Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e5ef45-e91a-4581-88d5-c97f079eb47e/1/5VACnYMCfOSl5kfv9jwSE2a3TfM.roa
File: 5VACnYMCfOSl5kfv9jwSE2a3TfM.roa (raw, json)
Hash identifier: ohDLl7POfjlQGxNWLmKZfIRa2wPAKIl3SJ++CBDH1LE=
Subject key identifier: E5:50:02:9D:83:02:7C:E4:A5:E6:47:EF:F6:3C:12:13:66:B7:4D:F3
Certificate issuer: /CN=1a4e49ffc94d3520c03f187b1c0bc6137205b8be
Certificate serial: 0192DCE6A9775D77FA136D4070431EF01463
Authority key identifier: 1A:4E:49:FF:C9:4D:35:20:C0:3F:18:7B:1C:0B:C6:13:72:05:B8:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk5J_8lNNSDAPxh7HAvGE3IFuL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e5ef45-e91a-4581-88d5-c97f079eb47e/1/5VACnYMCfOSl5kfv9jwSE2a3TfM.roa
Signing time: Wed 30 Oct 2024 10:09:17 +0000
ROA not before: Wed 30 Oct 2024 10:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138645
IP address blocks: 139.28.132.0/24 maxlen: 24
139.28.133.0/24 maxlen: 24
139.28.134.0/24 maxlen: 24
139.28.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:e6:a9:77:5d:77:fa:13:6d:40:70:43:1e:f0:14:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4e49ffc94d3520c03f187b1c0bc6137205b8be
Validity
Not Before: Oct 30 10:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e550029d83027ce4a5e647eff63c121366b74df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3e:d3:96:c7:55:1d:0e:cf:15:94:f0:ee:e0:
1b:b8:0b:bf:84:cf:df:d7:99:61:38:3d:12:d8:68:
b6:29:bb:9a:4c:ce:e3:4b:03:74:04:36:2d:7a:b6:
c3:d7:08:97:69:e3:53:4d:dd:75:47:b8:e2:72:29:
fc:b2:9a:6f:b2:4d:b4:e5:9f:ea:29:66:e6:24:4e:
55:0a:be:e7:25:6e:07:e8:2b:65:b7:6e:90:b0:93:
9d:9f:51:97:e9:7f:fc:cb:19:60:c5:57:9c:51:55:
cf:f1:62:62:90:3d:b1:26:a0:96:03:19:2a:25:e8:
37:0a:89:8b:0b:f7:6f:3e:b3:85:f5:d8:12:41:0d:
4f:07:94:d0:45:90:e8:0d:8a:2b:56:1b:ae:cf:0f:
52:81:ac:14:ce:8b:b8:92:66:b9:d7:43:17:d7:76:
73:63:47:87:c9:da:a7:76:cc:5c:2e:88:08:d7:64:
cf:01:f5:80:25:52:4d:93:09:44:12:00:7a:4f:2f:
7c:5f:f5:43:0c:0c:e2:7a:26:94:36:fb:30:ae:3c:
ed:43:b5:6a:44:8a:6e:76:ac:ea:a4:d6:f0:2b:41:
64:c7:e0:ef:95:28:9f:2f:6a:d9:e3:23:10:ef:46:
8c:00:4f:57:37:6a:c2:ed:be:e7:1c:2c:b8:85:62:
54:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:50:02:9D:83:02:7C:E4:A5:E6:47:EF:F6:3C:12:13:66:B7:4D:F3
X509v3 Authority Key Identifier:
keyid:1A:4E:49:FF:C9:4D:35:20:C0:3F:18:7B:1C:0B:C6:13:72:05:B8:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk5J_8lNNSDAPxh7HAvGE3IFuL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e5ef45-e91a-4581-88d5-c97f079eb47e/1/5VACnYMCfOSl5kfv9jwSE2a3TfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e5ef45-e91a-4581-88d5-c97f079eb47e/1/Gk5J_8lNNSDAPxh7HAvGE3IFuL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.132.0/22
Signature Algorithm: sha256WithRSAEncryption
26:65:58:1c:bd:87:e3:26:91:10:1b:7f:b9:91:65:a0:5f:2f:
23:fa:95:fe:a3:70:91:8c:ad:6b:f9:e4:53:25:6e:6e:64:08:
5c:0b:5d:37:ec:17:4d:3d:06:f3:1e:43:01:1e:e0:14:df:b5:
73:fa:9f:78:8d:9f:32:e1:16:74:2e:a1:ae:ce:af:38:75:a3:
a6:25:af:f1:57:8a:53:cd:68:c6:1b:ac:24:09:c5:53:67:f3:
b3:a8:e9:a6:7a:93:98:e5:88:5d:73:85:b7:08:5a:05:b6:3c:
eb:0c:9a:ed:8b:33:e8:4f:ad:c1:c3:a6:a9:a1:09:b6:89:d3:
ed:7b:3c:2c:4a:11:af:92:c2:6d:70:fe:de:88:97:f5:bc:2c:
f8:f3:7c:48:5a:70:55:c8:d0:50:37:4f:5c:e7:38:1b:c5:5b:
e2:63:d1:56:30:79:bf:98:20:8f:d0:54:89:52:9e:01:54:ba:
be:9a:fa:8b:35:d0:fa:d0:07:ba:b0:6b:8c:50:07:ef:fc:12:
7a:49:5b:60:19:3a:1f:5a:f4:37:d8:82:61:3a:82:1e:30:50:
51:89:06:1f:8c:8b:b4:27:7e:6d:9f:32:4f:af:5e:f2:b6:9f:
f6:da:3e:c7:2b:84:dd:34:10:e0:46:e1:11:0e:28:18:3d:e3:
07:ea:4d:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLc5ql3XXf6E21AcEMe8BRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGU0OWZmYzk0ZDM1MjBjMDNmMTg3YjFjMGJjNjEzNzIw
NWI4YmUwHhcNMjQxMDMwMTAwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTUwMDI5ZDgzMDI3Y2U0YTVlNjQ3ZWZmNjNjMTIxMzY2Yjc0ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6j7TlsdVHQ7PFZTw7uAbuAu/hM/f
15lhOD0S2Gi2KbuaTM7jSwN0BDYterbD1wiXaeNTTd11R7jicin8sppvsk205Z/q
KWbmJE5VCr7nJW4H6Ctlt26QsJOdn1GX6X/8yxlgxVecUVXP8WJikD2xJqCWAxkq
Jeg3ComLC/dvPrOF9dgSQQ1PB5TQRZDoDYorVhuuzw9SgawUzou4kma510MX13Zz
Y0eHydqndsxcLogI12TPAfWAJVJNkwlEEgB6Ty98X/VDDAzieiaUNvswrjztQ7Vq
RIpudqzqpNbwK0Fkx+DvlSifL2rZ4yMQ70aMAE9XN2rC7b7nHCy4hWJUlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVQAp2DAnzkpeZH7/Y8EhNmt03zMB8GA1UdIwQY
MBaAFBpOSf/JTTUgwD8YexwLxhNyBbi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2s1Sl84bE5OU0RBUHhoN0hBdkdFM0lGdUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lNWVmNDUtZTkxYS00NTgxLTg4ZDUt
Yzk3ZjA3OWViNDdlLzEvNVZBQ25ZTUNmT1NsNWtmdjlqd1NFMmEzVGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lNWVmNDUtZTkxYS00NTgxLTg4ZDUtYzk3ZjA3OWViNDdl
LzEvR2s1Sl84bE5OU0RBUHhoN0hBdkdFM0lGdUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixyEMA0G
CSqGSIb3DQEBCwUAA4IBAQAmZVgcvYfjJpEQG3+5kWWgXy8j+pX+o3CRjK1r+eRT
JW5uZAhcC1037BdNPQbzHkMBHuAU37Vz+p94jZ8y4RZ0LqGuzq84daOmJa/xV4pT
zWjGG6wkCcVTZ/OzqOmmepOY5Yhdc4W3CFoFtjzrDJrtizPoT63Bw6apoQm2idPt
ezwsShGvksJtcP7eiJf1vCz483xIWnBVyNBQN09c5zgbxVviY9FWMHm/mCCP0FSJ
Up4BVLq+mvqLNdD60Ae6sGuMUAfv/BJ6SVtgGTofWvQ32IJhOoIeMFBRiQYfjIu0
J35tnzJPr17ytp/22j7HK4TdNBDgRuERDigYPeMH6k0f
-----END CERTIFICATE-----
Generated at Thu Oct 31 07:50:32 2024 by rpki-client on console-fra.rpki-client.org