Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/OXid8ZIo0gYd60wcu8PCjC7LJPY.roa
File: OXid8ZIo0gYd60wcu8PCjC7LJPY.roa (raw, json)
Hash identifier: rslXzL1goIGJkIHIKNU4kWEWp+av7vzPHwq4yajVlZ8=
Subject key identifier: 39:78:9D:F1:92:28:D2:06:1D:EB:4C:1C:BB:C3:C2:8C:2E:CB:24:F6
Certificate issuer: /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial: 0195BEA83675DBBAA6D79A1C75156DD7C5C7
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/OXid8ZIo0gYd60wcu8PCjC7LJPY.roa
Signing time: Sat 22 Mar 2025 16:20:49 +0000
ROA not before: Sat 22 Mar 2025 16:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 5.28.40.0/21 maxlen: 21
5.28.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:be:a8:36:75:db:ba:a6:d7:9a:1c:75:15:6d:d7:c5:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Validity
Not Before: Mar 22 16:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39789df19228d2061deb4c1cbbc3c28c2ecb24f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:bd:1f:fb:04:18:a0:11:2f:b5:55:34:ff:
40:55:c6:cf:e6:e5:c2:a8:12:d9:47:8e:14:b6:2b:
db:c0:fb:cd:6d:0d:0f:ce:15:54:57:7a:b9:f6:55:
83:a4:ca:8f:99:12:e7:70:2d:77:6d:56:0f:95:cd:
56:83:75:73:ba:24:e1:ad:a1:60:cd:ff:f9:91:e0:
d0:9e:e2:45:9a:90:1a:d4:7c:bf:59:ae:ac:69:ed:
b4:d3:8f:db:d7:de:4e:70:3c:54:bc:a8:05:9b:58:
e0:55:cf:d0:a4:8a:58:63:25:ae:6d:4b:9f:0d:dc:
8a:4f:8c:5c:db:1e:bb:1f:66:2d:a5:9d:17:a0:d8:
94:e1:19:5c:af:66:24:e3:70:c7:ee:97:c0:98:d5:
a9:26:97:a0:e3:fd:52:dd:a6:0c:79:e0:5b:f2:26:
7a:e8:34:9c:07:de:d3:cf:af:79:45:76:3d:7f:cf:
6d:79:e6:97:82:c3:36:91:22:97:3f:47:09:d3:65:
69:d9:a7:07:49:37:87:11:26:9e:e7:10:e6:a6:35:
8b:50:01:a9:22:7d:d8:d0:d5:ff:06:e7:fc:8c:3d:
2e:f1:69:d8:a7:65:87:f7:31:54:05:2a:1f:c6:ec:
cb:e8:5b:34:e3:88:19:65:5c:61:a3:c6:be:24:13:
23:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:78:9D:F1:92:28:D2:06:1D:EB:4C:1C:BB:C3:C2:8C:2E:CB:24:F6
X509v3 Authority Key Identifier:
keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/OXid8ZIo0gYd60wcu8PCjC7LJPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.40.0/21
Signature Algorithm: sha256WithRSAEncryption
84:cc:5c:42:cb:52:d1:09:be:20:0d:d8:b6:65:a2:cf:fe:e2:
84:ca:11:48:95:63:b1:eb:3a:31:52:f8:64:88:9f:7b:d0:49:
2b:5f:1e:45:b1:92:82:69:6f:6e:38:bc:fc:b1:d1:d4:1d:0c:
9e:65:49:d4:32:d9:1f:8e:38:21:18:a7:81:dc:4f:fe:b1:a0:
39:92:71:a1:74:37:98:83:be:01:60:d0:2c:27:90:01:d8:1a:
85:75:10:89:80:65:d2:7c:95:cd:3c:de:2d:dd:f4:be:11:b6:
b5:b2:9c:14:27:c3:b7:99:49:55:6c:17:50:99:74:eb:5a:2b:
fe:db:65:93:38:81:8c:c9:07:a9:e9:d8:5d:ba:3b:ca:fa:53:
6e:1d:f2:72:99:50:45:1b:ec:d3:2f:72:91:d0:e7:ab:a4:a9:
6d:96:67:5d:90:26:e3:d5:eb:89:7f:96:9e:d5:99:92:57:0e:
80:bc:0f:a8:b5:4b:16:9a:58:44:d7:8b:3e:86:5c:b1:74:bc:
78:21:8d:bc:13:21:77:07:4d:3b:6c:26:40:f9:f3:57:0b:1e:
16:64:d6:7f:4e:90:cf:5b:fc:5b:6c:0f:e8:ea:ae:4b:3b:08:
1b:f6:c9:3b:ec:58:99:a7:d5:39:69:0f:e1:bc:ce:2a:5f:d1:
9e:09:19:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW+qDZ127qm15ocdRVt18XHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGU2ODcwMmVmNWQ0OGM0ZjJiMDcyZDljYjQ3M2U2MmI4
N2IzZTQwHhcNMjUwMzIyMTYyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc4OWRmMTkyMjhkMjA2MWRlYjRjMWNiYmMzYzI4YzJlY2IyNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+S9H/sEGKARL7VVNP9AVcbP5uXC
qBLZR44UtivbwPvNbQ0PzhVUV3q59lWDpMqPmRLncC13bVYPlc1Wg3VzuiThraFg
zf/5keDQnuJFmpAa1Hy/Wa6sae2004/b195OcDxUvKgFm1jgVc/QpIpYYyWubUuf
DdyKT4xc2x67H2YtpZ0XoNiU4Rlcr2Yk43DH7pfAmNWpJpeg4/1S3aYMeeBb8iZ6
6DScB97Tz695RXY9f89teeaXgsM2kSKXP0cJ02Vp2acHSTeHESae5xDmpjWLUAGp
In3Y0NX/Buf8jD0u8WnYp2WH9zFUBSofxuzL6Fs044gZZVxho8a+JBMjPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDl4nfGSKNIGHetMHLvDwowuyyT2MB8GA1UdIwQY
MBaAFEqOaHAu9dSMTysHLZy0c+Yrh7PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWIt
MWM0YmI1OGFiNzIwLzEvT1hpZDhaSW8wZ1lkNjB3Y3U4UENqQzdMSlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWItMWM0YmI1OGFiNzIw
LzEvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBRwoMA0G
CSqGSIb3DQEBCwUAA4IBAQCEzFxCy1LRCb4gDdi2ZaLP/uKEyhFIlWOx6zoxUvhk
iJ970EkrXx5FsZKCaW9uOLz8sdHUHQyeZUnUMtkfjjghGKeB3E/+saA5knGhdDeY
g74BYNAsJ5AB2BqFdRCJgGXSfJXNPN4t3fS+Eba1spwUJ8O3mUlVbBdQmXTrWiv+
22WTOIGMyQep6dhdujvK+lNuHfJymVBFG+zTL3KR0OerpKltlmddkCbj1euJf5ae
1ZmSVw6AvA+otUsWmlhE14s+hlyxdLx4IY28EyF3B007bCZA+fNXCx4WZNZ/TpDP
W/xbbA/o6q5LOwgb9sk77FiZp9U5aQ/hvM4qX9GeCRmO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:40 2025 by rpki-client on console.sobornost.net