Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/TQygN4SXBXm6kb6dwTHMvf9SU_c.roa
File: TQygN4SXBXm6kb6dwTHMvf9SU_c.roa (raw, json)
Hash identifier: th78B9M/h4hJt88ooUMk1f8j3+dkZq4RBDefMfAfKbA=
Subject key identifier: 4D:0C:A0:37:84:97:05:79:BA:91:BE:9D:C1:31:CC:BD:FF:52:53:F7
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 0194222027756C526F882A7AB5E2D2CEF0A3
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/TQygN4SXBXm6kb6dwTHMvf9SU_c.roa
Signing time: Wed 01 Jan 2025 13:48:40 +0000
ROA not before: Wed 01 Jan 2025 13:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198668
IP address blocks: 176.119.192.0/24 maxlen: 24
185.87.140.0/22 maxlen: 22
185.243.172.0/22 maxlen: 22
2a05:aa00::/29 maxlen: 29
2a0d:1880::/29 maxlen: 29
2a0f:fec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:27:75:6c:52:6f:88:2a:7a:b5:e2:d2:ce:f0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: Jan 1 13:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d0ca03784970579ba91be9dc131ccbdff5253f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:59:b6:74:e9:9e:84:6b:87:5b:39:84:15:23:
28:d1:11:31:fa:16:10:7a:a5:da:90:2e:d2:01:fd:
ee:28:9a:9f:10:ff:05:16:f7:f4:63:d2:8f:4f:a6:
06:0a:c8:5a:ed:c1:ee:8e:60:24:48:6e:92:cf:59:
4c:94:f6:6f:19:d4:3a:af:68:cb:2a:0c:63:51:d3:
af:95:5a:47:59:04:8c:06:01:29:17:e7:79:bb:0e:
9f:b5:f9:ee:9c:f1:3a:e9:cd:ef:3c:2f:6c:91:a7:
f6:4c:07:15:fc:3d:8c:08:4d:e0:80:9d:05:0c:24:
21:a8:17:3f:eb:76:b0:72:51:45:13:71:eb:87:a0:
02:28:ab:58:e7:03:0d:9c:69:7c:62:97:b7:ff:92:
4b:75:7a:7f:1a:6f:68:c5:e1:23:ef:67:3d:9f:28:
20:b9:95:87:af:6d:3b:cd:e2:78:f5:b2:a9:16:a6:
e0:56:8c:b3:97:d3:e0:6a:73:51:f9:37:1a:2a:ee:
9b:08:a0:72:b2:25:ce:f7:f7:14:7c:0c:a9:63:2a:
60:b6:ee:d9:28:77:a2:fd:52:84:fe:93:d6:59:62:
65:07:35:03:55:1d:f3:b0:c5:a2:31:c1:6a:27:8d:
8e:3e:18:ba:6a:df:b5:09:dc:08:88:ae:fc:fe:d3:
b9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0C:A0:37:84:97:05:79:BA:91:BE:9D:C1:31:CC:BD:FF:52:53:F7
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/TQygN4SXBXm6kb6dwTHMvf9SU_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.192.0/24
185.87.140.0/22
185.243.172.0/22
IPv6:
2a05:aa00::/29
2a0d:1880::/29
2a0f:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:b1:ba:28:c9:e3:f7:88:78:a5:da:9a:ad:6c:19:82:80:9a:
bd:8c:2b:21:02:27:b3:86:38:3d:7c:7e:f0:71:8d:05:09:c9:
4b:77:91:80:1c:f4:73:75:e7:e3:22:6b:61:a1:15:8c:b9:47:
1a:98:ca:02:45:f3:b8:14:1c:8b:86:61:e4:fc:78:b8:a6:40:
16:19:03:20:72:fb:69:f1:54:8b:d7:aa:5a:67:95:1c:6a:c2:
f0:c0:77:ab:6f:4f:ee:ff:54:21:fd:38:31:c0:38:1a:da:ee:
d3:47:45:51:d0:db:f5:94:ff:a9:92:e7:f8:38:89:d0:30:ca:
87:18:61:42:6c:67:63:fc:de:a8:95:d8:60:ee:51:50:f6:2d:
e4:6a:fe:9d:2d:db:d4:60:80:51:13:d3:20:84:e5:1a:0d:a2:
9a:91:da:00:4f:7a:d8:93:a9:c5:3c:b7:84:6c:00:8b:0b:9b:
22:25:44:a1:4d:e9:99:89:4f:a3:23:de:80:3b:1f:39:01:54:
94:56:d7:9e:3a:b4:70:28:9e:b2:87:53:99:4c:52:4b:4e:a4:
85:26:f6:30:87:b7:56:72:72:19:9e:ab:80:da:e8:ed:b1:85:
d3:49:3b:ce:08:e4:f6:73:08:75:ba:3b:39:c5:11:ac:fc:b7:
d3:de:89:60
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQiICd1bFJviCp6teLSzvCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBjYTAzNzg0OTcwNTc5YmE5MWJlOWRjMTMxY2NiZGZmNTI1M2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fm2dOmehGuHWzmEFSMo0REx+hYQ
eqXakC7SAf3uKJqfEP8FFvf0Y9KPT6YGCsha7cHujmAkSG6Sz1lMlPZvGdQ6r2jL
KgxjUdOvlVpHWQSMBgEpF+d5uw6ftfnunPE66c3vPC9skaf2TAcV/D2MCE3ggJ0F
DCQhqBc/63awclFFE3Hrh6ACKKtY5wMNnGl8Ype3/5JLdXp/Gm9oxeEj72c9nygg
uZWHr207zeJ49bKpFqbgVoyzl9PganNR+TcaKu6bCKBysiXO9/cUfAypYypgtu7Z
KHei/VKE/pPWWWJlBzUDVR3zsMWiMcFqJ42OPhi6at+1CdwIiK78/tO5bwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFE0MoDeElwV5upG+ncExzL3/UlP3MB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL1RReWdONFNYQlhtNmtiNmR3VEhNdmY5U1VfYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcBAf8EOTA3MBgEAgABMBIDBACwd8AD
BAK5V4wDBAK586wwGwQCAAIwFQMFAyoFqgADBQMqDRiAAwUDKg/+wDANBgkqhkiG
9w0BAQsFAAOCAQEADbG6KMnj94h4pdqarWwZgoCavYwrIQIns4Y4PXx+8HGNBQnJ
S3eRgBz0c3Xn4yJrYaEVjLlHGpjKAkXzuBQci4Zh5Px4uKZAFhkDIHL7afFUi9eq
WmeVHGrC8MB3q29P7v9UIf04McA4Gtru00dFUdDb9ZT/qZLn+DiJ0DDKhxhhQmxn
Y/zeqJXYYO5RUPYt5Gr+nS3b1GCAURPTIITlGg2impHaAE962JOpxTy3hGwAiwub
IiVEoU3pmYlPoyPegDsfOQFUlFbXnjq0cCiesodTmUxSS06khSb2MIe3VnJyGZ6r
gNro7bGF00k7zgjk9nMIdbo7OcURrPy3096JYA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net