Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/28eWeEca87xp2J6gx7u3LUnP0HI.roa
File: 28eWeEca87xp2J6gx7u3LUnP0HI.roa (raw, json)
Hash identifier: G2GQnhHD+rrEhoMVtB3GTVjizi6I0FldoXw7sVSWKCA=
Subject key identifier: DB:C7:96:78:47:1A:F3:BC:69:D8:9E:A0:C7:BB:B7:2D:49:CF:D0:72
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018A07E46B9D4CA4E4DB3C7584DEA64F8DA5
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/28eWeEca87xp2J6gx7u3LUnP0HI.roa
Signing time: Fri 18 Aug 2023 09:05:24 +0000
ROA not before: Fri 18 Aug 2023 09:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53358
IP address blocks: 2a05:f300::/29 maxlen: 29
2a12:4b40::/29 maxlen: 29
2a13:c800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:e4:6b:9d:4c:a4:e4:db:3c:75:84:de:a6:4f:8d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Aug 18 09:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbc79678471af3bc69d89ea0c7bbb72d49cfd072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d2:23:73:43:f2:67:e7:37:a6:85:29:cb:0b:
d8:77:e2:26:8f:fa:1b:ec:8c:d3:22:b7:2e:1f:e6:
7b:1f:68:19:0c:ab:63:6f:c6:6f:f3:76:ae:28:80:
32:66:05:7b:0a:c6:9e:c1:cd:48:ff:ed:0c:58:33:
e0:fc:4c:f1:9a:28:14:f4:65:eb:62:e8:8e:c7:d1:
51:ef:69:69:e8:1d:96:ab:79:10:21:ab:bd:c9:ae:
aa:64:06:b3:46:f3:68:f0:cb:40:5a:c7:93:88:ee:
77:82:12:31:43:b8:6b:24:c8:27:a8:38:ec:eb:03:
45:7a:34:9f:0e:4b:03:95:dc:e8:c0:7f:05:cd:f9:
4b:44:60:49:00:f0:08:c6:ba:5d:3e:d4:7d:76:ac:
f9:aa:4f:d5:8d:b3:6b:5a:34:44:22:95:fc:71:34:
1f:e7:2b:ae:07:a6:04:b8:12:c8:ad:0a:f4:ba:82:
15:04:0e:10:0a:62:73:e4:45:b3:be:d2:46:1d:be:
f6:45:26:1c:b9:3b:89:86:a8:90:ed:1a:aa:16:ad:
fc:db:56:09:9f:0f:d0:f3:ab:70:3c:58:8c:82:06:
50:f3:83:c1:a5:09:5f:53:b6:6c:1a:fc:01:c3:1d:
ac:88:f2:77:32:ec:56:51:55:86:b8:e8:6e:68:27:
ec:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C7:96:78:47:1A:F3:BC:69:D8:9E:A0:C7:BB:B7:2D:49:CF:D0:72
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/28eWeEca87xp2J6gx7u3LUnP0HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
2a12:4b40::/29
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
2b:46:7a:a4:41:5a:9b:dd:a0:b0:1d:3f:b1:e9:23:fa:b7:ac:
2c:35:e3:64:df:e7:7d:94:a9:15:ae:65:6a:f2:fc:ae:7b:b8:
4c:a0:33:b4:1e:6c:16:ce:aa:bd:07:86:1d:0b:93:a0:49:49:
a6:44:6d:fc:4d:c2:b6:45:44:f5:35:35:ea:42:8e:92:c4:66:
20:e8:26:16:e2:04:94:1b:93:0c:c4:10:c3:c1:66:05:26:38:
2d:cb:5e:91:ef:54:c5:88:b8:5b:12:cc:a5:ae:6e:90:01:c3:
b8:fc:be:2d:6b:f6:57:0d:16:05:5f:ab:fa:98:01:cd:ae:ec:
ca:0f:79:7a:3b:4f:b3:1f:dd:f0:1f:c2:5f:a7:35:ed:32:04:
29:03:b6:54:34:b6:2c:66:4d:2d:97:1c:35:55:8f:11:f9:cb:
a2:de:74:cd:e4:e8:51:df:4a:8a:5d:07:43:f6:54:70:22:b1:
fd:f9:be:a9:e2:aa:60:7f:10:9d:13:29:c6:e1:02:88:f6:f8:
1b:6a:8d:9b:ce:52:18:5e:07:98:18:be:3a:06:23:70:f9:48:
d1:f1:eb:b0:2f:50:b9:14:6e:c7:33:16:cc:56:a9:8a:0a:d9:
c1:bb:f7:c8:dc:1c:f0:10:4b:2e:db:c2:83:1a:e5:30:a1:95:
99:bc:cc:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoH5GudTKTk2zx1hN6mT42lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwODE4MDkwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM3OTY3ODQ3MWFmM2JjNjlkODllYTBjN2JiYjcyZDQ5Y2ZkMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9Ijc0PyZ+c3poUpywvYd+Imj/ob
7IzTIrcuH+Z7H2gZDKtjb8Zv83auKIAyZgV7Csaewc1I/+0MWDPg/EzxmigU9GXr
YuiOx9FR72lp6B2Wq3kQIau9ya6qZAazRvNo8MtAWseTiO53ghIxQ7hrJMgnqDjs
6wNFejSfDksDldzowH8FzflLRGBJAPAIxrpdPtR9dqz5qk/VjbNrWjREIpX8cTQf
5yuuB6YEuBLIrQr0uoIVBA4QCmJz5EWzvtJGHb72RSYcuTuJhqiQ7RqqFq3821YJ
nw/Q86twPFiMggZQ84PBpQlfU7ZsGvwBwx2siPJ3MuxWUVWGuOhuaCfs9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNvHlnhHGvO8adieoMe7ty1Jz9ByMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvMjhlV2VFY2E4N3hwMko2Z3g3dTNMVW5QMEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgXzAAMF
AyoSS0ADBQMqE8gAMA0GCSqGSIb3DQEBCwUAA4IBAQArRnqkQVqb3aCwHT+x6SP6
t6wsNeNk3+d9lKkVrmVq8vyue7hMoDO0HmwWzqq9B4YdC5OgSUmmRG38TcK2RUT1
NTXqQo6SxGYg6CYW4gSUG5MMxBDDwWYFJjgty16R71TFiLhbEsylrm6QAcO4/L4t
a/ZXDRYFX6v6mAHNruzKD3l6O0+zH93wH8JfpzXtMgQpA7ZUNLYsZk0tlxw1VY8R
+cui3nTN5OhR30qKXQdD9lRwIrH9+b6p4qpgfxCdEynG4QKI9vgbao2bzlIYXgeY
GL46BiNw+UjR8euwL1C5FG7HMxbMVqmKCtnBu/fI3BzwEEsu28KDGuUwoZWZvMwi
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:45:12 2025 by rpki-client