Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/eVvmAEAIedlVHCPd9SMP0Bncqxc.roa
File: eVvmAEAIedlVHCPd9SMP0Bncqxc.roa (raw, json)
Hash identifier: 4VuWPxpiNhIPFJNGqrNiqAkoBmgIxFNuRTiyh6Py9uk=
Subject key identifier: 79:5B:E6:00:40:08:79:D9:55:1C:23:DD:F5:23:0F:D0:19:DC:AB:17
Certificate issuer: /CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Certificate serial: 0194222011961B3A31889F33B8A950C5F625
Authority key identifier: 65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/eVvmAEAIedlVHCPd9SMP0Bncqxc.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62214
IP address blocks: 139.28.140.0/22 maxlen: 22
2a09:740::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:11:96:1b:3a:31:88:9f:33:b8:a9:50:c5:f6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=795be600400879d9551c23ddf5230fd019dcab17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:d4:49:5e:e1:46:ac:41:ae:3f:04:fb:e5:
21:a3:c6:b2:e7:8d:28:c4:e2:00:9f:9f:97:39:1a:
b2:25:a4:08:3b:d4:3d:ec:91:aa:16:f4:08:53:6d:
1c:b2:37:a9:94:0e:25:37:94:e7:6f:4b:c4:5e:aa:
4a:7f:f9:e6:95:39:bc:06:78:3d:a9:a1:a8:94:ee:
2a:ac:62:92:a2:e9:83:69:f2:ad:24:8e:05:f3:09:
74:da:d9:03:db:0c:11:67:c1:3c:f6:61:5f:f5:c8:
02:61:e5:ff:e9:73:dc:b5:b8:6e:6d:9b:aa:41:14:
41:2d:ee:cb:2e:ef:e2:17:24:00:35:75:1b:c1:0d:
d6:40:92:7b:b3:75:b2:72:da:64:ee:4d:4b:df:67:
b4:2e:9c:98:c5:67:fa:15:32:5e:49:f8:9c:7d:04:
74:8e:74:a7:94:16:42:a9:bc:34:c8:f9:d9:79:5c:
63:71:5d:15:01:eb:67:64:c9:de:eb:9a:b8:06:2d:
a9:1e:94:0a:09:3e:3a:75:d6:6c:1f:0c:f5:4e:10:
f5:22:7c:26:b7:77:9d:3d:15:af:ed:be:2b:4d:1f:
4e:2e:f7:b3:da:f5:0b:06:9c:e0:b6:ee:f9:e2:0a:
98:bf:ce:70:19:0c:a8:e8:74:c4:c1:c8:30:5a:af:
25:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5B:E6:00:40:08:79:D9:55:1C:23:DD:F5:23:0F:D0:19:DC:AB:17
X509v3 Authority Key Identifier:
keyid:65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/eVvmAEAIedlVHCPd9SMP0Bncqxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.140.0/22
IPv6:
2a09:740::/32
Signature Algorithm: sha256WithRSAEncryption
5d:74:69:23:3d:fc:9f:57:f7:ba:91:e4:22:f4:2c:ea:25:31:
78:af:9b:7f:c3:97:0d:2a:d4:5a:16:74:ee:9f:68:75:77:e1:
5d:89:36:ad:eb:cd:a6:fa:9f:bb:57:c0:37:6c:25:0f:26:bb:
15:19:86:a4:e5:2f:2d:ed:22:2b:1a:df:42:2b:5e:46:d5:7d:
3b:45:4f:5a:26:3d:e0:d2:7c:8f:e2:2b:4f:f0:f0:ef:46:db:
f5:64:c5:1d:b2:8e:5b:a5:31:ce:b5:c6:99:93:5a:e3:e4:87:
b7:a9:be:24:e7:e6:b2:82:d7:1f:b0:74:c9:2e:6b:3b:db:cb:
5d:e0:64:c7:c6:70:a3:c2:42:ca:8f:e2:06:3c:53:46:0c:3a:
a7:83:f6:3c:2b:8d:4e:2e:f8:34:fd:06:87:7c:94:ff:88:40:
f9:2b:2a:69:de:3b:a5:a4:b8:b9:25:22:a8:c5:ee:8d:9d:b5:
12:10:7a:54:b2:38:6b:23:ba:31:f7:0b:79:9a:5a:c7:22:6c:
1a:18:ab:08:17:40:c1:e2:8d:1d:01:e7:d6:8b:4e:26:6e:c8:
d0:42:0b:34:0a:fd:3b:94:a2:b8:14:37:8f:03:20:23:49:50:
a6:6d:c0:23:6a:a3:5b:3f:b4:8a:cd:28:59:cf:d9:f3:9d:37:
eb:85:49:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIBGWGzoxiJ8zuKlQxfYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmYjg5YThhMjNjYmU0ZjJhZGIxNjVjODlmMjZkZThh
Yjc4NzYwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTViZTYwMDQwMDg3OWQ5NTUxYzIzZGRmNTIzMGZkMDE5ZGNhYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAXUSV7hRqxBrj8E++Uho8ay540o
xOIAn5+XORqyJaQIO9Q97JGqFvQIU20csjeplA4lN5Tnb0vEXqpKf/nmlTm8Bng9
qaGolO4qrGKSoumDafKtJI4F8wl02tkD2wwRZ8E89mFf9cgCYeX/6XPctbhubZuq
QRRBLe7LLu/iFyQANXUbwQ3WQJJ7s3Wyctpk7k1L32e0LpyYxWf6FTJeSficfQR0
jnSnlBZCqbw0yPnZeVxjcV0VAetnZMne65q4Bi2pHpQKCT46ddZsHwz1ThD1Inwm
t3edPRWv7b4rTR9OLvez2vULBpzgtu754gqYv85wGQyo6HTEwcgwWq8lswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHlb5gBACHnZVRwj3fUjD9AZ3KsXMB8GA1UdIwQY
MBaAFGWW+4moojy+TyrbFlyJ8m3oq3h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUt
MjAyZTE5YzA4OGIxLzEvZVZ2bUFFQUllZGxWSENQZDlTTVAwQm5jcXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUtMjAyZTE5YzA4OGIx
LzEvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixyMMA0E
AgACMAcDBQAqCQdAMA0GCSqGSIb3DQEBCwUAA4IBAQBddGkjPfyfV/e6keQi9Czq
JTF4r5t/w5cNKtRaFnTun2h1d+FdiTat682m+p+7V8A3bCUPJrsVGYak5S8t7SIr
Gt9CK15G1X07RU9aJj3g0nyP4itP8PDvRtv1ZMUdso5bpTHOtcaZk1rj5Ie3qb4k
5+aygtcfsHTJLms728td4GTHxnCjwkLKj+IGPFNGDDqng/Y8K41OLvg0/QaHfJT/
iED5Kypp3julpLi5JSKoxe6NnbUSEHpUsjhrI7ox9wt5mlrHImwaGKsIF0DB4o0d
AefWi04mbsjQQgs0Cv07lKK4FDePAyAjSVCmbcAjaqNbP7SKzShZz9nznTfrhUly
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:04:28 2025 by rpki-client