Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/NpEQQ6T9aVptT2KcAU9qB9-deTo.roa
File: NpEQQ6T9aVptT2KcAU9qB9-deTo.roa (raw, json)
Hash identifier: V25DurbdNpjhByTtNYzzliIkfyOB4iKBrQpwxulmxQk=
Subject key identifier: 36:91:10:43:A4:FD:69:5A:6D:4F:62:9C:01:4F:6A:07:DF:9D:79:3A
Certificate issuer: /CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Certificate serial: 01942143F7D1E5E2BA3B7A8013F4A22ED8A6
Authority key identifier: 42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/NpEQQ6T9aVptT2KcAU9qB9-deTo.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 139.28.192.0/22 maxlen: 22
139.28.192.0/23 maxlen: 23
139.28.194.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f7:d1:e5:e2:ba:3b:7a:80:13:f4:a2:2e:d8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36911043a4fd695a6d4f629c014f6a07df9d793a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:63:70:ab:4a:fb:c4:b9:d5:d0:cd:f3:86:39:
46:f5:eb:ac:81:05:3e:c5:9e:93:23:35:5a:2c:14:
92:78:cf:66:3d:c1:0c:8e:6c:05:06:9d:98:a2:c7:
ad:35:30:87:34:7e:ab:e1:64:d8:fb:3b:37:8a:a4:
23:40:19:23:d4:04:f9:9e:f9:e0:3f:ab:c3:53:95:
94:99:9c:ac:2c:44:3e:57:46:13:6e:57:1d:d3:3b:
4c:41:fc:5e:e0:55:3c:5b:49:54:87:0e:57:ee:dd:
3e:86:ac:5d:4f:c2:6a:09:20:e6:38:91:e3:df:7d:
8a:0f:bb:b6:cf:6e:80:b2:d4:b5:d7:34:b3:0c:18:
ca:07:ab:9b:00:4a:57:54:dd:0e:5a:1c:76:e6:b8:
12:f4:09:18:7f:07:b9:fe:46:02:05:75:2e:21:31:
5e:33:af:7a:3d:eb:a2:2e:f2:7f:1c:8f:1c:43:59:
cd:9c:8b:8b:b6:f1:39:b2:44:4d:a2:f7:d5:9d:f8:
6c:0b:35:0e:ec:3e:e4:d4:bf:2c:20:1b:ff:c4:3b:
14:ad:4e:08:8b:45:24:dd:b9:e5:f0:37:37:fa:cb:
19:f1:06:52:04:fe:9c:3f:f8:c7:d0:98:e5:b4:79:
e0:62:9e:29:8e:6f:30:e1:0c:b7:00:30:5e:9d:b6:
61:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:91:10:43:A4:FD:69:5A:6D:4F:62:9C:01:4F:6A:07:DF:9D:79:3A
X509v3 Authority Key Identifier:
keyid:42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/NpEQQ6T9aVptT2KcAU9qB9-deTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:48:c9:82:03:50:17:52:b2:05:23:e7:a8:33:b7:fc:42:a2:
86:e2:9f:c3:6e:d7:e0:81:cc:aa:98:8e:a3:62:c6:5e:90:d2:
f9:f5:0e:a3:d1:97:84:76:b0:34:ac:1a:d7:1e:39:ef:29:a6:
7b:8f:6f:3b:1b:38:fd:08:67:85:07:55:99:f8:51:a5:d3:b4:
23:e7:f0:f3:af:45:29:9e:a7:62:58:70:16:09:49:73:54:33:
36:70:af:e6:95:aa:f9:8e:6d:e1:1f:50:90:dc:76:49:56:61:
e3:39:9f:8d:72:2d:9e:e6:4b:7b:08:12:a6:07:29:ea:3e:c7:
ce:3b:c2:cc:96:dd:24:70:70:ee:b1:dc:7d:b6:80:22:1a:b4:
f2:68:ca:b9:ca:3a:11:8b:dc:fe:ac:1d:29:92:d3:df:dd:67:
12:ac:de:cb:7d:27:07:b3:e8:b2:76:61:4d:a5:e0:ce:71:4d:
8f:fa:84:0f:44:d7:29:c2:e5:f4:b2:8b:17:0b:db:70:72:47:
df:17:cb:51:13:70:b8:8e:78:5c:29:d7:65:9e:53:32:2e:37:
8f:65:94:58:16:20:fb:fb:88:34:56:c4:b3:75:b2:68:53:e8:
cf:ff:b6:e0:fd:1f:4c:9c:22:3c:24:88:d1:5e:53:9e:13:2f:
57:8e:5f:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/fR5eK6O3qAE/SiLtimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODU4MjFiYjdhODQ0NWVmYmY0MzNkNGMxOTg5MGE3ZmE5
NDlmYTgwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjkxMTA0M2E0ZmQ2OTVhNmQ0ZjYyOWMwMTRmNmEwN2RmOWQ3OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGNwq0r7xLnV0M3zhjlG9eusgQU+
xZ6TIzVaLBSSeM9mPcEMjmwFBp2YosetNTCHNH6r4WTY+zs3iqQjQBkj1AT5nvng
P6vDU5WUmZysLEQ+V0YTblcd0ztMQfxe4FU8W0lUhw5X7t0+hqxdT8JqCSDmOJHj
332KD7u2z26AstS11zSzDBjKB6ubAEpXVN0OWhx25rgS9AkYfwe5/kYCBXUuITFe
M696PeuiLvJ/HI8cQ1nNnIuLtvE5skRNovfVnfhsCzUO7D7k1L8sIBv/xDsUrU4I
i0Uk3bnl8Dc3+ssZ8QZSBP6cP/jH0JjltHngYp4pjm8w4Qy3ADBenbZhQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDaREEOk/WlabU9inAFPagffnXk6MB8GA1UdIwQY
MBaAFEKFghu3qERe+/Qz1MGYkKf6lJ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjct
OGEzZDhkYzM1OGViLzEvTnBFUVE2VDlhVnB0VDJLY0FVOXFCOS1kZVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjctOGEzZDhkYzM1OGVi
LzEvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixzAMA0G
CSqGSIb3DQEBCwUAA4IBAQCoSMmCA1AXUrIFI+eoM7f8QqKG4p/DbtfggcyqmI6j
YsZekNL59Q6j0ZeEdrA0rBrXHjnvKaZ7j287Gzj9CGeFB1WZ+FGl07Qj5/Dzr0Up
nqdiWHAWCUlzVDM2cK/mlar5jm3hH1CQ3HZJVmHjOZ+Nci2e5kt7CBKmBynqPsfO
O8LMlt0kcHDusdx9toAiGrTyaMq5yjoRi9z+rB0pktPf3WcSrN7LfScHs+iydmFN
peDOcU2P+oQPRNcpwuX0sosXC9twckffF8tRE3C4jnhcKddlnlMyLjePZZRYFiD7
+4g0VsSzdbJoU+jP/7bg/R9MnCI8JIjRXlOeEy9Xjl9N
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:17 2025 by rpki-client on console.sobornost.net