Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/Cb8GvWaqJEP99Z_1Zf6W9V1dLBE.roa
File: Cb8GvWaqJEP99Z_1Zf6W9V1dLBE.roa (raw, json)
Hash identifier: uP8GgxIXXmDUgYigzqGg9J8WDHDnaKE1GYwFp10x32c=
Subject key identifier: 09:BF:06:BD:66:AA:24:43:FD:F5:9F:F5:65:FE:96:F5:5D:5D:2C:11
Certificate issuer: /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial: 019446910ED47FC645F19A02DF081D3144FF
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/Cb8GvWaqJEP99Z_1Zf6W9V1dLBE.roa
Signing time: Wed 08 Jan 2025 15:38:19 +0000
ROA not before: Wed 08 Jan 2025 15:38:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214197
IP address blocks: 5.28.40.0/21 maxlen: 24
5.28.47.0/24 maxlen: 24
2a05:e980::/29 maxlen: 32
2a05:e980::/32 maxlen: 32
2a05:e987::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:46:91:0e:d4:7f:c6:45:f1:9a:02:df:08:1d:31:44:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Validity
Not Before: Jan 8 15:38:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09bf06bd66aa2443fdf59ff565fe96f55d5d2c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:85:9b:08:46:53:42:b6:59:8e:9c:80:6a:
6f:34:de:bb:67:3a:c7:c6:7b:5a:8a:42:ea:2e:b2:
29:84:53:19:ed:63:7c:58:b3:8e:c0:ca:03:04:24:
0c:7a:b9:0b:4c:0c:2a:ff:b2:3f:78:7f:f8:9d:5f:
8c:5e:a3:77:33:cc:88:a7:f5:44:e6:dc:84:44:4a:
c2:3d:b9:6c:2e:f1:88:5d:a4:91:63:46:45:6f:7e:
92:79:66:c6:96:ea:17:b7:e5:9c:63:6a:a9:b4:67:
34:77:0b:96:dc:7e:bb:9c:82:67:5e:35:c5:eb:7e:
a0:23:de:89:26:80:d9:53:65:9a:1e:d7:0d:6c:1d:
12:85:91:af:73:ec:86:c8:1f:4d:b8:9e:cd:ff:d7:
ea:62:1d:d4:70:56:cb:78:a0:83:c3:e6:3f:56:b3:
8f:30:1d:b0:03:ec:ed:4a:dd:53:07:0d:b9:f4:f6:
53:0a:de:e2:2b:db:f9:7d:9c:db:09:0d:3a:23:85:
b1:c0:48:ad:a9:78:53:06:8a:95:48:f4:02:28:40:
39:5b:e8:e1:32:3d:b5:91:74:12:b4:f1:a3:26:b3:
55:6a:f5:cb:09:b2:e5:1b:6a:fa:5e:65:41:f7:86:
8e:6a:35:69:41:a3:c6:28:fa:66:97:9f:97:52:2c:
7a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BF:06:BD:66:AA:24:43:FD:F5:9F:F5:65:FE:96:F5:5D:5D:2C:11
X509v3 Authority Key Identifier:
keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/Cb8GvWaqJEP99Z_1Zf6W9V1dLBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.40.0/21
IPv6:
2a05:e980::/29
Signature Algorithm: sha256WithRSAEncryption
3a:c0:8d:0b:11:e6:1d:7c:8c:8a:17:54:9e:b3:6a:bf:44:d5:
bf:17:c3:24:06:11:a8:68:14:34:1d:f8:87:14:c6:06:44:87:
79:55:30:2a:e5:ba:c9:84:e7:87:1b:10:31:74:73:ce:69:a5:
c2:55:10:03:b2:fe:9b:20:81:45:7b:38:5a:e5:c3:7c:72:0c:
12:b4:56:9c:60:db:02:18:4a:13:00:cc:d3:0d:f1:02:94:ca:
93:e8:2e:fc:48:53:0a:73:a0:2a:20:0a:3c:2f:56:3d:ea:b9:
8b:c3:10:59:dd:7c:c5:1b:91:0c:96:73:64:ef:65:b2:6a:09:
4b:a1:7f:f4:86:02:60:c1:f0:d7:d8:51:5e:72:90:5b:94:93:
f4:5d:63:b2:5d:f2:88:35:ec:8a:b9:b7:0b:8e:f4:08:b1:04:
fa:a7:c1:5d:db:f2:ea:8c:04:e5:00:b1:0c:0b:ad:d2:78:16:
08:77:54:b5:8e:8a:f0:39:df:3e:91:3d:fa:9b:0e:49:02:ae:
e4:6a:34:4c:46:64:b6:32:7f:f2:90:93:52:7a:f1:35:21:9c:
15:a4:95:64:d7:8b:1e:3d:73:d0:f5:59:03:23:9d:1f:5b:73:
3d:d6:ac:bd:b9:0a:d6:9a:c4:53:2e:9b:73:d2:9a:75:d5:e4:
2f:74:4d:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRGkQ7Uf8ZF8ZoC3wgdMUT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGU2ODcwMmVmNWQ0OGM0ZjJiMDcyZDljYjQ3M2U2MmI4
N2IzZTQwHhcNMjUwMTA4MTUzODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWJmMDZiZDY2YWEyNDQzZmRmNTlmZjU2NWZlOTZmNTVkNWQyYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyqFmwhGU0K2WY6cgGpvNN67ZzrH
xntaikLqLrIphFMZ7WN8WLOOwMoDBCQMerkLTAwq/7I/eH/4nV+MXqN3M8yIp/VE
5tyERErCPblsLvGIXaSRY0ZFb36SeWbGluoXt+WcY2qptGc0dwuW3H67nIJnXjXF
636gI96JJoDZU2WaHtcNbB0ShZGvc+yGyB9NuJ7N/9fqYh3UcFbLeKCDw+Y/VrOP
MB2wA+ztSt1TBw259PZTCt7iK9v5fZzbCQ06I4WxwEitqXhTBoqVSPQCKEA5W+jh
Mj21kXQStPGjJrNVavXLCbLlG2r6XmVB94aOajVpQaPGKPpml5+XUix6EQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAm/Br1mqiRD/fWf9WX+lvVdXSwRMB8GA1UdIwQY
MBaAFEqOaHAu9dSMTysHLZy0c+Yrh7PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWIt
MWM0YmI1OGFiNzIwLzEvQ2I4R3ZXYXFKRVA5OVpfMVpmNlc5VjFkTEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWItMWM0YmI1OGFiNzIw
LzEvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBRwoMA0E
AgACMAcDBQMqBemAMA0GCSqGSIb3DQEBCwUAA4IBAQA6wI0LEeYdfIyKF1Ses2q/
RNW/F8MkBhGoaBQ0HfiHFMYGRId5VTAq5brJhOeHGxAxdHPOaaXCVRADsv6bIIFF
ezha5cN8cgwStFacYNsCGEoTAMzTDfEClMqT6C78SFMKc6AqIAo8L1Y96rmLwxBZ
3XzFG5EMlnNk72WyaglLoX/0hgJgwfDX2FFecpBblJP0XWOyXfKINeyKubcLjvQI
sQT6p8Fd2/LqjATlALEMC63SeBYId1S1jorwOd8+kT36mw5JAq7kajRMRmS2Mn/y
kJNSevE1IZwVpJVk14sePXPQ9VkDI50fW3M91qy9uQrWmsRTLptz0pp11eQvdE1c
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:40 2025 by rpki-client on console.sobornost.net