Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/TBpy-9qiejUQQ-tchw6_vEGR2TA.roa
File: TBpy-9qiejUQQ-tchw6_vEGR2TA.roa (raw, json)
Hash identifier: Hj0WEeohah6IsMKUEfhTDBVFLO4BtqyUcqc4Aw6MbK8=
Subject key identifier: 4C:1A:72:FB:DA:A2:7A:35:10:43:EB:5C:87:0E:BF:BC:41:91:D9:30
Certificate issuer: /CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Certificate serial: 019427B625D5A573793DD2F4C33BB4B24B91
Authority key identifier: CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/TBpy-9qiejUQQ-tchw6_vEGR2TA.roa
Signing time: Thu 02 Jan 2025 15:50:36 +0000
ROA not before: Thu 02 Jan 2025 15:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15533
IP address blocks: 185.4.4.0/22 maxlen: 24
185.4.4.0/24 maxlen: 24
185.4.5.0/24 maxlen: 24
185.4.6.0/24 maxlen: 24
185.4.7.0/24 maxlen: 24
2a02:5e40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:25:d5:a5:73:79:3d:d2:f4:c3:3b:b4:b2:4b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca0c2dacafdfa53997ed3b0a70dfbc270a933bf4
Validity
Not Before: Jan 2 15:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c1a72fbdaa27a351043eb5c870ebfbc4191d930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:d5:be:09:db:77:bc:da:09:05:f9:0b:4c:
29:ca:42:23:ec:cc:33:2a:36:39:82:cd:6a:4d:2e:
ab:cc:4f:10:ea:98:e9:d6:90:b1:7c:23:dc:3e:2b:
e8:7c:d9:e9:15:2c:ed:8e:07:d8:d2:eb:39:95:ea:
e0:2f:0a:b8:67:7f:e4:e2:df:3b:df:95:48:4d:5e:
7f:5f:32:a4:72:d4:ad:36:6b:bd:8d:1e:a2:ef:b4:
94:56:f4:a5:dd:f2:df:c5:0c:cf:3f:b2:c1:3f:74:
a3:74:d5:5a:3e:6d:4c:87:f2:41:f9:d7:96:d4:e5:
2c:d2:bc:87:bc:84:eb:11:af:7e:85:1b:88:ba:1b:
7a:c8:79:11:f8:9f:00:0c:ad:2c:cf:a1:69:06:d1:
4d:ac:1a:bf:0c:79:e8:c7:15:33:c8:8a:84:cc:0c:
db:3c:54:6a:f3:02:06:12:af:13:86:89:22:de:df:
55:a6:02:bc:d9:99:fd:49:ce:9e:9d:42:22:fb:d7:
ee:4e:b2:3d:c4:7e:78:de:88:72:99:f6:03:1a:b3:
19:47:67:a6:91:cf:e2:4c:77:12:ce:28:6b:7f:70:
b0:a6:7d:92:89:ff:85:a2:fe:0d:c2:7c:bb:34:c0:
6c:d1:de:96:bd:fb:61:01:14:ed:9b:fe:de:d8:02:
96:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1A:72:FB:DA:A2:7A:35:10:43:EB:5C:87:0E:BF:BC:41:91:D9:30
X509v3 Authority Key Identifier:
keyid:CA:0C:2D:AC:AF:DF:A5:39:97:ED:3B:0A:70:DF:BC:27:0A:93:3B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/TBpy-9qiejUQQ-tchw6_vEGR2TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/733598-74e8-47aa-8c8e-99ec88c47760/1/ygwtrK_fpTmX7TsKcN-8JwqTO_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.4.0/22
IPv6:
2a02:5e40::/32
Signature Algorithm: sha256WithRSAEncryption
6d:aa:38:9c:e1:4a:a6:f4:e2:f4:0a:39:3d:6c:fa:a6:44:09:
8f:a8:97:2e:f5:09:f8:52:c4:28:29:b8:1d:14:2a:75:c5:61:
a8:8a:d3:c8:02:63:aa:83:e7:37:e8:0c:ef:e1:82:06:1b:39:
05:49:7a:a7:ac:7b:fb:92:8e:80:2c:60:c8:b2:c2:70:a2:d0:
c4:20:5b:96:93:dd:59:39:84:c0:e2:54:a6:a1:f6:95:1b:9c:
b8:a5:2c:71:a5:00:d0:40:d0:fc:4d:ff:1e:82:05:66:8d:8e:
34:43:cb:86:7e:d1:1c:99:06:78:42:43:8d:1e:fa:cd:8d:66:
a9:d7:a6:da:3e:73:85:26:e5:be:fb:52:f8:b7:c1:b0:e8:f3:
1d:0e:81:c7:07:d3:bc:fb:c5:55:d5:2f:43:c4:e9:ad:c7:6a:
53:c1:36:74:d2:18:38:26:67:7f:3f:fa:50:0c:cc:36:35:8d:
25:a1:d3:62:1a:48:36:2e:81:69:89:29:83:bb:9f:f6:ee:76:
c7:b7:38:b6:7f:23:49:91:c5:bc:aa:e1:af:e1:4c:73:ed:14:
fe:58:6a:66:fa:8a:b0:31:dd:75:9e:80:b9:cd:39:50:f1:74:
79:91:b7:d4:be:eb:04:ed:62:0d:ed:26:ef:d6:a0:ce:5d:1d:
83:44:64:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntiXVpXN5PdL0wzu0skuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMGMyZGFjYWZkZmE1Mzk5N2VkM2IwYTcwZGZiYzI3MGE5
MzNiZjQwHhcNMjUwMTAyMTU1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFhNzJmYmRhYTI3YTM1MTA0M2ViNWM4NzBlYmZiYzQxOTFkOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmTVvgnbd7zaCQX5C0wpykIj7Mwz
KjY5gs1qTS6rzE8Q6pjp1pCxfCPcPivofNnpFSztjgfY0us5lergLwq4Z3/k4t87
35VITV5/XzKkctStNmu9jR6i77SUVvSl3fLfxQzPP7LBP3SjdNVaPm1Mh/JB+deW
1OUs0ryHvITrEa9+hRuIuht6yHkR+J8ADK0sz6FpBtFNrBq/DHnoxxUzyIqEzAzb
PFRq8wIGEq8Thoki3t9VpgK82Zn9Sc6enUIi+9fuTrI9xH543ohymfYDGrMZR2em
kc/iTHcSzihrf3Cwpn2Sif+Fov4Nwny7NMBs0d6WvfthARTtm/7e2AKWIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwacvvaono1EEPrXIcOv7xBkdkwMB8GA1UdIwQY
MBaAFMoMLayv36U5l+07CnDfvCcKkzv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWd3dHJLX2ZwVG1YN1RzS2NOLThKd3FUT19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83MzM1OTgtNzRlOC00N2FhLThjOGUt
OTllYzg4YzQ3NzYwLzEvVEJweS05cWllalVRUS10Y2h3Nl92RUdSMlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83MzM1OTgtNzRlOC00N2FhLThjOGUtOTllYzg4YzQ3NzYw
LzEveWd3dHJLX2ZwVG1YN1RzS2NOLThKd3FUT19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQQEMA0E
AgACMAcDBQAqAl5AMA0GCSqGSIb3DQEBCwUAA4IBAQBtqjic4Uqm9OL0Cjk9bPqm
RAmPqJcu9Qn4UsQoKbgdFCp1xWGoitPIAmOqg+c36Azv4YIGGzkFSXqnrHv7ko6A
LGDIssJwotDEIFuWk91ZOYTA4lSmofaVG5y4pSxxpQDQQND8Tf8eggVmjY40Q8uG
ftEcmQZ4QkONHvrNjWap16baPnOFJuW++1L4t8Gw6PMdDoHHB9O8+8VV1S9DxOmt
x2pTwTZ00hg4Jmd/P/pQDMw2NY0lodNiGkg2LoFpiSmDu5/27nbHtzi2fyNJkcW8
quGv4Uxz7RT+WGpm+oqwMd11noC5zTlQ8XR5kbfUvusE7WIN7Sbv1qDOXR2DRGS4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net