Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/tdcKgRnifMkQUSuheh3nKZuvryc.roa
File: tdcKgRnifMkQUSuheh3nKZuvryc.roa (raw, json)
Hash identifier: HCTyNlEks1rt62q1foYfDinFFs6mvtGgOfTOXF+fgW0=
Subject key identifier: B5:D7:0A:81:19:E2:7C:C9:10:51:2B:A1:7A:1D:E7:29:9B:AF:AF:27
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 0195CCDBC56C4EE019D4BC072C0C8E669BF2
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/tdcKgRnifMkQUSuheh3nKZuvryc.roa
Signing time: Tue 25 Mar 2025 10:31:49 +0000
ROA not before: Tue 25 Mar 2025 10:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41275
IP address blocks: 5.35.112.0/22 maxlen: 22
5.35.112.0/23 maxlen: 23
5.35.113.0/24 maxlen: 24
5.35.114.0/23 maxlen: 23
62.217.184.0/21 maxlen: 21
85.198.104.0/23 maxlen: 23
89.169.48.0/22 maxlen: 22
89.207.216.0/21 maxlen: 21
89.207.216.0/22 maxlen: 22
89.207.216.0/24 maxlen: 24
89.207.220.0/22 maxlen: 22
89.207.221.0/24 maxlen: 24
93.157.244.0/22 maxlen: 22
95.131.144.0/21 maxlen: 21
95.131.144.0/22 maxlen: 22
95.131.144.0/24 maxlen: 24
95.131.148.0/22 maxlen: 22
185.136.76.0/22 maxlen: 22
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
217.150.200.0/23 maxlen: 23
2a02:5fe0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:db:c5:6c:4e:e0:19:d4:bc:07:2c:0c:8e:66:9b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Mar 25 10:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5d70a8119e27cc910512ba17a1de7299bafaf27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f6:c1:a9:52:ae:14:3a:45:25:da:54:e3:72:
84:48:03:1b:d6:bf:7a:c1:cc:00:ae:ad:6e:c2:64:
6d:1f:e5:7a:00:bb:7e:d3:7a:fa:47:1e:05:92:97:
9b:55:a4:57:44:16:92:b4:68:50:66:d0:45:00:61:
9a:90:ac:bc:ce:e7:fd:28:6f:50:37:67:18:e5:c3:
e8:5a:72:7a:e6:88:03:b3:8e:5f:12:91:9a:c0:4d:
84:f1:27:5f:d4:f7:5a:76:a5:43:7b:35:34:33:c6:
a5:21:be:cd:8c:72:db:59:38:2d:52:44:a5:ee:7c:
f4:2d:fc:cd:42:76:2e:50:fd:78:ab:42:fa:2d:86:
8b:dc:ec:7d:10:fb:3c:d3:e0:49:86:08:74:7f:b5:
77:26:74:4d:b8:60:b9:19:6d:c0:fe:67:c1:f7:55:
18:4f:a4:8b:b6:f2:e9:33:fa:63:f5:cb:47:ae:39:
2e:61:23:4a:d6:21:58:a9:f5:5c:39:ee:42:ff:b9:
f6:91:ab:6c:8c:fd:a0:27:b6:af:53:1f:e7:a9:5c:
8c:e3:12:d1:30:58:45:3b:04:1a:c8:ac:82:46:47:
17:93:51:b9:f7:45:66:91:c2:8c:ec:90:81:29:ab:
9c:a5:6d:1e:1f:ec:5b:c2:8c:37:81:fc:58:be:f7:
96:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D7:0A:81:19:E2:7C:C9:10:51:2B:A1:7A:1D:E7:29:9B:AF:AF:27
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/tdcKgRnifMkQUSuheh3nKZuvryc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
85.198.104.0/23
89.169.48.0/22
89.207.216.0/21
93.157.244.0/22
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
217.150.200.0/23
IPv6:
2a02:5fe0::/29
Signature Algorithm: sha256WithRSAEncryption
16:d6:45:13:70:51:46:39:e2:8f:e4:c8:c0:63:aa:2c:9c:f7:
0a:cb:57:b7:f6:54:55:47:1f:a8:b7:5d:bd:76:fb:18:b6:39:
23:12:c3:d3:90:e9:28:0c:f8:cf:c9:b2:9c:b1:6c:18:70:79:
e4:76:ad:b7:83:59:24:d8:f7:81:f9:50:30:62:e4:3f:da:55:
21:e6:ed:99:13:00:1b:67:d8:90:27:4d:8f:c9:26:50:4b:63:
a4:ea:07:0e:a6:64:98:f1:d8:f0:c6:54:95:0b:ca:c1:cf:92:
36:f7:76:5c:a3:71:04:c6:38:b2:a5:20:67:d3:68:e2:2a:c2:
18:ca:4a:99:cd:ff:64:2d:37:b3:f4:02:be:5a:a4:12:98:d4:
a9:ab:f8:15:4c:c5:ad:b0:33:25:07:43:1f:a9:8d:de:74:5d:
79:f2:1f:dc:61:5b:b2:bf:c2:bf:2d:c5:dc:82:87:10:fc:b4:
e4:42:40:62:ca:36:2e:91:82:59:9c:0d:f1:e8:ac:87:b6:9f:
e0:66:c6:07:0c:fa:9d:96:dd:e9:6e:be:70:d6:57:43:12:de:
3c:7b:f7:b8:56:bc:48:d2:8d:c2:3e:d3:a7:65:16:de:f7:a0:
e0:91:c7:82:5e:fb:08:5d:30:2c:2c:3d:4a:79:77:34:86:18:
44:47:7a:62
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZXM28VsTuAZ1LwHLAyOZpvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjUwMzI1MTAzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ3MGE4MTE5ZTI3Y2M5MTA1MTJiYTE3YTFkZTcyOTliYWZhZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/bBqVKuFDpFJdpU43KESAMb1r96
wcwArq1uwmRtH+V6ALt+03r6Rx4FkpebVaRXRBaStGhQZtBFAGGakKy8zuf9KG9Q
N2cY5cPoWnJ65ogDs45fEpGawE2E8Sdf1PdadqVDezU0M8alIb7NjHLbWTgtUkSl
7nz0LfzNQnYuUP14q0L6LYaL3Ox9EPs80+BJhgh0f7V3JnRNuGC5GW3A/mfB91UY
T6SLtvLpM/pj9ctHrjkuYSNK1iFYqfVcOe5C/7n2katsjP2gJ7avUx/nqVyM4xLR
MFhFOwQayKyCRkcXk1G590VmkcKM7JCBKaucpW0eH+xbwow3gfxYvveWVQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFLXXCoEZ4nzJEFEroXod5ymbr68nMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvdGRjS2dSbmlmTWtRVVN1aGVoM25LWnV2cnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCBSNwAwQD
Ptm4AwQBVcZoAwQCWakwAwQDWc/YAwQCXZ30AwQDX4OQAwQCuYhMMAwDBAC5mxED
BAK5mxADBAHZlsgwDQQCAAIwBwMFAyoCX+AwDQYJKoZIhvcNAQELBQADggEBABbW
RRNwUUY54o/kyMBjqiyc9wrLV7f2VFVHH6i3Xb12+xi2OSMSw9OQ6SgM+M/Jspyx
bBhweeR2rbeDWSTY94H5UDBi5D/aVSHm7ZkTABtn2JAnTY/JJlBLY6TqBw6mZJjx
2PDGVJULysHPkjb3dlyjcQTGOLKlIGfTaOIqwhjKSpnN/2QtN7P0Ar5apBKY1Kmr
+BVMxa2wMyUHQx+pjd50XXnyH9xhW7K/wr8txdyChxD8tORCQGLKNi6RglmcDfHo
rIe2n+BmxgcM+p2W3eluvnDWV0MS3jx797hWvEjSjcI+06dlFt73oOCRx4Je+whd
MCwsPUp5dzSGGERHemI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net