:06:cb:8d:35:3b:bc:e0:ec:40:07:
02:60:56:b1:ab:0d:97:61:ae:d0:1c:36:57:d1:ba:
5b:e6:85:7e:86:4d:cf:78:4e:ab:4b:83:bd:43:1f:
d1:b2:e9:f4:4e:6a:6f:4f:c3:25:d2:b5:35:a9:dc:
40:7e:27:b8:03:42:65:7f:40:ce:e7:86:73:bf:ad:
83:fb:f1:b2:ce:9c:41:b5:25:3c:5e:6e:b1:31:6d:
39:5f:27:2f:65:77:1f:d1:2c:71:e1:77:b8:6e:74:
b6:a6:a7:27:1e:4e:18:53:34:f5:16:0d:e0:6a:5d:
61:88:13:25:cb:2f:5e:4c:73:68:49:7e:4e:20:a8:
16:0d:a7:43:5a:ea:2d:8f:36:f2:a1:0d:2d:5c:50:
6f:84:d2:d7:22:30:8b:aa:52:b3:43:5e:12:14:e0:
f0:4e:62:bb:c3:49:43:02:69:e8:66:ce:c1:28:87:
24:de:84:20:76:36:23:a8:ee:94:13:2d:d4:5f:ac:
17:ef:51:0b:09:6f:54:bb:87:a0:46:8a:cd:8a:09:
c2:5b:e6:49:ca:9e:89:f1:0a:b9:1a:e3:a2:8c:d2:
ef:f2:85:3b:6e:c4:fc:28:fc:b1:aa:c1:76:67:a9:
45:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:68:57:4A:7E:58:72:A9:20:A8:2D:7B:72:FA:02:D0:A5:99:AD:35
X509v3 Authority Key Identifier:
keyid:87:84:2D:A1:69:E2:B8:A2:04:B9:C4:F1:F5:F3:C2:20:76:64:0D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4QtoWniuKIEucTx9fPCIHZkDWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a0919d-a019-419e-acc2-4c84abefc09c/1/aWhXSn5YcqkgqC17cvoC0KWZrTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/a0919d-a019-419e-acc2-4c84abefc09c/1/h4QtoWniuKIEucTx9fPCIHZkDWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.180.0/22
Signature Algorithm: sha256WithRSAEncryption
38:1a:4c:5f:bb:eb:38:49:10:7b:2e:b1:b4:9e:e1:67:9a:10:
3a:4a:59:df:db:3d:c2:4c:09:6b:bc:5d:c0:6d:59:d3:d6:e7:
74:ff:33:e8:a3:69:bf:8e:40:f4:8b:c8:24:7c:4e:51:96:6b:
ef:ce:6f:b6:f4:24:6e:ad:02:71:30:66:da:d9:a8:a5:8d:15:
a3:00:6d:46:2b:18:36:1c:ee:de:34:ef:79:5b:fd:e1:d2:dd:
db:0a:16:da:ad:f5:a8:0b:dd:21:5d:d8:ef:20:eb:c8:cb:29:
44:84:cc:d3:9e:49:09:b0:17:8b:8c:e3:f5:6d:fb:d9:ce:07:
e8:e4:68:01:e3:f3:d5:53:09:cb:87:bf:fd:98:a2:a2:5a:20:
da:64:7d:37:da:9a:2b:7d:e6:d6:ad:37:2d:87:e3:6d:8f:fa:
e5:9f:c3:90:09:8b:57:c9:d8:0a:78:f7:8f:79:bc:84:3a:fe:
b7:00:f9:62:a9:c0:8f:5c:6b:4c:0e:42:83:34:b5:85:23:4d:
a0:4c:fa:e3:a9:3a:06:00:11:da:0a:36:c0:43:32:e8:41:d1:
b7:07:4b:7e:e4:dc:4e:2e:de:7a:32:e3:14:3a:ce:21:69:18:
c0:ed:19:74:58:28:14:84:80:fb:ab:1d:56:42:f0:2a:6b:63:
21:df:4a:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGO0RiugR+GGZsz1LifG1+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ODQyZGExNjllMmI4YTIwNGI5YzRmMWY1ZjNjMjIwNzY2
NDBkNmEwHhcNMjQwODI2MTMxMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY4NTc0YTdlNTg3MmE5MjBhODJkN2I3MmZhMDJkMGE1OTlhZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6Vv9DwFKIP4qwxXGysi66T2OQbL
jTU7vODsQAcCYFaxqw2XYa7QHDZX0bpb5oV+hk3PeE6rS4O9Qx/Rsun0TmpvT8Ml
0rU1qdxAfie4A0Jlf0DO54Zzv62D+/GyzpxBtSU8Xm6xMW05XycvZXcf0Sxx4Xe4
bnS2pqcnHk4YUzT1Fg3gal1hiBMlyy9eTHNoSX5OIKgWDadDWuotjzbyoQ0tXFBv
hNLXIjCLqlKzQ14SFODwTmK7w0lDAmnoZs7BKIck3oQgdjYjqO6UEy3UX6wX71EL
CW9Uu4egRorNignCW+ZJyp6J8Qq5GuOijNLv8oU7bsT8KPyxqsF2Z6lF3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGloV0p+WHKpIKgte3L6AtClma01MB8GA1UdIwQY
MBaAFIeELaFp4riiBLnE8fXzwiB2ZA1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRRdG9Xbml1S0lFdWNUeDlmUENJSFprRFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9hMDkxOWQtYTAxOS00MTllLWFjYzIt
NGM4NGFiZWZjMDljLzEvYVdoWFNuNVljcWtncUMxN2N2b0MwS1daclRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9hMDkxOWQtYTAxOS00MTllLWFjYzItNGM4NGFiZWZjMDlj
LzEvaDRRdG9Xbml1S0lFdWNUeDlmUENJSFprRFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixy0MA0G
CSqGSIb3DQEBCwUAA4IBAQA4Gkxfu+s4SRB7LrG0nuFnmhA6Slnf2z3CTAlrvF3A
bVnT1ud0/zPoo2m/jkD0i8gkfE5Rlmvvzm+29CRurQJxMGba2ailjRWjAG1GKxg2
HO7eNO95W/3h0t3bChbarfWoC90hXdjvIOvIyylEhMzTnkkJsBeLjOP1bfvZzgfo
5GgB4/PVUwnLh7/9mKKiWiDaZH032porfebWrTcth+Ntj/rln8OQCYtXydgKePeP
ebyEOv63APliqcCPXGtMDkKDNLWFI02gTPrjqToGABHaCjbAQzLoQdG3B0t+5NxO
Lt56MuMUOs4haRjA7Rl0WCgUhID7qx1WQvAqa2Mh30qh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:04 2025 by rpki-client