Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/4TacCA5fNMvJzrQKHYvZp1FsTCY.roa
File: 4TacCA5fNMvJzrQKHYvZp1FsTCY.roa (raw, json)
Hash identifier: PoM3PiM+eiQs0IrTl3gGzaDWCG/B3yTTKS+dLnu4Yd0=
Subject key identifier: E1:36:9C:08:0E:5F:34:CB:C9:CE:B4:0A:1D:8B:D9:A7:51:6C:4C:26
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 01942445A5E38D8A757B578C95770B220E04
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/4TacCA5fNMvJzrQKHYvZp1FsTCY.roa
Signing time: Wed 01 Jan 2025 23:48:51 +0000
ROA not before: Wed 01 Jan 2025 23:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201031
IP address blocks: 185.217.90.0/24 maxlen: 24
194.113.196.0/22 maxlen: 22
194.113.196.0/23 maxlen: 23
194.113.196.0/24 maxlen: 24
194.113.197.0/24 maxlen: 24
194.113.198.0/23 maxlen: 23
194.113.198.0/24 maxlen: 24
194.113.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a5:e3:8d:8a:75:7b:57:8c:95:77:0b:22:0e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Jan 1 23:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1369c080e5f34cbc9ceb40a1d8bd9a7516c4c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e4:77:98:ae:eb:89:d3:ec:29:93:f2:f0:c0:
5b:76:eb:7a:50:79:95:c3:13:c6:87:a0:c3:75:91:
a4:55:8c:d2:75:06:09:4d:7d:15:cc:79:b3:ea:89:
6f:b8:45:9e:ba:8c:14:18:de:7c:38:8c:91:b5:ac:
e7:c9:fd:76:2b:4e:6c:d7:8d:6d:7a:96:b3:7c:39:
0a:ab:7d:2b:9f:d5:0e:91:fe:7d:ae:25:00:8b:c2:
e9:c8:a2:57:cb:40:1b:a5:3b:b3:bf:1f:1c:61:a5:
1c:09:34:2f:5b:7d:7f:c4:28:22:13:20:5b:b4:a0:
71:d5:d1:6a:84:be:94:9d:d4:92:b3:2f:a2:c9:3f:
18:41:47:6b:da:a3:22:24:f5:06:bd:de:e8:cb:30:
0f:c9:e3:27:a0:0c:b1:27:ec:2d:11:8b:07:05:62:
34:6b:e9:53:f4:e8:ed:56:fc:c5:e4:12:e7:15:66:
fa:e1:b8:40:32:45:9a:8e:ae:d5:95:15:82:fa:ea:
eb:be:f6:92:49:29:82:24:93:e9:4f:f8:36:de:26:
cb:65:6c:05:fe:b5:02:34:9e:1f:cb:30:c3:4c:12:
e9:2d:96:5d:67:f8:1b:62:27:7f:14:a0:51:78:80:
5b:f2:84:4d:74:23:77:3f:f9:35:22:f2:77:26:9f:
a0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:36:9C:08:0E:5F:34:CB:C9:CE:B4:0A:1D:8B:D9:A7:51:6C:4C:26
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/4TacCA5fNMvJzrQKHYvZp1FsTCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.90.0/24
194.113.196.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:56:16:84:3b:2f:df:c9:ae:cd:4e:09:df:7a:16:40:4b:b7:
47:19:20:65:56:bb:98:72:b8:47:48:d0:41:00:c1:99:af:2f:
e6:35:e3:a1:1e:5a:e7:2d:51:25:aa:e6:b6:89:3a:b1:13:91:
cb:07:95:c5:8b:b6:2c:c5:0f:3f:fa:73:48:a0:78:97:fb:45:
86:70:2d:df:81:28:c4:e3:73:a8:48:30:0c:51:ee:e3:bf:31:
6f:25:87:f1:e2:e6:fb:1c:a0:e6:79:65:6b:46:c6:77:a6:a4:
9d:0f:c4:d4:7f:c6:bf:9a:38:82:53:a4:3f:9a:31:bc:f3:38:
28:92:49:4b:f1:77:b7:34:1d:2c:7f:66:af:3b:b4:a0:95:9d:
7e:96:09:7c:60:4f:ea:92:05:48:20:63:a4:3f:a3:cc:2a:a5:
1f:31:3d:eb:da:b1:e3:2e:ce:f7:68:e5:bc:bd:6a:39:b2:a3:
f2:fe:08:61:f7:ae:c7:01:f9:0e:b0:ff:99:e7:8e:33:04:db:
05:ba:df:a0:bd:a7:cd:ad:96:ea:82:56:f8:bc:4a:5b:47:6f:
8f:72:9f:27:8c:7f:57:a6:90:d2:6e:6c:9f:05:b4:44:54:51:
78:c3:aa:08:14:ae:77:b4:58:15:ee:b9:86:de:88:7b:a8:0f:
09:b7:0b:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRaXjjYp1e1eMlXcLIg4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjUwMTAxMjM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM2OWMwODBlNWYzNGNiYzljZWI0MGExZDhiZDlhNzUxNmM0YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuR3mK7ridPsKZPy8MBbdut6UHmV
wxPGh6DDdZGkVYzSdQYJTX0VzHmz6olvuEWeuowUGN58OIyRtaznyf12K05s141t
epazfDkKq30rn9UOkf59riUAi8LpyKJXy0AbpTuzvx8cYaUcCTQvW31/xCgiEyBb
tKBx1dFqhL6UndSSsy+iyT8YQUdr2qMiJPUGvd7oyzAPyeMnoAyxJ+wtEYsHBWI0
a+lT9OjtVvzF5BLnFWb64bhAMkWajq7VlRWC+urrvvaSSSmCJJPpT/g23ibLZWwF
/rUCNJ4fyzDDTBLpLZZdZ/gbYid/FKBReIBb8oRNdCN3P/k1IvJ3Jp+gwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOE2nAgOXzTLyc60Ch2L2adRbEwmMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvNFRhY0NBNWZOTXZKenJRS0hZdlpwMUZzVENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudlaAwQC
wnHEMA0GCSqGSIb3DQEBCwUAA4IBAQCNVhaEOy/fya7NTgnfehZAS7dHGSBlVruY
crhHSNBBAMGZry/mNeOhHlrnLVElqua2iTqxE5HLB5XFi7YsxQ8/+nNIoHiX+0WG
cC3fgSjE43OoSDAMUe7jvzFvJYfx4ub7HKDmeWVrRsZ3pqSdD8TUf8a/mjiCU6Q/
mjG88zgokklL8Xe3NB0sf2avO7SglZ1+lgl8YE/qkgVIIGOkP6PMKqUfMT3r2rHj
Ls73aOW8vWo5sqPy/ghh967HAfkOsP+Z544zBNsFut+gvafNrZbqglb4vEpbR2+P
cp8njH9XppDSbmyfBbREVFF4w6oIFK53tFgV7rmG3oh7qA8JtwtO
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:23:29 2025 by rpki-client