Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/TiC_Kjgn7ufdW5G3bZapc4eGbt0.roa
File: TiC_Kjgn7ufdW5G3bZapc4eGbt0.roa (raw, json)
Hash identifier: bIFhS4mc+QnxlO7/qiPxce8pWMHI9i3DDkPiJSG5yyE=
Subject key identifier: 4E:20:BF:2A:38:27:EE:E7:DD:5B:91:B7:6D:96:A9:73:87:86:6E:DD
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 0195EBCD2735FCB1ACB6CC685F995AD8071D
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/TiC_Kjgn7ufdW5G3bZapc4eGbt0.roa
Signing time: Mon 31 Mar 2025 10:44:05 +0000
ROA not before: Mon 31 Mar 2025 10:44:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15683
IP address blocks: 78.27.128.0/18 maxlen: 24
91.196.192.0/22 maxlen: 24
91.203.48.0/22 maxlen: 24
94.45.32.0/22 maxlen: 24
94.45.40.0/21 maxlen: 24
94.45.48.0/21 maxlen: 24
94.45.56.0/22 maxlen: 24
193.222.140.0/24 maxlen: 24
193.243.152.0/23 maxlen: 24
2a01:6d80:2000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:cd:27:35:fc:b1:ac:b6:cc:68:5f:99:5a:d8:07:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 31 10:44:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e20bf2a3827eee7dd5b91b76d96a97387866edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bb:d3:d7:13:41:1e:b6:d7:75:ea:b2:b6:33:
56:b5:5f:6a:fb:90:e6:7e:1a:85:07:b0:12:bc:91:
4b:6d:21:04:67:4b:04:16:35:bf:79:98:f0:ba:cc:
3e:77:2f:8e:8d:08:a7:2b:e0:a7:0e:83:20:0f:5c:
78:7a:37:ba:c6:fb:15:05:f1:25:af:cd:51:fa:38:
3c:d9:e6:8b:ab:cf:66:d3:59:5e:76:bc:03:da:ed:
dd:ba:0a:9c:7a:75:10:5a:4a:e2:ad:e1:2d:fa:cc:
bc:5b:72:ed:b2:55:54:e6:a9:dd:6d:31:12:5e:ad:
4f:91:bf:cd:5e:40:f2:09:17:aa:f8:df:7d:a0:16:
fa:c2:93:ce:4b:ef:3b:36:c3:1e:6c:93:53:14:a5:
48:d5:6d:93:27:9e:44:62:20:3f:fb:78:b2:43:be:
4a:1d:5b:1e:6e:c5:e6:bb:f1:a5:9e:8f:23:45:02:
b3:56:43:24:f9:b7:8c:b4:5f:9c:6f:58:37:f0:a5:
05:5e:24:e5:24:d5:24:66:0a:d9:76:f8:35:a2:1b:
f8:d0:32:ed:ae:39:e9:fc:22:de:fd:f4:fd:8f:a5:
3c:0a:18:33:8c:7c:5e:1a:e8:dc:9e:d6:7e:ee:d8:
b9:76:ef:10:98:b7:5e:3b:63:4d:d7:37:6b:d5:e6:
64:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:20:BF:2A:38:27:EE:E7:DD:5B:91:B7:6D:96:A9:73:87:86:6E:DD
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/TiC_Kjgn7ufdW5G3bZapc4eGbt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.27.128.0/18
91.196.192.0/22
91.203.48.0/22
94.45.32.0/22
94.45.40.0-94.45.59.255
193.222.140.0/24
193.243.152.0/23
IPv6:
2a01:6d80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
27:0d:0d:c9:f4:d0:b1:1a:ea:06:f7:0e:36:c4:60:ad:f6:75:
3d:1d:12:93:27:f8:e0:98:e4:4c:67:5e:4b:dd:db:64:6e:e9:
3f:ba:2e:51:82:68:92:50:87:6f:0a:51:6b:67:75:c7:68:6b:
8f:ec:d2:88:81:7e:29:ac:0f:7a:89:3f:88:a3:e5:e4:13:58:
1c:9c:51:53:6f:06:9a:90:8a:3e:57:19:9a:87:2a:7d:e5:c0:
43:e2:30:7d:9a:9a:73:f6:75:ea:86:96:a6:5c:2f:89:2e:e7:
21:a0:4c:79:b1:f1:fb:0c:0b:30:d5:81:09:a8:73:3a:04:05:
b2:80:e6:8f:d2:33:9c:40:85:e8:1b:09:19:29:13:51:82:aa:
d5:ac:83:54:00:38:3d:2a:06:7d:b4:77:45:c9:ba:e1:2f:1b:
d2:3d:f5:30:aa:c3:14:0f:f1:d7:d5:b6:b1:e0:a9:2a:ad:11:
c5:17:65:12:89:ff:5d:e3:84:1e:0a:2b:49:ae:dd:da:39:3a:
ce:51:7a:a2:f3:1d:fa:3b:69:80:07:c4:94:a7:21:17:79:68:
9b:87:d3:24:0f:42:0f:c5:1a:b2:7e:48:c7:6a:ef:19:9e:c0:
42:dc:7f:cf:26:81:91:5a:4b:af:a4:7a:c1:0f:a7:e2:48:3d:
88:60:2c:fa
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZXrzSc1/LGstsxoX5la2AcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMzMxMTA0NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIwYmYyYTM4MjdlZWU3ZGQ1YjkxYjc2ZDk2YTk3Mzg3ODY2ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LvT1xNBHrbXdeqytjNWtV9q+5Dm
fhqFB7ASvJFLbSEEZ0sEFjW/eZjwusw+dy+OjQinK+CnDoMgD1x4eje6xvsVBfEl
r81R+jg82eaLq89m01ledrwD2u3dugqcenUQWkrireEt+sy8W3LtslVU5qndbTES
Xq1Pkb/NXkDyCReq+N99oBb6wpPOS+87NsMebJNTFKVI1W2TJ55EYiA/+3iyQ75K
HVsebsXmu/Glno8jRQKzVkMk+beMtF+cb1g38KUFXiTlJNUkZgrZdvg1ohv40DLt
rjnp/CLe/fT9j6U8ChgzjHxeGujcntZ+7ti5du8QmLdeO2NN1zdr1eZkiwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFE4gvyo4J+7n3VuRt22WqXOHhm7dMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvVGlDX0tqZ243dWZkVzVHM2JaYXBjNGVHYnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA4BAIAATAyAwQGThuAAwQC
W8TAAwQCW8swAwQCXi0gMAwDBANeLSgDBAJeLTgDBADB3owDBAHB85gwDgQCAAIw
CAMGBCoBbYAgMA0GCSqGSIb3DQEBCwUAA4IBAQAnDQ3J9NCxGuoG9w42xGCt9nU9
HRKTJ/jgmORMZ15L3dtkbuk/ui5RgmiSUIdvClFrZ3XHaGuP7NKIgX4prA96iT+I
o+XkE1gcnFFTbwaakIo+Vxmahyp95cBD4jB9mppz9nXqhpamXC+JLuchoEx5sfH7
DAsw1YEJqHM6BAWygOaP0jOcQIXoGwkZKRNRgqrVrINUADg9KgZ9tHdFybrhLxvS
PfUwqsMUD/HX1bax4KkqrRHFF2USif9d44QeCitJrt3aOTrOUXqi8x36O2mAB8SU
pyEXeWibh9MkD0IPxRqyfkjHau8ZnsBC3H/PJoGRWkuvpHrBD6fiSD2IYCz6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net