Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/TpBonKzdgVHgS_Gy-DCcGH-ISN4.roa
File: TpBonKzdgVHgS_Gy-DCcGH-ISN4.roa (raw, json)
Hash identifier: fc1S9Y933e/VnBvBlMJ607HkBmXbxqMq3az/lWDVmME=
Subject key identifier: 4E:90:68:9C:AC:DD:81:51:E0:4B:F1:B2:F8:30:9C:18:7F:88:48:DE
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 019425FC68C10829D6D5255C1E6C8AAA2F8C
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/TpBonKzdgVHgS_Gy-DCcGH-ISN4.roa
Signing time: Thu 02 Jan 2025 07:48:06 +0000
ROA not before: Thu 02 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197501
IP address blocks: 31.129.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:68:c1:08:29:d6:d5:25:5c:1e:6c:8a:aa:2f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 2 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e90689cacdd8151e04bf1b2f8309c187f8848de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:81:1e:e2:24:6a:6e:9a:b6:61:be:02:7c:9c:
5f:b0:ba:dc:08:d1:1d:a0:75:ac:b1:bf:00:0a:b7:
1a:59:ee:b6:a3:28:0f:6c:19:65:4f:5c:76:cf:a1:
ea:28:15:ad:f1:0e:b1:7a:e8:35:40:6e:6b:27:d6:
38:46:e2:98:53:cb:44:bc:ed:18:a7:b0:9b:4d:85:
21:47:65:55:69:93:30:92:71:3c:a8:05:d8:e5:24:
f2:63:bd:44:a9:15:d7:63:2f:53:44:99:01:67:9a:
58:18:64:a5:65:fc:65:c3:bf:27:ac:14:91:70:77:
7f:5c:25:4c:0f:3f:e9:ee:6a:17:bb:40:3e:29:35:
8d:b7:31:93:a4:a9:0c:47:8b:97:c5:7b:86:59:90:
6b:04:14:1f:eb:b6:4a:06:aa:bb:4d:49:ac:38:8c:
d4:63:77:b5:a9:9a:9c:d3:9b:91:01:26:2e:f5:66:
82:44:59:cc:8e:33:c2:07:4c:ea:ec:45:1f:6d:b0:
ba:e7:aa:e8:fa:6f:41:e8:1e:f4:f1:8d:7d:99:2d:
2d:25:66:d8:e7:9f:51:b5:bf:2d:9d:c8:6d:c2:ec:
91:b7:ed:57:0b:72:e2:46:e5:24:e4:4c:76:f1:aa:
33:c3:96:78:95:de:82:d9:06:b5:e0:28:d4:57:a4:
c7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:90:68:9C:AC:DD:81:51:E0:4B:F1:B2:F8:30:9C:18:7F:88:48:DE
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/TpBonKzdgVHgS_Gy-DCcGH-ISN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.247.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:db:75:c8:84:1b:40:12:32:2a:85:c4:13:fa:52:77:02:99:
9a:a0:97:90:7c:c3:40:48:19:c7:d4:ee:5f:f2:1f:92:2f:65:
72:c1:00:6c:81:b4:b0:9c:e5:cc:a3:70:44:3f:75:7c:be:d7:
ba:bb:aa:ef:6c:a2:72:91:95:4e:4c:c7:f2:b4:3b:a5:d8:11:
7b:d8:b9:58:3a:20:20:1f:88:52:7a:45:74:76:03:fc:3d:f7:
0a:61:14:0b:b4:b4:bb:37:fa:e0:fa:18:49:b7:3c:e9:fb:f8:
fe:ae:90:74:6e:df:4b:70:03:8c:b0:43:18:81:7e:b3:c5:d9:
51:65:90:bd:d0:66:00:d0:f5:7f:6d:26:73:6f:31:60:92:c5:
0b:0c:fd:db:3a:3c:84:8c:a0:fd:ee:d6:22:3d:bf:54:0b:1c:
d7:7f:9f:aa:6f:e8:cb:4e:ed:d3:69:c3:a2:1c:d4:7c:07:dc:
55:58:ef:9c:40:3d:d6:c0:8a:5a:5d:ac:9c:76:32:0a:2a:ae:
4b:0f:51:23:ed:00:5e:ba:ae:33:d9:55:ad:e4:f6:fe:2a:9a:
47:23:22:b2:10:94:cc:0e:07:d9:31:87:d3:bd:18:44:21:75:
51:d0:24:0b:a3:a9:c3:bf:6a:3b:b2:6d:ae:3c:d4:0c:4c:ed:
2d:08:41:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/GjBCCnW1SVcHmyKqi+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjUwMTAyMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkwNjg5Y2FjZGQ4MTUxZTA0YmYxYjJmODMwOWMxODdmODg0OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74Ee4iRqbpq2Yb4CfJxfsLrcCNEd
oHWssb8ACrcaWe62oygPbBllT1x2z6HqKBWt8Q6xeug1QG5rJ9Y4RuKYU8tEvO0Y
p7CbTYUhR2VVaZMwknE8qAXY5STyY71EqRXXYy9TRJkBZ5pYGGSlZfxlw78nrBSR
cHd/XCVMDz/p7moXu0A+KTWNtzGTpKkMR4uXxXuGWZBrBBQf67ZKBqq7TUmsOIzU
Y3e1qZqc05uRASYu9WaCRFnMjjPCB0zq7EUfbbC656ro+m9B6B708Y19mS0tJWbY
559Rtb8tnchtwuyRt+1XC3LiRuUk5Ex28aozw5Z4ld6C2Qa14CjUV6THmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6QaJys3YFR4EvxsvgwnBh/iEjeMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvVHBCb25LemRnVkhnU19HeS1EQ2NHSC1JU040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4H3MA0G
CSqGSIb3DQEBCwUAA4IBAQAv23XIhBtAEjIqhcQT+lJ3ApmaoJeQfMNASBnH1O5f
8h+SL2VywQBsgbSwnOXMo3BEP3V8vte6u6rvbKJykZVOTMfytDul2BF72LlYOiAg
H4hSekV0dgP8PfcKYRQLtLS7N/rg+hhJtzzp+/j+rpB0bt9LcAOMsEMYgX6zxdlR
ZZC90GYA0PV/bSZzbzFgksULDP3bOjyEjKD97tYiPb9UCxzXf5+qb+jLTu3TacOi
HNR8B9xVWO+cQD3WwIpaXaycdjIKKq5LD1Ej7QBeuq4z2VWt5Pb+KppHIyKyEJTM
DgfZMYfTvRhEIXVR0CQLo6nDv2o7sm2uPNQMTO0tCEFo
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:30 2025 by rpki-client