Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/tFYWfziNY6T1pgWT96la8X957p4.roa
File: tFYWfziNY6T1pgWT96la8X957p4.roa (raw, json)
Hash identifier: 08hpQSe8BwmYvsZjvFViF9kdWzrXeHJU+sA3OilF/oE=
Subject key identifier: B4:56:16:7F:38:8D:63:A4:F5:A6:05:93:F7:A9:5A:F1:7F:79:EE:9E
Certificate issuer: /CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Certificate serial: 019420D5F0675478E849060DC67493502913
Authority key identifier: D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/tFYWfziNY6T1pgWT96la8X957p4.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199837
IP address blocks: 185.249.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f0:67:54:78:e8:49:06:0d:c6:74:93:50:29:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b456167f388d63a4f5a60593f7a95af17f79ee9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2d:93:b9:b2:1d:3b:df:71:ad:ba:1d:a5:27:
66:14:81:6b:29:82:3d:ff:3f:3f:f2:e6:4e:c4:3c:
ec:0b:c4:eb:57:8f:ba:2d:a2:4a:b1:f3:51:31:23:
b7:e4:75:76:4d:87:50:fa:7d:cb:da:2d:89:76:a7:
45:be:f3:56:b1:3f:1d:f1:6e:8a:07:ec:8c:bf:fd:
e2:c4:fe:fd:b8:b8:80:8f:52:65:a2:08:a6:33:d8:
09:e2:c8:70:e1:85:2e:80:4d:d8:55:bd:5e:9f:34:
e0:e0:0c:f0:74:ed:7d:81:3c:26:01:30:60:52:cb:
46:7b:3f:c1:f0:7d:50:cb:a1:7f:4e:7c:cf:29:82:
b9:2d:05:36:3b:c4:3b:06:a8:56:74:88:44:7b:9e:
48:51:ee:1a:2e:c9:50:39:cd:ad:1b:7f:94:23:d5:
3e:c0:92:76:8f:36:87:bc:7d:9c:7c:34:d9:44:23:
ae:68:6f:5a:dc:99:54:11:0c:3b:9d:c2:88:6f:ab:
84:b9:a9:88:72:f9:7a:2a:46:52:7e:02:7b:2f:2a:
80:e1:08:6c:fe:c2:d8:64:4c:ac:c1:ec:5e:d9:68:
5e:87:5e:79:bd:32:db:cb:13:e2:bf:21:71:7b:4b:
18:04:58:b9:a1:f6:1a:f4:45:2f:cc:6e:46:6e:a3:
69:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:56:16:7F:38:8D:63:A4:F5:A6:05:93:F7:A9:5A:F1:7F:79:EE:9E
X509v3 Authority Key Identifier:
keyid:D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/tFYWfziNY6T1pgWT96la8X957p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.12.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:e6:2d:5f:a2:15:e5:0b:22:10:21:35:9e:ad:20:48:eb:60:
cd:be:d2:c7:08:52:0e:92:54:eb:08:48:03:d4:90:f9:27:83:
42:00:64:88:e4:7e:bf:43:41:a2:c4:16:78:78:fe:08:44:67:
0a:68:ce:80:ae:68:6b:9b:85:03:63:a2:1a:62:9d:52:dd:99:
e9:a2:03:35:c9:01:35:f2:0b:20:b8:84:e0:a1:75:64:9c:a1:
6f:0f:85:2d:d1:02:be:fe:07:07:f5:70:f6:c0:9b:36:e2:f2:
4f:d8:ba:a7:a5:02:77:20:9d:b4:0a:cd:f4:94:ef:6a:14:85:
6b:7e:ca:84:bb:9e:ad:cc:2a:82:75:63:99:ca:e0:3b:59:6e:
bd:ce:b8:0f:0d:8f:fd:f4:f7:b4:78:86:10:04:68:9b:62:4e:
0f:b2:40:0f:64:7d:57:79:d9:82:3a:cf:25:5d:d5:89:27:62:
44:67:90:bc:27:6f:31:e6:ca:a4:86:76:2b:30:e0:9c:26:f9:
2d:cd:60:1a:08:c1:e6:92:40:09:09:f6:22:7e:38:97:8c:8c:
63:d3:f6:73:77:3f:31:6a:87:dd:8c:10:f7:34:dc:65:0e:cd:
fe:67:e2:a5:ea:f5:d5:8c:6c:e2:4d:0c:da:f8:ac:b4:60:35:
19:a9:89:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1fBnVHjoSQYNxnSTUCkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YWNmMzRiZTJiMDRjN2NjZWYyMjIxZThkMWZjYjZjYWJi
NDE1OTEwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDU2MTY3ZjM4OGQ2M2E0ZjVhNjA1OTNmN2E5NWFmMTdmNzllZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi2TubIdO99xrbodpSdmFIFrKYI9
/z8/8uZOxDzsC8TrV4+6LaJKsfNRMSO35HV2TYdQ+n3L2i2JdqdFvvNWsT8d8W6K
B+yMv/3ixP79uLiAj1JlogimM9gJ4shw4YUugE3YVb1enzTg4AzwdO19gTwmATBg
UstGez/B8H1Qy6F/TnzPKYK5LQU2O8Q7BqhWdIhEe55IUe4aLslQOc2tG3+UI9U+
wJJ2jzaHvH2cfDTZRCOuaG9a3JlUEQw7ncKIb6uEuamIcvl6KkZSfgJ7LyqA4Qhs
/sLYZEyswexe2Wheh155vTLbyxPivyFxe0sYBFi5ofYa9EUvzG5GbqNprwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRWFn84jWOk9aYFk/epWvF/ee6eMB8GA1UdIwQY
MBaAFNis80visEx8zvIiHo0fy2yrtBWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjct
NDRkNjRiOWRhNDU5LzEvdEZZV2Z6aU5ZNlQxcGdXVDk2bGE4WDk1N3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjctNDRkNjRiOWRhNDU5
LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufkMMA0G
CSqGSIb3DQEBCwUAA4IBAQCp5i1fohXlCyIQITWerSBI62DNvtLHCFIOklTrCEgD
1JD5J4NCAGSI5H6/Q0GixBZ4eP4IRGcKaM6Armhrm4UDY6IaYp1S3ZnpogM1yQE1
8gsguITgoXVknKFvD4Ut0QK+/gcH9XD2wJs24vJP2LqnpQJ3IJ20Cs30lO9qFIVr
fsqEu56tzCqCdWOZyuA7WW69zrgPDY/99Pe0eIYQBGibYk4PskAPZH1XedmCOs8l
XdWJJ2JEZ5C8J28x5sqkhnYrMOCcJvktzWAaCMHmkkAJCfYifjiXjIxj0/Zzdz8x
aofdjBD3NNxlDs3+Z+Kl6vXVjGziTQza+Ky0YDUZqYnh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net