Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-vE1YVjCeMUrjS3MllKE6DPRwgI.roa
File: 1-vE1YVjCeMUrjS3MllKE6DPRwgI.roa (raw, json)
Hash identifier: obePsMjSsHssy6iyMvBFSoxf+jXpHhIyXV/SsK69H/0=
Subject key identifier: FA:F1:35:61:58:C2:78:C5:2B:8D:2D:CC:96:52:84:E8:33:D1:C2:02
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019542AFA921057943B0E9D3CA17AB361CE3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-vE1YVjCeMUrjS3MllKE6DPRwgI.roa
Signing time: Wed 26 Feb 2025 14:36:03 +0000
ROA not before: Wed 26 Feb 2025 14:36:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212966
IP address blocks: 139.28.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:af:a9:21:05:79:43:b0:e9:d3:ca:17:ab:36:1c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 26 14:36:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faf1356158c278c52b8d2dcc965284e833d1c202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e7:e4:ef:28:3b:cb:6f:35:54:e6:8e:30:e5:
7e:37:94:f8:4b:0e:83:0b:b3:fa:73:9b:e6:6d:66:
6c:fe:50:c8:e8:84:89:63:55:58:af:b6:be:39:ac:
c1:eb:be:5f:13:44:da:2c:df:8e:fa:fe:9f:52:ba:
80:f9:fb:84:2b:4f:c0:81:f3:60:07:7a:7b:64:25:
20:40:9f:fc:76:bb:fb:9c:09:90:53:d4:79:6f:3c:
ea:fc:25:bf:a0:ab:bf:6a:c2:86:cd:5b:4c:53:93:
9f:3f:94:63:10:9d:63:19:1e:8d:bd:65:f5:41:e9:
e5:8e:2b:19:19:7d:3b:66:56:31:30:ad:32:3a:a3:
3b:eb:ff:ef:15:5b:30:7b:b8:f0:ab:60:71:74:17:
b3:3e:9d:71:f7:84:57:b6:e2:75:5c:29:9b:94:4c:
b5:61:09:fa:64:ee:13:ae:ac:56:b6:a3:a0:4e:30:
da:41:27:b6:9e:ba:4a:e4:87:3e:13:5b:16:19:5f:
6b:1a:48:dd:2b:54:d3:ed:8f:84:9b:d1:32:bc:0a:
4e:97:c0:44:1a:5e:41:28:15:a1:af:2d:3e:1b:28:
b4:67:56:c1:47:86:f9:61:4c:e5:72:64:90:94:6b:
03:97:e7:b0:28:33:30:a3:a5:8b:4d:96:ec:76:3f:
78:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F1:35:61:58:C2:78:C5:2B:8D:2D:CC:96:52:84:E8:33:D1:C2:02
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-vE1YVjCeMUrjS3MllKE6DPRwgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.98.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:f4:16:65:7a:de:15:e8:a3:36:f6:bb:81:90:df:4a:92:c8:
03:1c:7e:cf:08:12:3c:55:d8:33:df:aa:af:98:ca:d9:e0:1f:
ee:e9:64:3d:57:ad:c3:5f:64:d3:81:62:5e:73:4e:2c:cc:f2:
38:4a:48:ef:12:b9:12:f7:33:8b:8d:43:26:38:4b:1e:c5:16:
97:a5:c5:54:1b:8f:9d:d6:10:bb:1c:ac:12:98:29:03:39:ee:
13:7e:10:b6:fd:3d:25:80:d1:e2:2d:59:fd:8a:d1:74:78:20:
f1:36:51:cc:eb:41:18:ad:b6:22:d6:e8:5d:c2:2a:95:34:2f:
17:a2:7f:4e:e5:f5:3e:2d:04:65:bc:b8:04:72:2d:4a:00:a3:
3d:b7:25:5d:ca:89:82:8f:07:90:2f:61:f9:ff:d4:4b:5a:bc:
85:63:04:a6:02:b0:a5:2b:be:df:9e:0d:57:fe:0b:47:d0:d1:
e5:c6:51:10:9c:36:06:7e:6b:67:a9:35:35:b3:17:5a:d0:8b:
f3:2c:2d:90:c6:72:a7:ee:ad:42:4a:26:35:bb:46:ec:45:c3:
87:db:11:ad:00:a5:45:4e:7c:6f:67:84:27:08:6d:41:fc:eb:
9e:a9:7d:c4:d0:a3:7a:2b:13:e1:44:c7:db:2c:de:85:51:a1:
ed:cc:50:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVCr6khBXlDsOnTyherNhzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjI2MTQzNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWYxMzU2MTU4YzI3OGM1MmI4ZDJkY2M5NjUyODRlODMzZDFjMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoefk7yg7y281VOaOMOV+N5T4Sw6D
C7P6c5vmbWZs/lDI6ISJY1VYr7a+OazB675fE0TaLN+O+v6fUrqA+fuEK0/AgfNg
B3p7ZCUgQJ/8drv7nAmQU9R5bzzq/CW/oKu/asKGzVtMU5OfP5RjEJ1jGR6NvWX1
QenljisZGX07ZlYxMK0yOqM76//vFVswe7jwq2BxdBezPp1x94RXtuJ1XCmblEy1
YQn6ZO4TrqxWtqOgTjDaQSe2nrpK5Ic+E1sWGV9rGkjdK1TT7Y+Em9EyvApOl8BE
Gl5BKBWhry0+Gyi0Z1bBR4b5YUzlcmSQlGsDl+ewKDMwo6WLTZbsdj94vQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrxNWFYwnjFK40tzJZShOgz0cICMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS12RTFZVmpDZU1VcmpTM01sbEtFNkRQUndnSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIscYjAN
BgkqhkiG9w0BAQsFAAOCAQEAv/QWZXreFeijNva7gZDfSpLIAxx+zwgSPFXYM9+q
r5jK2eAf7ulkPVetw19k04FiXnNOLMzyOEpI7xK5Evczi41DJjhLHsUWl6XFVBuP
ndYQuxysEpgpAznuE34Qtv09JYDR4i1Z/YrRdHgg8TZRzOtBGK22ItboXcIqlTQv
F6J/TuX1Pi0EZby4BHItSgCjPbclXcqJgo8HkC9h+f/US1q8hWMEpgKwpSu+354N
V/4LR9DR5cZREJw2Bn5rZ6k1NbMXWtCL8ywtkMZyp+6tQkomNbtG7EXDh9sRrQCl
RU58b2eEJwhtQfzrnql9xNCjeisT4UTH2yzehVGh7cxQyw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:28:24 2025 by rpki-client