Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/28UmLcjWzcVWVvc6D4PPd3-5ltQ.roa
File: 28UmLcjWzcVWVvc6D4PPd3-5ltQ.roa (raw, json)
Hash identifier: 5axaxSqtzMlKTshPkjc7n2KW1DIqA2gvzg6tDQ+5NFo=
Subject key identifier: DB:C5:26:2D:C8:D6:CD:C5:56:56:F7:3A:0F:83:CF:77:7F:B9:96:D4
Certificate issuer: /CN=15a03a003b018763507529e60a2783e89ec61727
Certificate serial: 018D3726949E773F565F4A7D66DAA939D525
Authority key identifier: 15:A0:3A:00:3B:01:87:63:50:75:29:E6:0A:27:83:E8:9E:C6:17:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FaA6ADsBh2NQdSnmCieD6J7GFyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/28UmLcjWzcVWVvc6D4PPd3-5ltQ.roa
Signing time: Tue 23 Jan 2024 16:28:11 +0000
ROA not before: Tue 23 Jan 2024 16:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43607
IP address blocks: 2a07:2480::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:26:94:9e:77:3f:56:5f:4a:7d:66:da:a9:39:d5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15a03a003b018763507529e60a2783e89ec61727
Validity
Not Before: Jan 23 16:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbc5262dc8d6cdc55656f73a0f83cf777fb996d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:05:b2:9c:5b:06:54:04:76:9f:94:4b:a6:95:
72:e5:64:5c:61:ad:43:cc:ba:26:1b:00:6f:53:cf:
3a:af:4b:ef:c6:85:24:f6:c2:5c:89:e0:ae:09:65:
4c:4e:4c:a6:04:82:66:7d:55:7b:7a:51:ab:b5:3e:
a8:3f:d0:a0:20:ed:d9:76:6b:e0:14:19:c4:2a:70:
74:0f:18:0f:7a:9f:3f:38:16:ae:2a:b1:bb:27:b1:
1c:9f:b6:30:7b:6a:d4:eb:0e:1e:df:89:e8:43:20:
0f:cf:bb:db:07:c5:de:ed:26:b9:40:d9:3e:85:22:
81:06:31:bf:6d:44:8b:9f:5f:54:a5:cd:19:55:29:
27:30:a7:a4:0e:29:4d:c2:9f:81:c0:04:26:78:d3:
30:c5:9e:f3:48:0f:1c:5c:11:ee:fd:35:71:13:f9:
7a:50:35:3b:ac:7c:f4:0b:aa:b0:57:71:b2:74:bc:
d6:3e:6f:79:80:45:cc:d3:11:8e:e0:c9:74:3c:c2:
26:c5:21:5e:8e:0d:33:dd:fd:99:84:b2:be:26:c6:
9e:24:38:34:c9:e0:d4:d8:b8:b5:ff:b7:62:75:ad:
eb:9a:2a:3d:0d:ff:ab:0d:8f:56:6b:55:50:cc:f7:
ec:8a:7d:75:c3:e8:bd:75:5f:ba:15:88:dd:17:0d:
03:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C5:26:2D:C8:D6:CD:C5:56:56:F7:3A:0F:83:CF:77:7F:B9:96:D4
X509v3 Authority Key Identifier:
keyid:15:A0:3A:00:3B:01:87:63:50:75:29:E6:0A:27:83:E8:9E:C6:17:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FaA6ADsBh2NQdSnmCieD6J7GFyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/28UmLcjWzcVWVvc6D4PPd3-5ltQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/494834-f559-40ff-ab1f-f703f4eba553/1/FaA6ADsBh2NQdSnmCieD6J7GFyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2480::/29
Signature Algorithm: sha256WithRSAEncryption
16:6c:98:d5:56:eb:34:5d:c5:de:5c:fd:78:a6:e0:48:93:5d:
ad:17:ef:81:13:6a:59:3c:f7:03:2f:e4:fb:47:df:15:1a:02:
76:2b:45:c8:0e:dc:f6:2a:89:0b:0a:df:e0:28:ca:37:95:64:
a9:db:bb:02:5a:73:c4:50:0a:a2:69:5f:c2:53:73:57:95:44:
ad:7f:8d:cc:73:ff:b6:08:5c:a8:7e:52:3e:b8:5a:30:0b:8c:
1e:9a:06:e8:79:66:1a:d9:d7:20:9e:11:da:7b:78:c8:49:c8:
73:f7:eb:21:0e:ac:0c:db:5a:64:0e:69:4f:6b:1e:a0:b7:6a:
e2:c1:f8:97:6a:70:2b:c4:fd:80:a4:5a:95:54:93:cd:29:0c:
50:ad:b1:d4:b4:65:0c:66:21:99:40:04:71:70:50:94:93:01:
87:67:18:b8:4e:ef:b2:d3:a9:ed:ba:fb:f7:c3:c3:bc:f1:54:
f2:f8:bd:27:43:65:58:99:47:a1:ea:3f:a9:ba:68:5b:78:fd:
a5:7d:58:43:b6:55:59:83:7b:67:b8:60:4c:c9:87:26:1d:c1:
bf:c8:4a:cd:00:18:c2:20:d7:6d:dc:76:ce:c1:cb:cb:f4:84:
7a:88:24:48:c4:af:71:f4:5c:03:01:c1:fe:e1:5a:4b:6a:8c:
e7:df:28:2d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY03JpSedz9WX0p9ZtqpOdUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YTAzYTAwM2IwMTg3NjM1MDc1MjllNjBhMjc4M2U4OWVj
NjE3MjcwHhcNMjQwMTIzMTYyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM1MjYyZGM4ZDZjZGM1NTY1NmY3M2EwZjgzY2Y3NzdmYjk5NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwWynFsGVAR2n5RLppVy5WRcYa1D
zLomGwBvU886r0vvxoUk9sJcieCuCWVMTkymBIJmfVV7elGrtT6oP9CgIO3Zdmvg
FBnEKnB0DxgPep8/OBauKrG7J7Ecn7Ywe2rU6w4e34noQyAPz7vbB8Xe7Sa5QNk+
hSKBBjG/bUSLn19Upc0ZVSknMKekDilNwp+BwAQmeNMwxZ7zSA8cXBHu/TVxE/l6
UDU7rHz0C6qwV3GydLzWPm95gEXM0xGO4Ml0PMImxSFejg0z3f2ZhLK+JsaeJDg0
yeDU2Li1/7dida3rmio9Df+rDY9Wa1VQzPfsin11w+i9dV+6FYjdFw0DKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNvFJi3I1s3FVlb3Og+Dz3d/uZbUMB8GA1UdIwQY
MBaAFBWgOgA7AYdjUHUp5gong+iexhcnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmFBNkFEc0JoMk5RZFNubUNpZUQ2SjdHRnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80OTQ4MzQtZjU1OS00MGZmLWFiMWYt
ZjcwM2Y0ZWJhNTUzLzEvMjhVbUxjald6Y1ZXVnZjNkQ0UFBkMy01bHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80OTQ4MzQtZjU1OS00MGZmLWFiMWYtZjcwM2Y0ZWJhNTUz
LzEvRmFBNkFEc0JoMk5RZFNubUNpZUQ2SjdHRnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgckgDAN
BgkqhkiG9w0BAQsFAAOCAQEAFmyY1VbrNF3F3lz9eKbgSJNdrRfvgRNqWTz3Ay/k
+0ffFRoCditFyA7c9iqJCwrf4CjKN5Vkqdu7AlpzxFAKomlfwlNzV5VErX+NzHP/
tghcqH5SPrhaMAuMHpoG6HlmGtnXIJ4R2nt4yEnIc/frIQ6sDNtaZA5pT2seoLdq
4sH4l2pwK8T9gKRalVSTzSkMUK2x1LRlDGYhmUAEcXBQlJMBh2cYuE7vstOp7br7
98PDvPFU8vi9J0NlWJlHoeo/qbpoW3j9pX1YQ7ZVWYN7Z7hgTMmHJh3Bv8hKzQAY
wiDXbdx2zsHLy/SEeogkSMSvcfRcAwHB/uFaS2qM598oLQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:15:07 2025 by rpki-client