Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e674fb-2683-4cf4-967b-b7c67eacc3a5/1/TGrXflCdfRfW3fIuk1M0sun1vvs.roa
File: TGrXflCdfRfW3fIuk1M0sun1vvs.roa (raw, json)
Hash identifier: alNQcjpWXoWXc70x5wuOV0VaoVsG9NOJ3xbbbXJM7RE=
Subject key identifier: 4C:6A:D7:7E:50:9D:7D:17:D6:DD:F2:2E:93:53:34:B2:E9:F5:BE:FB
Certificate issuer: /CN=b8458858a1cbde89c929060f42f2b0df924d4e29
Certificate serial: 019421B2492100A7AFAFCB3A671BBE175674
Authority key identifier: B8:45:88:58:A1:CB:DE:89:C9:29:06:0F:42:F2:B0:DF:92:4D:4E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uEWIWKHL3onJKQYPQvKw35JNTik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e674fb-2683-4cf4-967b-b7c67eacc3a5/1/TGrXflCdfRfW3fIuk1M0sun1vvs.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206861
IP address blocks: 185.173.132.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:49:21:00:a7:af:af:cb:3a:67:1b:be:17:56:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8458858a1cbde89c929060f42f2b0df924d4e29
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c6ad77e509d7d17d6ddf22e935334b2e9f5befb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:98:98:4f:46:36:5d:0b:f1:6b:fc:e0:e2:6b:
58:c0:e8:de:d8:d9:41:92:df:f9:62:13:57:57:01:
0d:3c:da:5a:4a:ec:a5:ff:34:56:13:3b:d1:f6:6b:
49:10:01:64:7b:fd:01:33:31:09:e2:b4:6a:34:7c:
6b:e1:0e:05:ca:e3:d6:a6:3b:d4:28:a2:ac:1a:2f:
34:22:ee:d2:e2:43:53:60:17:76:e3:7e:68:c3:5c:
1c:e5:d0:25:72:75:cb:fb:f9:93:51:30:4f:ac:67:
64:3b:b2:6e:37:92:48:7a:87:97:62:8d:7b:fb:0f:
43:4e:8e:ef:8b:48:bb:92:90:79:65:49:71:18:d8:
0e:0c:32:9f:6b:34:7f:4b:4a:93:fa:1b:28:24:15:
fb:34:0e:63:76:cf:e8:8a:57:99:85:ca:06:60:71:
dd:17:c7:fc:4b:20:9e:80:ff:b0:fc:43:05:90:03:
d0:29:0c:e4:51:cb:7d:b3:b4:86:46:1c:4d:0d:50:
43:1f:d0:e7:2d:bc:a6:a1:a7:f2:e4:8e:91:32:41:
3f:2e:2b:86:bc:33:96:85:b7:5f:d8:07:00:72:bd:
95:88:f3:83:1a:26:08:b0:e0:07:23:4d:03:f3:d8:
c1:98:0f:eb:ea:3c:56:45:6c:e4:2b:ae:f4:8c:83:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:6A:D7:7E:50:9D:7D:17:D6:DD:F2:2E:93:53:34:B2:E9:F5:BE:FB
X509v3 Authority Key Identifier:
keyid:B8:45:88:58:A1:CB:DE:89:C9:29:06:0F:42:F2:B0:DF:92:4D:4E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uEWIWKHL3onJKQYPQvKw35JNTik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e674fb-2683-4cf4-967b-b7c67eacc3a5/1/TGrXflCdfRfW3fIuk1M0sun1vvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e674fb-2683-4cf4-967b-b7c67eacc3a5/1/uEWIWKHL3onJKQYPQvKw35JNTik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.132.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:4b:d2:c9:da:4d:cc:ce:45:c8:09:f4:4e:1c:19:ce:6b:a2:
df:d9:0e:24:6c:53:7b:16:6d:af:da:1d:84:81:93:d3:e4:d0:
31:01:69:48:21:21:29:8d:e9:72:9c:b5:2f:a0:3e:59:ba:67:
ad:e2:f9:7f:1e:69:c7:2e:cb:b1:56:47:1b:4a:f8:75:ab:1b:
54:64:5d:20:ba:c8:41:33:ab:01:e7:7e:2c:4e:d7:d5:6b:88:
e2:64:7e:c1:00:ba:fc:e9:b3:96:29:af:38:6b:ba:01:e1:5e:
69:ca:fa:f0:36:40:d0:eb:c8:5e:eb:58:f7:77:3f:c8:16:1a:
97:b3:57:4d:df:95:46:bd:19:34:92:ac:4a:e7:24:c2:6f:e2:
67:19:e1:53:7a:e6:e4:98:5c:f1:6e:90:28:f3:f8:aa:40:17:
3a:54:05:f1:02:6d:8a:d0:1a:ec:4f:96:7c:71:b4:13:d8:50:
21:c5:bb:18:ef:cf:51:d7:c1:c3:38:0d:bf:1f:2d:6b:fc:03:
ce:d2:2d:eb:48:c4:5d:58:2d:d3:3b:7a:54:92:c3:96:07:24:
e1:12:fd:66:4c:4c:dc:75:f7:02:3a:64:76:c0:f1:79:25:30:
e2:1f:3f:8b:88:e4:23:2d:5a:0e:26:99:5c:d6:a3:dd:cd:cb:
e3:96:3a:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskkhAKevr8s6Zxu+F1Z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NDU4ODU4YTFjYmRlODljOTI5MDYwZjQyZjJiMGRmOTI0
ZDRlMjkwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzZhZDc3ZTUwOWQ3ZDE3ZDZkZGYyMmU5MzUzMzRiMmU5ZjViZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZiYT0Y2XQvxa/zg4mtYwOje2NlB
kt/5YhNXVwENPNpaSuyl/zRWEzvR9mtJEAFke/0BMzEJ4rRqNHxr4Q4FyuPWpjvU
KKKsGi80Iu7S4kNTYBd2435ow1wc5dAlcnXL+/mTUTBPrGdkO7JuN5JIeoeXYo17
+w9DTo7vi0i7kpB5ZUlxGNgODDKfazR/S0qT+hsoJBX7NA5jds/oileZhcoGYHHd
F8f8SyCegP+w/EMFkAPQKQzkUct9s7SGRhxNDVBDH9DnLbymoafy5I6RMkE/LiuG
vDOWhbdf2AcAcr2ViPODGiYIsOAHI00D89jBmA/r6jxWRWzkK670jIPmRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExq135QnX0X1t3yLpNTNLLp9b77MB8GA1UdIwQY
MBaAFLhFiFihy96JySkGD0LysN+STU4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUVXSVdLSEwzb25KS1FZUFF2S3czNUpOVGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9lNjc0ZmItMjY4My00Y2Y0LTk2N2It
YjdjNjdlYWNjM2E1LzEvVEdyWGZsQ2RmUmZXM2ZJdWsxTTBzdW4xdnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9lNjc0ZmItMjY4My00Y2Y0LTk2N2ItYjdjNjdlYWNjM2E1
LzEvdUVXSVdLSEwzb25KS1FZUFF2S3czNUpOVGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua2EMA0G
CSqGSIb3DQEBCwUAA4IBAQCLS9LJ2k3MzkXICfROHBnOa6Lf2Q4kbFN7Fm2v2h2E
gZPT5NAxAWlIISEpjelynLUvoD5Zumet4vl/HmnHLsuxVkcbSvh1qxtUZF0gushB
M6sB534sTtfVa4jiZH7BALr86bOWKa84a7oB4V5pyvrwNkDQ68he61j3dz/IFhqX
s1dN35VGvRk0kqxK5yTCb+JnGeFTeubkmFzxbpAo8/iqQBc6VAXxAm2K0BrsT5Z8
cbQT2FAhxbsY789R18HDOA2/Hy1r/APO0i3rSMRdWC3TO3pUksOWByThEv1mTEzc
dfcCOmR2wPF5JTDiHz+LiOQjLVoOJplc1qPdzcvjljqc
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:17 2025 by rpki-client on console.sobornost.net