Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/28y_0OD8si-Sz_o4AFygWRxJrSA.roa
File: 28y_0OD8si-Sz_o4AFygWRxJrSA.roa (raw, json)
Hash identifier: s17HXu1f/sAbHrY6LckQ5o3OJZRgzHuUUsBswH+L7rI=
Subject key identifier: DB:CC:BF:D0:E0:FC:B2:2F:92:CF:FA:38:00:5C:A0:59:1C:49:AD:20
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D724BB5F3E1C00FB11E1104948904E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/28y_0OD8si-Sz_o4AFygWRxJrSA.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207577
IP address blocks: 45.142.123.0/24 maxlen: 24
195.66.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:24:bb:5f:3e:1c:00:fb:11:e1:10:49:48:90:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbccbfd0e0fcb22f92cffa38005ca0591c49ad20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:60:fe:45:d1:1e:41:85:4a:59:f5:9a:fd:0c:
c5:b8:74:55:cf:61:f4:59:8d:f8:4d:93:3f:99:2e:
c1:eb:1d:98:9d:e1:e6:3c:18:cf:f5:6e:b9:98:7e:
ac:a7:1a:d7:cc:5f:77:08:ac:b3:80:cf:0e:8a:29:
56:66:8b:45:a6:8d:d5:4f:08:6f:ec:07:ff:5b:0e:
33:eb:e5:c3:4a:b4:df:e1:0e:7e:64:51:2f:e9:2b:
0c:b8:b5:82:ee:18:d3:28:5f:2d:ca:75:e1:b6:cc:
63:a2:89:d2:0d:6e:98:1e:d9:57:da:49:8b:34:12:
fe:96:69:b5:55:8e:71:b3:d9:78:9a:15:7d:f3:1e:
38:82:b2:ea:51:26:59:26:33:f9:07:e0:a6:c0:ff:
66:fa:b3:2a:f6:c4:a9:b2:2b:45:e6:0e:82:89:67:
e4:08:92:1d:62:37:af:49:d6:85:e0:6c:45:ed:42:
11:65:14:65:2e:00:b2:09:d7:9a:7c:ca:9d:08:84:
03:0f:8c:6f:9b:5a:1f:ed:2a:47:8c:bd:81:4c:60:
d9:13:41:1a:ec:4f:6f:78:e7:6d:5c:24:00:b1:76:
a4:95:33:93:0e:9c:4d:5f:f4:b5:96:aa:a6:12:2d:
97:e5:e6:33:bc:2a:98:bb:0c:89:17:93:01:bd:66:
22:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CC:BF:D0:E0:FC:B2:2F:92:CF:FA:38:00:5C:A0:59:1C:49:AD:20
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/28y_0OD8si-Sz_o4AFygWRxJrSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.123.0/24
195.66.104.0/24
Signature Algorithm: sha256WithRSAEncryption
56:40:33:fe:72:d1:74:72:76:df:0d:e0:d4:72:06:c8:7c:99:
8f:97:aa:0d:79:78:ba:ea:bc:4e:c3:b6:8d:36:89:37:e6:76:
24:14:a9:2c:9d:80:d1:0f:e8:3b:cc:e9:0b:4a:09:c5:49:f9:
10:bf:3e:03:fb:37:4b:00:6e:61:17:52:b5:12:8a:e9:e3:dd:
7f:dd:9d:3a:fc:89:4c:2a:ac:b8:9a:26:77:db:f9:f6:e2:f5:
b9:57:8a:ec:5a:60:05:53:36:4b:4f:3b:33:b3:55:08:19:41:
26:59:22:ab:96:8c:e0:6a:db:42:00:e0:0a:9b:48:30:da:c4:
d4:72:ef:0e:39:d6:bb:5f:c3:85:ce:a1:b6:c5:0d:92:a6:38:
72:52:be:db:13:cb:d5:58:d4:f5:93:13:c1:23:dc:3e:b5:3f:
37:d7:95:61:39:47:6a:5e:f6:06:ff:f2:53:71:5b:d7:18:a3:
3a:f0:3b:3b:15:96:03:3c:01:89:16:a8:c1:63:a4:fb:4a:41:
91:a7:d7:b5:79:63:de:d5:c2:c7:58:c6:3a:4a:c4:32:da:75:
a2:44:2e:6f:7a:fb:d6:a2:63:ac:a3:c4:e1:0c:5e:6f:90:ad:
d5:08:89:70:3e:e4:84:88:bf:58:73:73:97:8f:b6:d9:6f:a0:
90:be:c0:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1yS7Xz4cAPsR4RBJSJBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNjYmZkMGUwZmNiMjJmOTJjZmZhMzgwMDVjYTA1OTFjNDlhZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGD+RdEeQYVKWfWa/QzFuHRVz2H0
WY34TZM/mS7B6x2YneHmPBjP9W65mH6spxrXzF93CKyzgM8OiilWZotFpo3VTwhv
7Af/Ww4z6+XDSrTf4Q5+ZFEv6SsMuLWC7hjTKF8tynXhtsxjoonSDW6YHtlX2kmL
NBL+lmm1VY5xs9l4mhV98x44grLqUSZZJjP5B+CmwP9m+rMq9sSpsitF5g6CiWfk
CJIdYjevSdaF4GxF7UIRZRRlLgCyCdeafMqdCIQDD4xvm1of7SpHjL2BTGDZE0Ea
7E9veOdtXCQAsXaklTOTDpxNX/S1lqqmEi2X5eYzvCqYuwyJF5MBvWYi4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNvMv9Dg/LIvks/6OABcoFkcSa0gMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMjh5XzBPRDhzaS1Tel9vNEFGeWdXUnhKclNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY57AwQA
w0JoMA0GCSqGSIb3DQEBCwUAA4IBAQBWQDP+ctF0cnbfDeDUcgbIfJmPl6oNeXi6
6rxOw7aNNok35nYkFKksnYDRD+g7zOkLSgnFSfkQvz4D+zdLAG5hF1K1Eorp491/
3Z06/IlMKqy4miZ32/n24vW5V4rsWmAFUzZLTzszs1UIGUEmWSKrlozgattCAOAK
m0gw2sTUcu8OOda7X8OFzqG2xQ2SpjhyUr7bE8vVWNT1kxPBI9w+tT8315VhOUdq
XvYG//JTcVvXGKM68Ds7FZYDPAGJFqjBY6T7SkGRp9e1eWPe1cLHWMY6SsQy2nWi
RC5vevvWomOso8ThDF5vkK3VCIlwPuSEiL9Yc3OXj7bZb6CQvsCk
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:08:04 2025 by rpki-client