Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TPKhJ6iPLAZIsgGhlDM9QxRsHPk.roa
File: TPKhJ6iPLAZIsgGhlDM9QxRsHPk.roa (raw, json)
Hash identifier: z0IRo5PxSUnSd8wOnL5dq3lEYmycGU7B265DtPJnaBE=
Subject key identifier: 4C:F2:A1:27:A8:8F:2C:06:48:B2:01:A1:94:33:3D:43:14:6C:1C:F9
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01942826718131E9BA0DA235C3A8FA8E7685
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TPKhJ6iPLAZIsgGhlDM9QxRsHPk.roa
Signing time: Thu 02 Jan 2025 17:53:15 +0000
ROA not before: Thu 02 Jan 2025 17:53:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47741
IP address blocks: 212.42.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:71:81:31:e9:ba:0d:a2:35:c3:a8:fa:8e:76:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 17:53:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cf2a127a88f2c0648b201a194333d43146c1cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:4f:8e:91:32:8c:f3:36:a6:42:98:4e:38:37:
ab:b2:c0:d1:35:81:26:33:0f:2a:ed:1f:ba:dc:b3:
8d:b5:35:ce:6d:f6:74:d3:ae:a7:c7:06:d2:14:4c:
44:67:16:6b:72:f5:c0:9e:87:91:44:cc:44:f2:05:
3e:19:60:f7:3a:aa:fe:51:42:d4:f4:e7:a1:7d:14:
7d:f5:dc:03:f0:a7:e0:d0:e4:8c:bc:4e:48:8a:8f:
2c:f3:ec:40:36:bd:57:0c:b2:dc:e4:98:21:5f:4a:
2e:69:a8:82:0e:37:68:49:20:75:e7:e9:c6:bb:5c:
d7:19:2b:61:6f:c4:f6:d4:95:dd:a4:8d:04:32:c3:
c4:2c:59:ee:b6:35:c3:ba:02:e2:2b:a9:68:91:bd:
77:ed:43:c3:67:ac:34:a4:75:d7:52:9b:da:1e:20:
47:d2:1b:11:77:8c:4e:e7:54:00:c0:17:50:33:b3:
98:88:20:a7:0d:38:a1:57:08:a0:00:af:30:b2:64:
82:bb:d6:bf:52:10:8c:aa:1c:65:59:b1:4e:12:cc:
dd:87:0b:eb:42:42:6d:8c:57:b9:f1:d4:d0:88:d1:
50:30:7a:44:7f:c5:45:bb:cd:99:b0:a8:1a:d7:2f:
eb:7a:08:5d:00:7a:ab:4e:3a:77:b3:ee:e2:3e:08:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F2:A1:27:A8:8F:2C:06:48:B2:01:A1:94:33:3D:43:14:6C:1C:F9
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TPKhJ6iPLAZIsgGhlDM9QxRsHPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.42.208.0/20
Signature Algorithm: sha256WithRSAEncryption
11:24:d0:c3:fd:25:41:9a:38:fb:60:9a:67:8a:ab:cb:cc:4b:
90:09:dd:fd:98:aa:14:3a:33:07:b3:f6:53:d6:3b:eb:59:70:
df:e2:d9:09:15:0e:44:07:30:23:fa:ec:57:dc:9a:88:8d:69:
b3:22:a4:ec:43:b4:9e:8f:64:06:0b:cd:e9:cd:51:d2:25:d2:
4a:0f:fb:cf:88:bc:0f:51:99:c8:78:ae:1b:04:fe:91:b5:bb:
37:66:d1:98:30:84:54:72:24:74:1c:de:ab:b1:c6:1e:3a:04:
55:77:3d:ea:a8:ff:93:a2:b7:da:d8:d4:f0:56:d2:e7:da:74:
1b:ba:4e:40:34:35:13:c0:56:a5:9f:3a:c3:38:ec:87:19:42:
6b:11:ee:29:ae:a9:e4:e0:9a:66:48:b6:53:0b:d7:88:d2:e5:
f2:b2:b7:38:25:56:cc:98:f5:20:c3:42:30:b9:30:9d:49:f1:
f0:17:b1:ee:91:1a:8f:c4:e0:7e:45:cf:4e:07:db:01:51:2a:
ab:7e:0c:b7:75:35:9c:df:34:f6:fb:c4:5a:b7:aa:23:40:5f:
dc:f6:2a:14:8c:86:aa:ea:c4:af:c2:91:6e:77:ba:29:49:74:
ae:85:8c:b1:73:3a:a3:26:04:b4:21:f6:ca:f9:2f:8b:73:4d:
37:56:cc:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJnGBMem6DaI1w6j6jnaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMTAyMTc1MzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2YyYTEyN2E4OGYyYzA2NDhiMjAxYTE5NDMzM2Q0MzE0NmMxY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9k+OkTKM8zamQphOODerssDRNYEm
Mw8q7R+63LONtTXObfZ0066nxwbSFExEZxZrcvXAnoeRRMxE8gU+GWD3Oqr+UULU
9OehfRR99dwD8Kfg0OSMvE5Iio8s8+xANr1XDLLc5JghX0ouaaiCDjdoSSB15+nG
u1zXGSthb8T21JXdpI0EMsPELFnutjXDugLiK6lokb137UPDZ6w0pHXXUpvaHiBH
0hsRd4xO51QAwBdQM7OYiCCnDTihVwigAK8wsmSCu9a/UhCMqhxlWbFOEszdhwvr
QkJtjFe58dTQiNFQMHpEf8VFu82ZsKga1y/reghdAHqrTjp3s+7iPgjnaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzyoSeojywGSLIBoZQzPUMUbBz5MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvVFBLaEo2aVBMQVpJc2dHaGxETTlReFJzSFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1CrQMA0G
CSqGSIb3DQEBCwUAA4IBAQARJNDD/SVBmjj7YJpniqvLzEuQCd39mKoUOjMHs/ZT
1jvrWXDf4tkJFQ5EBzAj+uxX3JqIjWmzIqTsQ7Sej2QGC83pzVHSJdJKD/vPiLwP
UZnIeK4bBP6Rtbs3ZtGYMIRUciR0HN6rscYeOgRVdz3qqP+Torfa2NTwVtLn2nQb
uk5ANDUTwFalnzrDOOyHGUJrEe4prqnk4JpmSLZTC9eI0uXysrc4JVbMmPUgw0Iw
uTCdSfHwF7HukRqPxOB+Rc9OB9sBUSqrfgy3dTWc3zT2+8Rat6ojQF/c9ioUjIaq
6sSvwpFud7opSXSuhYyxczqjJgS0IfbK+S+Lc003Vsyx
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:51 2025 by rpki-client on console.sobornost.net