Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/5PHg1NfD2flYXTjXQV0pIgXfZWI.roa
File: 5PHg1NfD2flYXTjXQV0pIgXfZWI.roa (raw, json)
Hash identifier: 3e+dNCH3aInRTjjyfn+AmieFBQg3t0rEnNXZ0TreeaU=
Subject key identifier: E4:F1:E0:D4:D7:C3:D9:F9:58:5D:38:D7:41:5D:29:22:05:DF:65:62
Certificate issuer: /CN=c3623ffbcd2d81f7b379fab425736514a9c8bf53
Certificate serial: 0192E6D303ED5B03E4F39FF83984932D3E75
Authority key identifier: C3:62:3F:FB:CD:2D:81:F7:B3:79:FA:B4:25:73:65:14:A9:C8:BF:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w2I_-80tgfezefq0JXNlFKnIv1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/5PHg1NfD2flYXTjXQV0pIgXfZWI.roa
Signing time: Fri 01 Nov 2024 08:24:01 +0000
ROA not before: Fri 01 Nov 2024 08:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138645
IP address blocks: 139.28.132.0/24 maxlen: 24
139.28.133.0/24 maxlen: 24
139.28.134.0/24 maxlen: 24
139.28.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e6:d3:03:ed:5b:03:e4:f3:9f:f8:39:84:93:2d:3e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3623ffbcd2d81f7b379fab425736514a9c8bf53
Validity
Not Before: Nov 1 08:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4f1e0d4d7c3d9f9585d38d7415d292205df6562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:24:e8:cd:93:87:ee:49:a9:95:ed:59:0f:
2a:dd:67:6f:2f:ed:d4:56:23:e4:70:ea:70:a1:d2:
02:2b:2a:a5:24:1d:5d:14:fd:53:86:50:bb:a4:ae:
b6:f5:03:6a:a9:7f:43:ac:67:21:38:4e:94:42:d3:
17:60:01:ca:2b:44:5f:5c:9b:23:bd:85:96:82:b9:
00:3a:1a:21:4b:c0:e9:68:b4:9b:c9:3b:e5:f6:02:
14:dd:0d:32:bf:b7:83:5b:c8:03:aa:69:53:83:a1:
ff:aa:ce:86:38:cd:de:d9:5a:b5:ce:44:2a:d9:52:
4b:3d:6c:5a:c8:8b:45:ca:17:e8:be:1e:7e:e2:49:
88:9f:5a:d2:7b:67:f1:2a:59:0e:1c:7b:0d:33:6d:
99:d0:b3:64:64:3d:45:58:18:88:82:92:e3:c2:14:
eb:ac:52:df:a5:c0:22:d1:5e:e4:7a:7f:2f:41:98:
16:37:6c:ac:92:8c:f3:b2:17:37:de:4f:a0:c4:df:
c1:6d:f4:1a:b1:2a:ec:b2:c6:7a:43:42:a6:62:5b:
30:95:f3:8d:61:c7:79:1d:5b:08:ad:ec:a9:cb:35:
d9:ab:be:25:d9:00:02:86:5d:aa:ee:0c:58:11:95:
8e:d2:9f:ad:6f:33:32:94:d2:8e:47:8e:6e:20:37:
5b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F1:E0:D4:D7:C3:D9:F9:58:5D:38:D7:41:5D:29:22:05:DF:65:62
X509v3 Authority Key Identifier:
keyid:C3:62:3F:FB:CD:2D:81:F7:B3:79:FA:B4:25:73:65:14:A9:C8:BF:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w2I_-80tgfezefq0JXNlFKnIv1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/5PHg1NfD2flYXTjXQV0pIgXfZWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/64e19c-3ef3-4fbb-85ae-e6c60032208c/1/w2I_-80tgfezefq0JXNlFKnIv1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.132.0/22
Signature Algorithm: sha256WithRSAEncryption
73:30:71:5f:88:64:f9:11:ed:cc:ef:47:35:8b:29:8d:57:ab:
87:17:eb:aa:21:75:ae:c4:eb:e0:7b:15:70:25:21:37:ba:58:
a6:20:9a:b6:65:51:5b:97:06:4a:10:88:91:a8:83:e1:b7:5a:
43:f8:9b:ed:83:51:c4:c8:8f:ba:fe:9f:b4:8a:48:9b:8a:30:
5d:b7:f3:11:48:30:1c:67:b5:ce:4f:61:81:5b:c4:20:e5:49:
73:b8:64:48:45:cb:a6:35:2f:73:5b:e0:77:34:34:26:ed:4b:
f5:c1:78:07:8f:86:49:3d:1f:2a:85:67:77:44:08:90:03:dd:
c0:42:8c:aa:87:da:a6:71:0f:5e:fa:e1:13:cc:e6:9b:9e:24:
f1:ae:b2:85:74:f3:1a:54:1a:93:ce:e0:78:34:71:81:56:4d:
7d:54:51:bf:11:d1:a7:aa:70:6e:4a:36:b2:f0:4b:77:a4:79:
d9:c7:d7:32:64:2f:78:a6:ee:b1:b3:b9:54:c3:b9:8b:c7:77:
4c:85:a4:5b:78:32:ba:74:5b:07:ff:69:49:10:ab:df:a6:59:
48:b9:c9:e5:77:7b:fe:4b:fc:1f:77:c6:29:e9:ee:fa:83:12:
83:f8:d4:62:2c:4d:5d:2a:fc:c7:1a:f2:fb:a9:c8:f9:be:3c:
c3:67:0e:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLm0wPtWwPk85/4OYSTLT51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNjIzZmZiY2QyZDgxZjdiMzc5ZmFiNDI1NzM2NTE0YTlj
OGJmNTMwHhcNMjQxMTAxMDgyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGYxZTBkNGQ3YzNkOWY5NTg1ZDM4ZDc0MTVkMjkyMjA1ZGY2NTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6Ik6M2Th+5JqZXtWQ8q3WdvL+3U
ViPkcOpwodICKyqlJB1dFP1ThlC7pK629QNqqX9DrGchOE6UQtMXYAHKK0RfXJsj
vYWWgrkAOhohS8DpaLSbyTvl9gIU3Q0yv7eDW8gDqmlTg6H/qs6GOM3e2Vq1zkQq
2VJLPWxayItFyhfovh5+4kmIn1rSe2fxKlkOHHsNM22Z0LNkZD1FWBiIgpLjwhTr
rFLfpcAi0V7ken8vQZgWN2yskozzshc33k+gxN/BbfQasSrsssZ6Q0KmYlswlfON
Ycd5HVsIreypyzXZq74l2QAChl2q7gxYEZWO0p+tbzMylNKOR45uIDdbwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTx4NTXw9n5WF0410FdKSIF32ViMB8GA1UdIwQY
MBaAFMNiP/vNLYH3s3n6tCVzZRSpyL9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzJJXy04MHRnZmV6ZWZxMEpYTmxGS25JdjFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NGUxOWMtM2VmMy00ZmJiLTg1YWUt
ZTZjNjAwMzIyMDhjLzEvNVBIZzFOZkQyZmxZWFRqWFFWMHBJZ1hmWldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NGUxOWMtM2VmMy00ZmJiLTg1YWUtZTZjNjAwMzIyMDhj
LzEvdzJJXy04MHRnZmV6ZWZxMEpYTmxGS25JdjFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixyEMA0G
CSqGSIb3DQEBCwUAA4IBAQBzMHFfiGT5Ee3M70c1iymNV6uHF+uqIXWuxOvgexVw
JSE3ulimIJq2ZVFblwZKEIiRqIPht1pD+Jvtg1HEyI+6/p+0ikibijBdt/MRSDAc
Z7XOT2GBW8Qg5UlzuGRIRcumNS9zW+B3NDQm7Uv1wXgHj4ZJPR8qhWd3RAiQA93A
Qoyqh9qmcQ9e+uETzOabniTxrrKFdPMaVBqTzuB4NHGBVk19VFG/EdGnqnBuSjay
8Et3pHnZx9cyZC94pu6xs7lUw7mLx3dMhaRbeDK6dFsH/2lJEKvfpllIucnld3v+
S/wfd8Yp6e76gxKD+NRiLE1dKvzHGvL7qcj5vjzDZw4u
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:22:29 2024 by rpki-client on console.sobornost.net