Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/TNCpqe-GffYO9Oy5tCERO1-eUvc.roa
File: TNCpqe-GffYO9Oy5tCERO1-eUvc.roa (raw, json)
Hash identifier: tEekWUTWURynqaTdFQTnecYYou9fV3Tv2zuhFon83g0=
Subject key identifier: 4C:D0:A9:A9:EF:86:7D:F6:0E:F4:EC:B9:B4:21:11:3B:5F:9E:52:F7
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B5D7DE19FC69176B9140FB6CD587C
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/TNCpqe-GffYO9Oy5tCERO1-eUvc.roa
Signing time: Thu 02 Jan 2025 09:49:17 +0000
ROA not before: Thu 02 Jan 2025 09:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15935
IP address blocks: 185.188.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5d:7d:e1:9f:c6:91:76:b9:14:0f:b6:cd:58:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cd0a9a9ef867df60ef4ecb9b421113b5f9e52f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e9:49:0e:e6:5b:ef:ea:f8:bc:22:28:b9:38:
e2:a1:8d:58:69:6e:9d:9f:f8:cb:93:92:d8:e5:f7:
38:41:32:62:86:86:97:93:0a:e8:cb:cd:7f:5a:b7:
77:9f:cf:c6:52:a9:47:5e:15:50:ce:63:cd:4d:af:
7b:28:a8:b2:ef:12:df:b8:ae:c7:ec:12:ad:ab:66:
fd:b6:fc:b9:13:d5:8c:91:5d:58:23:c6:90:9e:bc:
c0:90:4e:7d:58:50:e2:2a:07:98:de:fd:aa:ac:b2:
db:58:88:0d:b5:73:e5:bc:8c:93:be:ad:b9:60:dc:
8c:70:a8:a7:d7:6c:7f:3d:cf:19:ed:34:53:59:a8:
26:0c:b8:80:d2:b8:01:ae:fe:37:d5:f2:2f:12:52:
70:f7:b6:1a:69:95:9f:2d:1e:90:02:88:06:74:ec:
26:fd:b5:a5:13:6c:81:8c:42:c5:2a:74:3a:db:c2:
31:67:03:4e:bf:95:b0:7b:f6:19:f9:62:19:3d:1e:
e1:32:64:37:08:98:67:67:30:ff:c0:05:19:d7:28:
84:f1:34:95:b1:1a:84:fa:f6:30:ce:2e:e3:7e:48:
ed:c8:06:48:49:e1:5c:e8:11:39:3c:9e:1c:b2:a6:
a3:3b:e5:4d:a4:09:18:03:85:14:b3:e4:28:61:4a:
d3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D0:A9:A9:EF:86:7D:F6:0E:F4:EC:B9:B4:21:11:3B:5F:9E:52:F7
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/TNCpqe-GffYO9Oy5tCERO1-eUvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.102.0/24
Signature Algorithm: sha256WithRSAEncryption
83:4c:d6:b7:7d:bf:3d:58:4c:36:50:cc:05:8b:eb:2f:0d:3a:
7d:88:db:09:a9:e6:be:e1:bf:72:60:e9:8c:57:7e:37:c3:eb:
19:48:56:38:fc:33:7a:51:94:60:07:51:e4:e8:ec:f7:a3:e2:
57:9e:d0:bf:1b:4a:e7:29:35:7e:79:e7:58:1f:ec:f2:f2:78:
41:65:4d:e5:e2:b9:0f:a6:71:ad:ba:3f:e3:75:13:d7:d3:51:
d8:d8:1f:6a:dc:d9:ad:e4:12:11:d9:ae:70:e0:e0:00:87:4c:
77:ad:fa:ad:c0:93:55:e1:cc:20:1e:ec:f7:62:29:36:f1:35:
84:8c:8a:64:0e:39:88:74:11:62:2f:51:7b:a2:d5:ba:5e:76:
9c:14:41:f6:9c:f7:1d:ea:53:25:b8:44:ca:4c:39:3e:20:02:
f8:a1:df:56:08:e7:f7:81:d3:48:4e:83:ef:20:e9:bb:b9:0d:
42:75:ad:6c:7f:63:c4:ba:8d:7e:cc:cf:1f:90:b0:48:3d:cb:
52:4e:db:b5:b0:d4:df:16:c8:4e:42:63:2c:3d:c2:76:be:25:
8b:6e:6e:a0:3d:74:dc:95:22:27:44:ab:a2:45:72:93:46:98:
90:c1:17:32:60:f6:8f:8c:f3:72:b7:c9:3a:2d:c1:5c:9d:d2:
c1:99:be:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma1194Z/GkXa5FA+2zVh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2QwYTlhOWVmODY3ZGY2MGVmNGVjYjliNDIxMTEzYjVmOWU1MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+lJDuZb7+r4vCIouTjioY1YaW6d
n/jLk5LY5fc4QTJihoaXkwroy81/Wrd3n8/GUqlHXhVQzmPNTa97KKiy7xLfuK7H
7BKtq2b9tvy5E9WMkV1YI8aQnrzAkE59WFDiKgeY3v2qrLLbWIgNtXPlvIyTvq25
YNyMcKin12x/Pc8Z7TRTWagmDLiA0rgBrv431fIvElJw97YaaZWfLR6QAogGdOwm
/bWlE2yBjELFKnQ628IxZwNOv5Wwe/YZ+WIZPR7hMmQ3CJhnZzD/wAUZ1yiE8TSV
sRqE+vYwzi7jfkjtyAZISeFc6BE5PJ4csqajO+VNpAkYA4UUs+QoYUrTHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzQqanvhn32DvTsubQhETtfnlL3MB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvVE5DcHFlLUdmZllPOU95NXRDRVJPMS1lVXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubxmMA0G
CSqGSIb3DQEBCwUAA4IBAQCDTNa3fb89WEw2UMwFi+svDTp9iNsJqea+4b9yYOmM
V343w+sZSFY4/DN6UZRgB1Hk6Oz3o+JXntC/G0rnKTV+eedYH+zy8nhBZU3l4rkP
pnGtuj/jdRPX01HY2B9q3Nmt5BIR2a5w4OAAh0x3rfqtwJNV4cwgHuz3Yik28TWE
jIpkDjmIdBFiL1F7otW6XnacFEH2nPcd6lMluETKTDk+IAL4od9WCOf3gdNIToPv
IOm7uQ1Cda1sf2PEuo1+zM8fkLBIPctSTtu1sNTfFshOQmMsPcJ2viWLbm6gPXTc
lSInRKuiRXKTRpiQwRcyYPaPjPNyt8k6LcFcndLBmb5i
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:30 2025 by rpki-client on console.sobornost.net