Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mMjJL5LSVdUVfSXRjRpf-A6tckk.roa
File: mMjJL5LSVdUVfSXRjRpf-A6tckk.roa (raw, json)
Hash identifier: RQkH2xxW5ENmlhRIrjhDTJyaHC8fBK81/THxRzMON1I=
Subject key identifier: 98:C8:C9:2F:92:D2:55:D5:15:7D:25:D1:8D:1A:5F:F8:0E:AD:72:49
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019566BF300D534F4129607E4D603AF1349B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mMjJL5LSVdUVfSXRjRpf-A6tckk.roa
Signing time: Wed 05 Mar 2025 14:39:20 +0000
ROA not before: Wed 05 Mar 2025 14:39:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56755
IP address blocks: 139.28.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:bf:30:0d:53:4f:41:29:60:7e:4d:60:3a:f1:34:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 5 14:39:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98c8c92f92d255d5157d25d18d1a5ff80ead7249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:a7:cf:1d:24:41:69:3e:c7:f0:3b:71:3c:
89:80:cd:10:8c:4a:32:65:19:62:00:37:6c:68:41:
42:80:08:b8:55:01:56:05:06:77:5a:2e:2f:ec:19:
c8:bf:82:9a:13:40:c2:f4:5f:6f:78:24:fa:d5:e1:
26:71:36:52:6b:94:20:4b:63:28:f5:e4:61:47:b2:
40:ce:cc:ea:54:7b:8f:f8:b1:16:a7:1b:cc:5e:7d:
8d:cf:4c:eb:16:26:eb:ab:d4:18:cd:4f:80:ac:24:
de:00:ca:fa:4e:8b:d4:28:78:2f:a4:7a:c7:fa:b2:
7f:3c:17:dd:9c:34:0b:ff:dd:a9:83:87:2f:9f:bb:
79:ec:af:af:94:38:5f:da:69:ee:f9:2e:70:20:56:
95:eb:6c:94:56:d0:ed:3c:48:f2:2a:c0:41:1b:22:
99:85:39:f4:1e:64:02:2e:df:e4:aa:87:3e:d8:7a:
dd:9f:cb:69:1a:3b:27:b7:d8:9a:da:49:22:10:62:
a9:fc:08:53:e2:22:6f:35:5e:4f:b3:34:a3:e6:09:
ec:9b:d6:9f:9b:64:68:85:be:10:41:ae:85:04:db:
1f:13:9a:5a:36:a1:0f:3b:46:1d:3a:6f:b3:51:23:
37:d4:52:00:c5:e8:4d:0a:32:a4:8c:67:5a:36:f0:
fc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C8:C9:2F:92:D2:55:D5:15:7D:25:D1:8D:1A:5F:F8:0E:AD:72:49
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mMjJL5LSVdUVfSXRjRpf-A6tckk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.99.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ce:a8:b7:41:43:54:9f:3a:11:14:0e:f0:4a:62:81:e1:b1:
be:35:5a:73:44:2d:5f:42:8f:96:fa:b2:63:a1:89:23:b0:7d:
c2:3e:0b:df:d4:62:5a:49:32:0d:7c:d9:44:31:05:81:6d:89:
d0:91:31:02:c7:fa:bf:45:76:88:08:bd:ef:20:28:c1:45:02:
67:77:54:f8:25:11:6d:58:31:c3:9f:4f:f2:72:64:0e:67:72:
4e:f4:e4:87:1b:e3:31:f7:34:87:dd:72:5a:6c:03:0b:55:94:
f9:57:77:3b:b0:88:f0:0c:f0:f4:2e:91:8b:14:d6:8a:2c:3d:
35:24:fc:d9:3d:c9:58:f9:a4:fc:63:7f:20:c8:e3:56:f0:01:
2e:7d:76:8c:f5:d0:b1:99:e2:2d:3c:32:fe:fb:fe:1d:e3:6f:
1e:94:17:d1:ee:7d:bb:d7:c8:06:a5:90:8a:87:d0:20:89:a8:
43:79:63:8c:24:3c:e2:97:2e:34:97:1a:80:0a:25:d8:b5:14:
37:59:db:fb:86:ef:16:7a:3a:07:d3:4e:c6:be:8d:c7:50:1e:
8e:94:18:d9:99:20:0a:4a:eb:a9:d0:a2:03:08:79:72:b3:15:
9e:e9:a6:99:a7:30:5a:85:92:fa:b3:86:29:b3:5d:91:d4:cf:
45:41:02:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVmvzANU09BKWB+TWA68TSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzA1MTQzOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM4YzkyZjkyZDI1NWQ1MTU3ZDI1ZDE4ZDFhNWZmODBlYWQ3MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFGnzx0kQWk+x/A7cTyJgM0QjEoy
ZRliADdsaEFCgAi4VQFWBQZ3Wi4v7BnIv4KaE0DC9F9veCT61eEmcTZSa5QgS2Mo
9eRhR7JAzszqVHuP+LEWpxvMXn2Nz0zrFibrq9QYzU+ArCTeAMr6TovUKHgvpHrH
+rJ/PBfdnDQL/92pg4cvn7t57K+vlDhf2mnu+S5wIFaV62yUVtDtPEjyKsBBGyKZ
hTn0HmQCLt/kqoc+2Hrdn8tpGjsnt9ia2kkiEGKp/AhT4iJvNV5PszSj5gnsm9af
m2Rohb4QQa6FBNsfE5paNqEPO0YdOm+zUSM31FIAxehNCjKkjGdaNvD8bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjIyS+S0lXVFX0l0Y0aX/gOrXJJMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbU1qSkw1TFNWZFVWZlNYUmpScGYtQTZ0Y2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAixxjMA0G
CSqGSIb3DQEBCwUAA4IBAQBIzqi3QUNUnzoRFA7wSmKB4bG+NVpzRC1fQo+W+rJj
oYkjsH3CPgvf1GJaSTINfNlEMQWBbYnQkTECx/q/RXaICL3vICjBRQJnd1T4JRFt
WDHDn0/ycmQOZ3JO9OSHG+Mx9zSH3XJabAMLVZT5V3c7sIjwDPD0LpGLFNaKLD01
JPzZPclY+aT8Y38gyONW8AEufXaM9dCxmeItPDL++/4d428elBfR7n2718gGpZCK
h9AgiahDeWOMJDzily40lxqACiXYtRQ3Wdv7hu8WejoH007Gvo3HUB6OlBjZmSAK
Suup0KIDCHlysxWe6aaZpzBahZL6s4Yps12R1M9FQQIv
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:26:06 2025 by rpki-client