Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/tq6G4XKwLkPscmGDzl0ViLLGYc0.roa
File: tq6G4XKwLkPscmGDzl0ViLLGYc0.roa (raw, json)
Hash identifier: gCrgWGNDXJJp5RhoxWhID/tfHWwjzd875gYTpw7zJGg=
Subject key identifier: B6:AE:86:E1:72:B0:2E:43:EC:72:61:83:CE:5D:15:88:B2:C6:61:CD
Certificate issuer: /CN=c011ee066641750a51147d8dc99a1b105658d203
Certificate serial: 01941FFAA7A60A3D54E68B629C665F381BEE
Authority key identifier: C0:11:EE:06:66:41:75:0A:51:14:7D:8D:C9:9A:1B:10:56:58:D2:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/tq6G4XKwLkPscmGDzl0ViLLGYc0.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57184
IP address blocks: 185.128.200.0/22 maxlen: 22
2a03:9b60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a7:a6:0a:3d:54:e6:8b:62:9c:66:5f:38:1b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c011ee066641750a51147d8dc99a1b105658d203
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6ae86e172b02e43ec726183ce5d1588b2c661cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:03:13:c1:40:9a:f9:44:72:75:30:f7:6a:
eb:39:b6:13:50:c1:06:a8:8f:90:c3:0c:6d:49:b5:
0f:05:db:21:4b:07:81:cb:1c:f7:a0:22:19:47:8c:
94:9d:8c:64:7f:7a:9d:27:c3:84:ba:ed:8b:9a:6a:
f7:e1:fc:12:e0:4c:14:b5:db:a1:6e:ff:ff:a2:1d:
9c:a7:b7:eb:18:53:d5:34:b8:2e:8a:54:92:78:61:
b4:1f:41:8d:0a:5c:96:47:59:e7:8c:55:66:f7:91:
05:16:36:a6:10:f4:34:d6:8c:10:ec:74:d3:17:fd:
b9:4f:5a:04:05:b0:fe:d0:bf:14:0f:29:d6:f5:fa:
21:56:8c:da:16:5e:f5:a5:83:83:0a:72:a3:bc:93:
5a:8d:1c:ae:27:fc:48:26:6b:80:6e:7f:41:4d:5f:
f6:19:46:82:12:ca:63:d9:b0:c9:1a:f2:00:3e:4b:
9f:f6:68:28:7e:da:ef:e6:95:57:e7:4f:10:ae:b5:
49:87:8f:77:d6:9c:7f:db:8a:17:7c:99:d2:e6:50:
25:75:71:5f:1f:f3:9d:39:e6:ab:47:74:cd:3f:2d:
89:8c:aa:e4:70:4c:78:01:5c:6e:b3:4e:e7:f6:b4:
b4:24:4e:48:0d:98:bf:d2:5f:5b:35:ee:b1:77:3f:
26:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AE:86:E1:72:B0:2E:43:EC:72:61:83:CE:5D:15:88:B2:C6:61:CD
X509v3 Authority Key Identifier:
keyid:C0:11:EE:06:66:41:75:0A:51:14:7D:8D:C9:9A:1B:10:56:58:D2:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/tq6G4XKwLkPscmGDzl0ViLLGYc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/wBHuBmZBdQpRFH2NyZobEFZY0gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.200.0/22
IPv6:
2a03:9b60::/32
Signature Algorithm: sha256WithRSAEncryption
20:0b:bb:ac:20:e1:5e:13:7d:f3:d8:19:fc:af:a4:0a:4b:6a:
c3:58:f4:4b:fa:68:5b:f2:29:bf:b3:5d:dc:64:c4:c9:6c:1a:
70:c6:5b:96:23:54:80:31:06:86:f0:72:55:24:ec:f3:ef:5e:
15:78:b9:1c:d0:1e:ca:1e:2e:92:a6:e0:e8:d4:3a:32:47:83:
4b:85:39:b5:cf:9c:73:c3:bb:e2:af:ef:a4:4c:7e:d6:0e:83:
55:97:16:c7:dd:3b:35:bc:01:3c:3c:57:29:3c:3d:31:47:b1:
f8:e4:82:05:b3:a2:e9:7e:c0:0f:7b:ec:22:bc:4c:a0:6c:77:
77:0b:62:db:30:fb:40:b8:b5:ca:14:d9:00:19:19:15:99:33:
70:b7:19:65:ed:c3:c0:a4:32:dc:4f:6d:41:21:fd:0c:e3:ea:
7f:9c:d1:f6:de:8e:68:c9:f0:c1:26:c8:a1:d3:ec:08:05:80:
8b:e5:55:0d:8c:cd:9c:0d:01:80:bc:5a:0a:79:84:87:dd:87:
5d:44:a7:cd:44:42:a8:b1:8b:d0:b2:10:f4:a0:c6:14:18:22:
0f:bd:9a:e4:f8:f1:5a:45:8b:4e:5d:b8:8c:c4:24:2d:89:77:
9e:31:f9:41:d4:48:72:16:74:b6:c2:b8:31:14:e8:1f:00:ab:
12:83:fc:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+qemCj1U5otinGZfOBvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTFlZTA2NjY0MTc1MGE1MTE0N2Q4ZGM5OWExYjEwNTY1
OGQyMDMwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmFlODZlMTcyYjAyZTQzZWM3MjYxODNjZTVkMTU4OGIyYzY2MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhADE8FAmvlEcnUw92rrObYTUMEG
qI+QwwxtSbUPBdshSweByxz3oCIZR4yUnYxkf3qdJ8OEuu2Lmmr34fwS4EwUtduh
bv//oh2cp7frGFPVNLguilSSeGG0H0GNClyWR1nnjFVm95EFFjamEPQ01owQ7HTT
F/25T1oEBbD+0L8UDynW9fohVozaFl71pYODCnKjvJNajRyuJ/xIJmuAbn9BTV/2
GUaCEspj2bDJGvIAPkuf9mgoftrv5pVX508QrrVJh4931px/24oXfJnS5lAldXFf
H/OdOearR3TNPy2JjKrkcEx4AVxus07n9rS0JE5IDZi/0l9bNe6xdz8mDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLauhuFysC5D7HJhg85dFYiyxmHNMB8GA1UdIwQY
MBaAFMAR7gZmQXUKURR9jcmaGxBWWNIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JIdUJtWkJkUXBSRkgyTnlab2JFRlpZMGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85YmU4NTYtMGUzMi00MDBmLThlODkt
MzY5Y2Q4YmUyNWZlLzEvdHE2RzRYS3dMa1BzY21HRHpsMFZpTExHWWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85YmU4NTYtMGUzMi00MDBmLThlODktMzY5Y2Q4YmUyNWZl
LzEvd0JIdUJtWkJkUXBSRkgyTnlab2JFRlpZMGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYDIMA0E
AgACMAcDBQAqA5tgMA0GCSqGSIb3DQEBCwUAA4IBAQAgC7usIOFeE33z2Bn8r6QK
S2rDWPRL+mhb8im/s13cZMTJbBpwxluWI1SAMQaG8HJVJOzz714VeLkc0B7KHi6S
puDo1DoyR4NLhTm1z5xzw7vir++kTH7WDoNVlxbH3Ts1vAE8PFcpPD0xR7H45IIF
s6LpfsAPe+wivEygbHd3C2LbMPtAuLXKFNkAGRkVmTNwtxll7cPApDLcT21BIf0M
4+p/nNH23o5oyfDBJsih0+wIBYCL5VUNjM2cDQGAvFoKeYSH3YddRKfNREKosYvQ
shD0oMYUGCIPvZrk+PFaRYtOXbiMxCQtiXeeMflB1EhyFnS2wrgxFOgfAKsSg/xt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:10 2025 by rpki-client on console.sobornost.net