Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/tcbbFJDqhBbRkJh6NDYN55iLfDE.roa
File: tcbbFJDqhBbRkJh6NDYN55iLfDE.roa (raw, json)
Hash identifier: vKEQ9e0Db9WBNbap5GYKx4PxGXK/ovDmh/isyYRiZ1c=
Subject key identifier: B5:C6:DB:14:90:EA:84:16:D1:90:98:7A:34:36:0D:E7:98:8B:7C:31
Certificate issuer: /CN=a84471a66f7907107e4534716bfa4208d406969f
Certificate serial: 0194236A4C7DDC6AC5334ACA4E4FA06378BD
Authority key identifier: A8:44:71:A6:6F:79:07:10:7E:45:34:71:6B:FA:42:08:D4:06:96:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qERxpm95BxB-RTRxa_pCCNQGlp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/tcbbFJDqhBbRkJh6NDYN55iLfDE.roa
Signing time: Wed 01 Jan 2025 19:49:16 +0000
ROA not before: Wed 01 Jan 2025 19:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198153
IP address blocks: 79.98.64.0/21 maxlen: 30
185.197.0.0/22 maxlen: 22
2a03:ad80::/32 maxlen: 126
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4c:7d:dc:6a:c5:33:4a:ca:4e:4f:a0:63:78:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84471a66f7907107e4534716bfa4208d406969f
Validity
Not Before: Jan 1 19:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5c6db1490ea8416d190987a34360de7988b7c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6d:a6:5a:7f:88:54:e3:70:7f:d6:11:55:df:
94:b8:bf:c0:2f:87:16:a3:74:1c:db:7f:bf:e8:7d:
8a:26:8d:63:a4:5f:31:51:dd:b2:97:04:86:6e:90:
b5:f4:3c:80:b6:91:b8:c4:62:e3:0b:bc:de:32:60:
77:1a:41:96:16:bb:e7:6f:6d:19:2b:a9:b1:8c:66:
3a:7e:a0:32:46:d2:45:5a:fb:3a:4e:cc:69:3f:fe:
d4:c2:3a:b5:95:e3:59:e4:63:d1:06:97:2b:9d:2a:
86:d7:a3:3f:8a:5f:2b:95:80:03:a2:ba:a1:6a:1d:
cf:4e:cb:de:9a:40:94:db:1c:3d:27:f3:1a:11:03:
12:6f:ee:a7:a1:05:4a:60:42:1d:1f:24:3f:49:cb:
c0:f9:12:8a:37:10:70:07:e5:48:73:05:a1:1a:74:
bf:57:f5:9c:35:09:b4:ca:cc:98:b9:ea:52:c3:a1:
08:31:31:ad:ef:01:07:fb:84:52:85:38:b9:06:37:
c7:64:6d:38:b9:53:a4:46:8f:39:b0:90:2e:53:28:
54:81:5a:4d:75:2b:8a:d7:cb:31:4d:e7:a8:ca:22:
45:63:01:8c:d1:bc:c7:de:ee:0c:fe:fb:32:fa:81:
f4:e6:15:17:d3:ed:98:f2:ac:23:24:5b:c4:05:91:
68:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C6:DB:14:90:EA:84:16:D1:90:98:7A:34:36:0D:E7:98:8B:7C:31
X509v3 Authority Key Identifier:
keyid:A8:44:71:A6:6F:79:07:10:7E:45:34:71:6B:FA:42:08:D4:06:96:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qERxpm95BxB-RTRxa_pCCNQGlp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/tcbbFJDqhBbRkJh6NDYN55iLfDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/qERxpm95BxB-RTRxa_pCCNQGlp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.64.0/21
185.197.0.0/22
IPv6:
2a03:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
4d:07:fb:ba:57:b4:b0:20:fb:8a:9e:54:3c:4a:b0:73:a4:85:
b3:2b:9f:4b:13:f8:bf:11:fa:47:2d:56:b0:bd:46:1f:15:24:
b0:c1:55:39:35:15:ef:6e:77:b6:56:f9:3b:67:03:74:81:2f:
65:cf:75:1e:d7:b6:ba:d9:e9:65:61:3c:6e:d9:bb:c4:6f:e3:
b7:6e:41:78:4a:8d:82:c0:b2:06:98:c7:b2:72:c8:be:55:31:
f1:97:4e:37:32:d4:99:ba:c2:d0:93:50:00:79:62:a6:08:0c:
f4:fb:b8:32:72:b6:f4:10:fa:b8:54:f8:0a:84:49:9b:c8:6b:
27:5a:c7:58:b6:06:02:44:6f:5f:99:1b:14:30:00:47:6e:db:
a7:3e:11:06:a7:6b:82:94:98:a6:61:10:53:87:bf:9a:ce:ea:
6f:27:b6:00:ab:c3:99:de:e3:7e:a6:7c:bb:ed:f8:43:9c:08:
e5:c9:67:0b:d5:f9:d0:da:87:3a:14:7b:6e:36:1c:d2:c2:0e:
37:ae:43:9f:ab:59:3d:71:72:8e:5f:dc:4c:29:9b:0d:14:22:
2c:b8:0f:a5:31:48:b5:32:0e:bf:ab:52:1b:7e:5c:c7:6b:0d:
b6:c2:7c:93:12:4c:f2:be:6c:f0:22:ff:92:60:48:93:40:2f:
01:81:ec:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjakx93GrFM0rKTk+gY3i9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDQ3MWE2NmY3OTA3MTA3ZTQ1MzQ3MTZiZmE0MjA4ZDQw
Njk2OWYwHhcNMjUwMTAxMTk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM2ZGIxNDkwZWE4NDE2ZDE5MDk4N2EzNDM2MGRlNzk4OGI3YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8G2mWn+IVONwf9YRVd+UuL/AL4cW
o3Qc23+/6H2KJo1jpF8xUd2ylwSGbpC19DyAtpG4xGLjC7zeMmB3GkGWFrvnb20Z
K6mxjGY6fqAyRtJFWvs6TsxpP/7Uwjq1leNZ5GPRBpcrnSqG16M/il8rlYADorqh
ah3PTsvemkCU2xw9J/MaEQMSb+6noQVKYEIdHyQ/ScvA+RKKNxBwB+VIcwWhGnS/
V/WcNQm0ysyYuepSw6EIMTGt7wEH+4RShTi5BjfHZG04uVOkRo85sJAuUyhUgVpN
dSuK18sxTeeoyiJFYwGM0bzH3u4M/vsy+oH05hUX0+2Y8qwjJFvEBZFoKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLXG2xSQ6oQW0ZCYejQ2DeeYi3wxMB8GA1UdIwQY
MBaAFKhEcaZveQcQfkU0cWv6QgjUBpafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVSeHBtOTVCeEItUlRSeGFfcENDTlFHbHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84NWQwOTctMDE1My00OTAyLWFmN2Et
YjhjMzMxYTg0OGFhLzEvdGNiYkZKRHFoQmJSa0poNk5EWU41NWlMZkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84NWQwOTctMDE1My00OTAyLWFmN2EtYjhjMzMxYTg0OGFh
LzEvcUVSeHBtOTVCeEItUlRSeGFfcENDTlFHbHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT2JAAwQC
ucUAMA0EAgACMAcDBQAqA62AMA0GCSqGSIb3DQEBCwUAA4IBAQBNB/u6V7SwIPuK
nlQ8SrBzpIWzK59LE/i/EfpHLVawvUYfFSSwwVU5NRXvbne2Vvk7ZwN0gS9lz3Ue
17a62ellYTxu2bvEb+O3bkF4So2CwLIGmMeycsi+VTHxl043MtSZusLQk1AAeWKm
CAz0+7gycrb0EPq4VPgKhEmbyGsnWsdYtgYCRG9fmRsUMABHbtunPhEGp2uClJim
YRBTh7+azupvJ7YAq8OZ3uN+pny77fhDnAjlyWcL1fnQ2oc6FHtuNhzSwg43rkOf
q1k9cXKOX9xMKZsNFCIsuA+lMUi1Mg6/q1IbflzHaw22wnyTEkzyvmzwIv+SYEiT
QC8BgeyD
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net