Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/KFO8ogTx2w3Tn74z5fbk_o5NYcY.roa
File: KFO8ogTx2w3Tn74z5fbk_o5NYcY.roa (raw, json)
Hash identifier: sP08UYEie9LPoPJxUwcO5PnB+gR81ghHr8wwLKLGYwE=
Subject key identifier: 28:53:BC:A2:04:F1:DB:0D:D3:9F:BE:33:E5:F6:E4:FE:8E:4D:61:C6
Certificate issuer: /CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Certificate serial: 09EE1D28
Authority key identifier: 77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/KFO8ogTx2w3Tn74z5fbk_o5NYcY.roa
Signing time: Sat 01 Jan 2022 04:56:17 +0000
ROA not before: Sat 01 Jan 2022 04:56:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212068
IP address blocks: 139.28.205.0/24 maxlen: 24
2a0d:1a40:7a00::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166599976 (0x9ee1d28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Validity
Not Before: Jan 1 04:56:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2853bca204f1db0dd39fbe33e5f6e4fe8e4d61c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:d7:bd:a1:b3:7c:a9:28:a3:28:e9:8a:31:
92:86:9d:79:2d:81:25:f6:07:5a:1b:c3:9e:c4:60:
5f:15:59:6b:7b:c3:0a:aa:77:45:29:18:3e:19:5f:
17:f9:cf:ca:b7:7e:58:c0:3f:f8:56:e0:5f:c5:cf:
99:db:a6:b1:c1:54:56:73:a1:5c:df:40:37:09:17:
c5:22:b6:3b:7f:49:98:9d:8e:52:b9:3d:01:49:9c:
2d:5a:05:d0:f0:9c:ac:56:b5:ab:23:5b:e9:af:56:
65:20:39:73:c5:8f:af:be:67:4a:24:d6:cb:e5:1a:
6c:96:79:34:91:0e:28:c5:75:3e:93:7c:74:48:2a:
d3:0e:a8:9f:98:bc:1f:f3:1f:cc:60:0f:75:91:d5:
fb:19:ed:3e:5b:71:79:e4:c1:c6:03:91:d5:fb:6f:
e2:ec:09:1a:76:d1:4c:50:7b:87:10:e5:d8:0f:1d:
84:e2:2d:0c:a0:6e:96:0e:ae:c2:1e:6e:70:0f:52:
1c:af:65:a5:37:97:30:46:2b:47:ea:6f:99:ab:1f:
b1:75:f7:56:79:1e:75:bc:04:1d:f2:76:c8:ad:42:
32:e8:5f:95:e5:96:28:78:69:58:1d:f8:ef:8f:ed:
37:a3:7d:72:43:65:f9:6b:06:4f:a7:79:39:0a:46:
ab:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:53:BC:A2:04:F1:DB:0D:D3:9F:BE:33:E5:F6:E4:FE:8E:4D:61:C6
X509v3 Authority Key Identifier:
keyid:77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/KFO8ogTx2w3Tn74z5fbk_o5NYcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/d8jYu_BXl6daScXXD1lx7N7G3ZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.205.0/24
IPv6:
2a0d:1a40:7a00::/44
Signature Algorithm: sha256WithRSAEncryption
10:ed:00:8a:a1:2e:15:c8:c9:51:29:db:f0:5b:fb:16:cf:17:
57:b6:f6:71:e8:25:6b:e7:60:41:25:73:44:8e:86:f8:b5:94:
b7:52:56:16:8e:58:84:98:cd:f0:d2:72:b2:21:cc:ac:d4:8d:
10:9d:5d:82:db:4b:c7:88:f0:5c:c9:a4:86:c1:d5:27:fa:5a:
aa:06:df:a5:8c:6a:2d:dc:d5:a9:a7:dd:16:d5:2a:1b:65:d4:
50:27:58:f6:e1:24:b7:63:b0:c8:be:89:f0:37:11:a5:31:da:
ee:0b:ad:55:55:4e:8f:ce:38:3b:6d:03:2a:9c:9f:25:ff:af:
fa:ae:43:81:b0:76:db:79:6c:1c:8a:8e:4f:e3:4a:71:0e:70:
04:0b:70:66:a6:97:e8:9e:5a:67:15:f9:c5:a3:9d:05:54:c6:
66:25:21:a1:87:77:81:3e:15:4b:2a:a7:08:b7:8a:e2:b6:1d:
3d:e4:75:d9:e4:a5:67:32:f3:d4:d4:97:d9:90:9f:8d:51:30:
ff:6c:39:9a:fa:6c:60:ea:01:42:e9:5b:64:0a:07:32:ac:f7:
3d:4f:1f:4d:e7:da:be:eb:a6:f7:bf:77:2d:e1:07:79:86:8a:
60:51:ac:a9:92:b7:af:0a:66:2d:e7:a1:47:f9:7c:00:86:15:
cd:77:28:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECe4dKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2M4ZDhiYmYwNTc5N2E3NWE0OWM1ZDcwZjU5NzFlY2RlYzZkZDkzMB4XDTIyMDEw
MTA0NTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg1M2JjYTIwNGYx
ZGIwZGQzOWZiZTMzZTVmNmU0ZmU4ZTRkNjFjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjL172hs3ypKKMo6YoxkoadeS2BJfYHWhvDnsRgXxVZa3vD
Cqp3RSkYPhlfF/nPyrd+WMA/+FbgX8XPmdumscFUVnOhXN9ANwkXxSK2O39JmJ2O
Urk9AUmcLVoF0PCcrFa1qyNb6a9WZSA5c8WPr75nSiTWy+UabJZ5NJEOKMV1PpN8
dEgq0w6on5i8H/MfzGAPdZHV+xntPltxeeTBxgOR1ftv4uwJGnbRTFB7hxDl2A8d
hOItDKBulg6uwh5ucA9SHK9lpTeXMEYrR+pvmasfsXX3VnkedbwEHfJ2yK1CMuhf
leWWKHhpWB3474/tN6N9ckNl+WsGT6d5OQpGqxsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQoU7yiBPHbDdOfvjPl9uT+jk1hxjAfBgNVHSMEGDAWgBR3yNi78FeXp1pJ
xdcPWXHs3sbdkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q4all1X0JYbDZkYVNjWFhEMWx4N043RzNaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvNDVhYmRlLTViNDQtNDcxYS05M2Q5LTUzNDVmN2U3NDA4My8x
L0tGTzhvZ1R4MnczVG43NHo1ZmJrX281TlljWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
NDVhYmRlLTViNDQtNDcxYS05M2Q5LTUzNDVmN2U3NDA4My8xL2Q4all1X0JYbDZk
YVNjWFhEMWx4N043RzNaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAIsczTAPBAIAAjAJAwcEKg0aQHoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ7QCKoS4VyMlRKdvwW/sWzxdXtvZx6CVr52BB
JXNEjob4tZS3UlYWjliEmM3w0nKyIcys1I0QnV2C20vHiPBcyaSGwdUn+lqqBt+l
jGot3NWpp90W1SobZdRQJ1j24SS3Y7DIvonwNxGlMdruC61VVU6Pzjg7bQMqnJ8l
/6/6rkOBsHbbeWwcio5P40pxDnAEC3BmppfonlpnFfnFo50FVMZmJSGhh3eBPhVL
KqcIt4rith095HXZ5KVnMvPU1JfZkJ+NUTD/bDma+mxg6gFC6VtkCgcyrPc9Tx9N
59q+66b3v3ct4Qd5hopgUaypkrevCmYt56FH+XwAhhXNdyg3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:04 2025 by rpki-client