Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/TkJi6MAHiQpNj2Oyk40aOzqLJ7Y.roa
File: TkJi6MAHiQpNj2Oyk40aOzqLJ7Y.roa (raw, json)
Hash identifier: I/uwWwVqDGThqp+KA/qqLKY8rR+9iLdzyQtCR4yZvrA=
Subject key identifier: 4E:42:62:E8:C0:07:89:0A:4D:8F:63:B2:93:8D:1A:3B:3A:8B:27:B6
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01942067FD5055DBAAD7B1FC73B9761A4FA7
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/TkJi6MAHiQpNj2Oyk40aOzqLJ7Y.roa
Signing time: Wed 01 Jan 2025 05:47:53 +0000
ROA not before: Wed 01 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 194.97.192.0/19 maxlen: 19
2001:748:400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:fd:50:55:db:aa:d7:b1:fc:73:b9:76:1a:4f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jan 1 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e4262e8c007890a4d8f63b2938d1a3b3a8b27b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:95:62:a5:77:01:71:ae:9a:3e:a2:be:c2:
35:31:46:a9:4c:c1:20:28:02:93:06:c4:34:1e:ff:
18:f8:e3:de:e1:a6:6f:98:fe:22:1b:21:5a:37:a4:
43:7a:b9:2d:d3:c5:a0:f5:7a:b2:27:43:e9:7d:0d:
e2:31:7c:51:dd:cc:15:36:1c:4f:f3:f1:0b:2e:91:
0c:db:9a:32:73:bc:07:ca:5c:57:c3:4a:e5:6a:f0:
d8:08:e0:47:ac:13:02:c6:73:ec:15:82:61:31:5f:
53:ca:79:f7:c2:2b:18:1c:cc:0f:7b:a7:56:9b:ab:
88:f1:27:4f:a5:44:06:7e:ef:23:ea:c7:ca:6b:ce:
1c:33:57:b8:bb:ef:c1:5a:51:bd:3a:0e:0c:bc:2e:
31:46:e9:dc:cb:85:10:86:1c:ac:a1:4f:c8:dd:00:
60:68:b4:a1:e9:97:e6:5e:77:01:fe:60:bf:f4:6c:
fe:8b:02:53:9d:9a:c7:c8:e3:3d:9e:29:ed:69:8b:
56:0b:fd:cf:c9:a5:a3:61:d3:94:aa:40:83:3e:0b:
41:83:3f:93:5b:26:a0:fe:de:39:6f:cd:39:86:2d:
8a:6e:27:8e:7f:17:48:69:2f:ae:16:10:97:ce:4c:
7f:3d:87:b6:a4:ed:2c:11:c1:ac:9a:50:6b:56:16:
55:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:42:62:E8:C0:07:89:0A:4D:8F:63:B2:93:8D:1A:3B:3A:8B:27:B6
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/TkJi6MAHiQpNj2Oyk40aOzqLJ7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.97.192.0/19
IPv6:
2001:748:400::/48
Signature Algorithm: sha256WithRSAEncryption
6e:31:e8:3c:0a:4b:2c:9a:04:4d:6f:44:24:68:0e:a2:af:b7:
25:65:d0:cd:ba:ec:e1:78:e1:b5:07:a5:6d:6c:e1:71:c6:3b:
c2:d9:e8:2a:5d:ba:92:30:d5:1d:fd:38:4f:2f:1a:65:ad:66:
a6:ba:2b:98:68:cf:2a:4e:dd:c3:70:f2:09:1e:cc:a0:d7:d0:
9f:bb:54:0f:39:72:75:9c:f7:55:84:06:d3:ef:c3:cc:02:c3:
b8:39:d9:94:60:93:de:b2:3f:bc:9b:d4:e0:45:3d:08:17:87:
14:9e:ac:f7:5e:04:3f:ca:58:95:51:55:fe:5f:8b:6c:5a:7f:
0e:b8:7e:9b:b7:62:dd:55:2d:f7:9e:f0:9c:b6:b8:d6:d8:63:
64:74:89:db:e7:1f:e0:7f:a7:50:06:56:6b:3d:00:61:de:9d:
ef:85:ad:77:0e:64:0a:3a:fc:74:cd:4f:a8:72:6c:ba:83:f0:
98:4f:25:6e:ee:78:1b:a8:c1:5d:f6:9b:55:aa:51:56:cc:c2:
e3:8b:7e:cb:54:47:7d:e6:5e:e4:0c:14:a1:26:3c:8c:46:8d:
62:df:06:be:06:47:bd:03:b6:eb:98:be:e2:65:32:b4:1c:38:
fd:11:ef:34:f9:2c:6a:ed:e8:26:e1:7f:90:7c:0e:52:45:d2:
01:09:9e:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgZ/1QVduq17H8c7l2Gk+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwMTAxMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQyNjJlOGMwMDc4OTBhNGQ4ZjYzYjI5MzhkMWEzYjNhOGIyN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwryVYqV3AXGumj6ivsI1MUapTMEg
KAKTBsQ0Hv8Y+OPe4aZvmP4iGyFaN6RDerkt08Wg9XqyJ0PpfQ3iMXxR3cwVNhxP
8/ELLpEM25oyc7wHylxXw0rlavDYCOBHrBMCxnPsFYJhMV9Tynn3wisYHMwPe6dW
m6uI8SdPpUQGfu8j6sfKa84cM1e4u+/BWlG9Og4MvC4xRuncy4UQhhysoU/I3QBg
aLSh6ZfmXncB/mC/9Gz+iwJTnZrHyOM9nintaYtWC/3PyaWjYdOUqkCDPgtBgz+T
Wyag/t45b805hi2KbieOfxdIaS+uFhCXzkx/PYe2pO0sEcGsmlBrVhZVcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5CYujAB4kKTY9jspONGjs6iye2MB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvVGtKaTZNQUhpUXBOajJPeWs0MGFPenFMSjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFwmHAMA8E
AgACMAkDBwAgAQdIBAAwDQYJKoZIhvcNAQELBQADggEBAG4x6DwKSyyaBE1vRCRo
DqKvtyVl0M267OF44bUHpW1s4XHGO8LZ6CpdupIw1R39OE8vGmWtZqa6K5hozypO
3cNw8gkezKDX0J+7VA85cnWc91WEBtPvw8wCw7g52ZRgk96yP7yb1OBFPQgXhxSe
rPdeBD/KWJVRVf5fi2xafw64fpu3Yt1VLfee8Jy2uNbYY2R0idvnH+B/p1AGVms9
AGHene+FrXcOZAo6/HTNT6hybLqD8JhPJW7ueBuowV32m1WqUVbMwuOLfstUR33m
XuQMFKEmPIxGjWLfBr4GR70DtuuYvuJlMrQcOP0R7zT5LGrt6Cbhf5B8DlJF0gEJ
nsk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:00:20 2025 by rpki-client