Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/tpGVDM97XGpA5ofHLGA9otQIFM8.roa
File: tpGVDM97XGpA5ofHLGA9otQIFM8.roa (raw, json)
Hash identifier: aWl1cnx2HDb3renuM7Fi/tYunaPtkTPWaRgrB19Lp4w=
Subject key identifier: B6:91:95:0C:CF:7B:5C:6A:40:E6:87:C7:2C:60:3D:A2:D4:08:14:CF
Certificate issuer: /CN=842e178a85d6c30b572b20261c44f8e7a4bfc272
Certificate serial: 019422FC3EA6F4005EDD1B0E469C86C44C87
Authority key identifier: 84:2E:17:8A:85:D6:C3:0B:57:2B:20:26:1C:44:F8:E7:A4:BF:C2:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hC4XioXWwwtXKyAmHET456S_wnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/tpGVDM97XGpA5ofHLGA9otQIFM8.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204706
IP address blocks: 185.143.128.0/24 maxlen: 24
185.143.129.0/24 maxlen: 24
185.143.130.0/24 maxlen: 24
185.143.131.0/24 maxlen: 24
2a0c:f080::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3e:a6:f4:00:5e:dd:1b:0e:46:9c:86:c4:4c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=842e178a85d6c30b572b20261c44f8e7a4bfc272
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b691950ccf7b5c6a40e687c72c603da2d40814cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2a:49:d0:d1:0e:83:22:49:4c:77:e3:53:b6:
5c:56:ef:d1:b3:82:49:02:d7:b7:5d:a4:6f:2e:6b:
d3:2d:3e:55:64:86:12:0e:6c:b9:7b:eb:17:3d:d6:
9d:39:f2:40:b9:25:d7:dc:11:fc:b8:01:d4:ab:cc:
5c:45:27:a0:fd:1a:96:bb:2a:b0:30:ce:06:c3:47:
13:b6:89:31:bd:eb:2c:63:a5:11:e3:f7:04:65:1e:
d3:d3:29:4d:94:4e:f1:bd:b9:e9:4a:24:a6:93:72:
0a:0b:98:6c:3a:11:89:34:b9:77:be:15:8a:ae:50:
9b:15:d7:42:e0:13:9d:35:56:fa:6a:26:67:7d:d2:
6d:ff:f6:ba:5b:ab:42:64:d7:74:aa:a8:fb:38:08:
6f:fc:92:4d:6c:13:ef:73:52:80:a4:03:64:55:94:
02:9f:8a:65:58:02:c3:80:99:a4:5d:08:41:8e:f5:
96:b5:59:1e:52:52:7b:17:b8:99:1f:6d:35:3f:b5:
0e:2f:d9:14:04:38:18:c0:9a:23:5f:e7:e0:cc:6a:
da:ea:3b:7a:0c:06:61:bc:98:43:60:ba:8b:87:74:
5c:32:31:bb:4c:7c:24:84:0b:b0:ec:ac:9e:ee:93:
ff:2f:5e:b2:06:e2:a7:b1:76:06:c9:a9:80:fe:b8:
56:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:91:95:0C:CF:7B:5C:6A:40:E6:87:C7:2C:60:3D:A2:D4:08:14:CF
X509v3 Authority Key Identifier:
keyid:84:2E:17:8A:85:D6:C3:0B:57:2B:20:26:1C:44:F8:E7:A4:BF:C2:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hC4XioXWwwtXKyAmHET456S_wnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/tpGVDM97XGpA5ofHLGA9otQIFM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0730d1-fee3-4654-9dea-e187be9b6c23/1/hC4XioXWwwtXKyAmHET456S_wnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.128.0/22
IPv6:
2a0c:f080::/30
Signature Algorithm: sha256WithRSAEncryption
cc:8d:fa:6d:45:08:10:27:de:10:f5:26:49:54:aa:35:e8:73:
39:45:d2:4d:f3:0c:55:2e:89:64:94:2a:3e:96:38:2b:67:f1:
c2:2c:99:3d:dc:67:fb:9a:7b:a8:f0:11:7d:65:c7:f3:25:5e:
cd:24:4a:d6:a5:6e:6e:99:19:a7:de:e3:91:9a:6f:e6:a2:95:
40:d7:6d:01:97:9f:26:80:ca:70:6a:20:0c:1e:c4:d7:ff:fe:
1f:93:e3:a1:82:5d:88:d3:ec:65:d6:0f:3e:da:a5:51:9b:03:
d0:63:e6:16:e4:94:26:4e:5c:90:4c:fe:6d:7e:ff:af:2b:02:
1f:a9:04:75:18:a8:9b:41:1d:95:bb:62:3a:30:65:ac:c3:a3:
a1:15:18:1e:84:7e:ad:94:4f:90:03:0b:08:40:77:a1:e5:ff:
14:9c:1b:83:6d:65:cf:40:66:e5:d1:5f:ad:77:51:ab:7f:13:
1d:36:6e:d2:d0:f0:1f:0b:6f:ab:61:87:99:69:90:1e:b3:13:
5c:1a:9e:f8:b5:18:d9:09:87:e5:88:6c:80:a6:92:bb:db:74:
9f:61:2c:35:8c:35:da:49:93:45:93:25:34:af:be:53:24:b9:
86:0d:ef:42:98:f3:b3:a8:3e:d5:86:f7:5e:63:3e:bc:4c:e3:
db:a2:6d:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/D6m9ABe3RsORpyGxEyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MmUxNzhhODVkNmMzMGI1NzJiMjAyNjFjNDRmOGU3YTRi
ZmMyNzIwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkxOTUwY2NmN2I1YzZhNDBlNjg3YzcyYzYwM2RhMmQ0MDgxNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSpJ0NEOgyJJTHfjU7ZcVu/Rs4JJ
Ate3XaRvLmvTLT5VZIYSDmy5e+sXPdadOfJAuSXX3BH8uAHUq8xcRSeg/RqWuyqw
MM4Gw0cTtokxvessY6UR4/cEZR7T0ylNlE7xvbnpSiSmk3IKC5hsOhGJNLl3vhWK
rlCbFddC4BOdNVb6aiZnfdJt//a6W6tCZNd0qqj7OAhv/JJNbBPvc1KApANkVZQC
n4plWALDgJmkXQhBjvWWtVkeUlJ7F7iZH201P7UOL9kUBDgYwJojX+fgzGra6jt6
DAZhvJhDYLqLh3RcMjG7THwkhAuw7Kye7pP/L16yBuKnsXYGyamA/rhWxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLaRlQzPe1xqQOaHxyxgPaLUCBTPMB8GA1UdIwQY
MBaAFIQuF4qF1sMLVysgJhxE+Oekv8JyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEM0WGlvWFd3d3RYS3lBbUhFVDQ1NlNfd25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wNzMwZDEtZmVlMy00NjU0LTlkZWEt
ZTE4N2JlOWI2YzIzLzEvdHBHVkRNOTdYR3BBNW9mSExHQTlvdFFJRk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8wNzMwZDEtZmVlMy00NjU0LTlkZWEtZTE4N2JlOWI2YzIz
LzEvaEM0WGlvWFd3d3RYS3lBbUhFVDQ1NlNfd25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY+AMA0E
AgACMAcDBQIqDPCAMA0GCSqGSIb3DQEBCwUAA4IBAQDMjfptRQgQJ94Q9SZJVKo1
6HM5RdJN8wxVLolklCo+ljgrZ/HCLJk93Gf7mnuo8BF9ZcfzJV7NJErWpW5umRmn
3uORmm/mopVA120Bl58mgMpwaiAMHsTX//4fk+Ohgl2I0+xl1g8+2qVRmwPQY+YW
5JQmTlyQTP5tfv+vKwIfqQR1GKibQR2Vu2I6MGWsw6OhFRgehH6tlE+QAwsIQHeh
5f8UnBuDbWXPQGbl0V+td1GrfxMdNm7S0PAfC2+rYYeZaZAesxNcGp74tRjZCYfl
iGyAppK723SfYSw1jDXaSZNFkyU0r75TJLmGDe9CmPOzqD7VhvdeYz68TOPbom1W
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net