Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/TZjDxa0WLxZ4-HRGPSFJK9LraZg.roa
File: TZjDxa0WLxZ4-HRGPSFJK9LraZg.roa (raw, json)
Hash identifier: mYc2KZGGYZLCnNBNUhGV4DJVMUhPM50/TitGKZaaJPU=
Subject key identifier: 4D:98:C3:C5:AD:16:2F:16:78:F8:74:46:3D:21:49:2B:D2:EB:69:98
Certificate issuer: /CN=8a7b09ab545851c789d2caa8942ba39cea13e93e
Certificate serial: 0194266C2CAB9C8F81814068F588E4CA8609
Authority key identifier: 8A:7B:09:AB:54:58:51:C7:89:D2:CA:A8:94:2B:A3:9C:EA:13:E9:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/insJq1RYUceJ0sqolCujnOoT6T4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/TZjDxa0WLxZ4-HRGPSFJK9LraZg.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43193
IP address blocks: 185.176.164.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2c:ab:9c:8f:81:81:40:68:f5:88:e4:ca:86:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7b09ab545851c789d2caa8942ba39cea13e93e
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d98c3c5ad162f1678f874463d21492bd2eb6998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bd:45:3d:c3:d2:38:9c:d3:ba:59:7c:51:4b:
62:e2:05:01:e0:b1:d3:23:44:cf:ae:e3:b9:8a:70:
db:4b:eb:5c:4a:b7:91:d2:69:6d:d5:8f:08:48:03:
b6:70:91:30:03:e5:c5:36:3d:e1:e0:00:36:53:e7:
0c:49:87:f1:62:e8:f8:a0:23:4a:d8:c1:fc:fc:e5:
9d:41:8e:3f:f8:3e:34:a4:28:68:15:37:78:e7:7d:
9e:47:dc:33:68:5c:2c:84:50:35:5c:a6:f3:66:0c:
ba:0d:2a:01:13:ef:a5:43:4c:df:42:07:5c:c7:81:
be:d2:cb:7c:d8:0a:41:17:f9:d8:3d:21:05:97:5c:
a6:a1:a4:48:4d:c6:23:1c:21:7f:6d:e5:74:bc:bc:
db:79:58:67:71:cf:0d:a5:e7:7a:bf:ae:52:5d:e2:
7c:b2:69:28:21:a6:15:c0:06:54:74:d8:c6:cd:da:
9a:47:eb:43:67:d2:54:08:c8:05:49:de:0b:e0:cc:
80:76:88:28:10:c8:5a:db:e5:d7:fa:4b:e0:a8:48:
4b:9e:e0:06:55:44:b7:c9:63:7b:e8:1c:79:a4:b6:
be:e7:fd:f6:1c:ec:30:d8:92:d8:4f:d0:73:cb:7f:
64:18:6f:a0:96:7e:6c:3c:be:ca:a9:78:83:eb:3e:
0f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:98:C3:C5:AD:16:2F:16:78:F8:74:46:3D:21:49:2B:D2:EB:69:98
X509v3 Authority Key Identifier:
keyid:8A:7B:09:AB:54:58:51:C7:89:D2:CA:A8:94:2B:A3:9C:EA:13:E9:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/insJq1RYUceJ0sqolCujnOoT6T4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/TZjDxa0WLxZ4-HRGPSFJK9LraZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/731f56-a2a1-4c75-95c3-5e7dc828d05d/1/insJq1RYUceJ0sqolCujnOoT6T4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.164.0/22
Signature Algorithm: sha256WithRSAEncryption
22:3b:bd:10:e6:0e:af:fb:5c:a4:62:3a:a8:b9:66:6a:ef:7a:
bf:1a:e9:ae:aa:f4:64:99:db:00:b6:c5:e7:51:6e:f5:96:ac:
96:28:db:70:b3:25:a1:5f:38:45:4d:9e:21:b2:d5:76:61:63:
21:45:c9:17:62:4c:80:84:ef:77:01:48:fa:53:34:54:62:93:
93:20:bb:ff:f2:ff:4d:ef:58:16:2a:8a:fa:21:c3:f4:44:aa:
ac:cd:c6:bf:cc:17:f1:d3:40:68:35:53:8b:1d:88:aa:2f:2f:
28:7c:9e:51:d9:59:82:ca:13:7a:d0:c5:37:67:c7:dd:9a:4f:
61:b7:0b:53:40:27:21:95:75:2f:48:dc:d2:f8:ed:75:50:20:
06:3b:ae:87:b9:d8:d6:84:42:a0:6c:da:45:1e:8f:0e:bb:c0:
2f:c5:89:dd:5f:f2:67:b8:32:8a:67:a8:e8:75:9c:af:00:64:
2d:20:44:9c:17:5a:80:a8:f8:d8:d0:c3:79:7c:24:ba:ab:b9:
31:78:15:8f:e9:d9:24:9a:61:34:d9:f6:8d:b2:36:2e:8c:48:
cf:e8:1b:14:f8:04:b8:1b:1f:7d:1a:57:e3:40:14:7a:59:d3:
1d:78:a0:2d:9e:cb:33:35:62:5b:d1:c6:87:0e:23:ae:20:93:
e0:58:f5:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCyrnI+BgUBo9YjkyoYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2IwOWFiNTQ1ODUxYzc4OWQyY2FhODk0MmJhMzljZWEx
M2U5M2UwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk4YzNjNWFkMTYyZjE2NzhmODc0NDYzZDIxNDkyYmQyZWI2OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL1FPcPSOJzTull8UUti4gUB4LHT
I0TPruO5inDbS+tcSreR0mlt1Y8ISAO2cJEwA+XFNj3h4AA2U+cMSYfxYuj4oCNK
2MH8/OWdQY4/+D40pChoFTd4532eR9wzaFwshFA1XKbzZgy6DSoBE++lQ0zfQgdc
x4G+0st82ApBF/nYPSEFl1ymoaRITcYjHCF/beV0vLzbeVhncc8Nped6v65SXeJ8
smkoIaYVwAZUdNjGzdqaR+tDZ9JUCMgFSd4L4MyAdogoEMha2+XX+kvgqEhLnuAG
VUS3yWN76Bx5pLa+5/32HOww2JLYT9Bzy39kGG+gln5sPL7KqXiD6z4PTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2Yw8WtFi8WePh0Rj0hSSvS62mYMB8GA1UdIwQY
MBaAFIp7CatUWFHHidLKqJQro5zqE+k+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5zSnExUllVY2VKMHNxb2xDdWpuT29UNlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MzFmNTYtYTJhMS00Yzc1LTk1YzMt
NWU3ZGM4MjhkMDVkLzEvVFpqRHhhMFdMeFo0LUhSR1BTRkpLOUxyYVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MzFmNTYtYTJhMS00Yzc1LTk1YzMtNWU3ZGM4MjhkMDVk
LzEvaW5zSnExUllVY2VKMHNxb2xDdWpuT29UNlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubCkMA0G
CSqGSIb3DQEBCwUAA4IBAQAiO70Q5g6v+1ykYjqouWZq73q/GumuqvRkmdsAtsXn
UW71lqyWKNtwsyWhXzhFTZ4hstV2YWMhRckXYkyAhO93AUj6UzRUYpOTILv/8v9N
71gWKor6IcP0RKqszca/zBfx00BoNVOLHYiqLy8ofJ5R2VmCyhN60MU3Z8fdmk9h
twtTQCchlXUvSNzS+O11UCAGO66HudjWhEKgbNpFHo8Ou8AvxYndX/JnuDKKZ6jo
dZyvAGQtIEScF1qAqPjY0MN5fCS6q7kxeBWP6dkkmmE02faNsjYujEjP6BsU+AS4
Gx99GlfjQBR6WdMdeKAtnsszNWJb0caHDiOuIJPgWPXk
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:28:31 2025 by rpki-client