Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/TmDl2DUL9OzEffrl6LNKEoO-b9U.roa
File: TmDl2DUL9OzEffrl6LNKEoO-b9U.roa (raw, json)
Hash identifier: sCLgHPrsYaOz/O+b/hVyLLg3WshObi6w3HgvywKEkdE=
Subject key identifier: 4E:60:E5:D8:35:0B:F4:EC:C4:7D:FA:E5:E8:B3:4A:12:83:BE:6F:D5
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC18359B077C8F3EEEADFAF3A39AF8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/TmDl2DUL9OzEffrl6LNKEoO-b9U.roa
Signing time: Wed 01 Jan 2025 17:48:53 +0000
ROA not before: Wed 01 Jan 2025 17:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204868
IP address blocks: 2.59.204.0/22 maxlen: 24
5.253.228.0/22 maxlen: 22
185.145.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:18:35:9b:07:7c:8f:3e:ee:ad:fa:f3:a3:9a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e60e5d8350bf4ecc47dfae5e8b34a1283be6fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:aa:0f:70:8c:f8:aa:9b:d7:d3:10:82:48:00:
dc:6b:dd:40:bf:09:f1:29:88:39:78:21:75:85:74:
7a:c8:83:b6:07:ab:45:63:3b:9a:b6:88:f8:3e:10:
1d:8f:91:ec:78:5d:34:14:32:0f:ba:e7:aa:71:12:
3f:2b:39:0c:4c:02:ac:f2:b7:f5:44:df:87:39:56:
2e:57:db:f7:2c:50:94:93:69:bb:36:c2:f3:aa:7d:
0d:76:19:75:fd:d2:4b:d5:39:61:6e:f1:91:81:35:
b7:86:f9:8e:87:ef:d0:d7:59:36:31:51:57:bb:07:
4d:cf:cd:c2:a6:99:f7:0a:3b:0d:b6:15:93:15:0a:
29:b4:0e:29:f0:85:4f:cd:3f:72:c1:bc:d6:6d:14:
39:15:72:d8:87:f7:4b:5e:fb:5e:de:2f:75:6e:fe:
d6:fe:19:fd:b8:e8:db:f3:54:bf:be:31:f4:d4:4a:
80:d0:b5:49:e5:ca:e6:b2:35:4d:20:8c:16:25:a0:
91:0e:cb:73:2c:23:4f:b6:df:28:af:23:40:e0:ae:
ba:4d:70:87:b2:1c:6a:c9:fa:96:a6:23:23:a4:77:
bc:af:58:bb:39:e0:23:a4:bf:5c:0c:00:f4:fd:b5:
b9:81:a6:7d:29:87:f0:4b:de:92:7f:53:5f:ed:7f:
c9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:60:E5:D8:35:0B:F4:EC:C4:7D:FA:E5:E8:B3:4A:12:83:BE:6F:D5
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/TmDl2DUL9OzEffrl6LNKEoO-b9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.204.0/22
5.253.228.0/22
185.145.80.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:49:ca:59:48:32:ef:8b:8f:1b:97:15:60:db:c7:72:6f:45:
a4:2c:7f:2c:40:d4:c1:c3:5b:c4:e1:7a:42:8d:93:31:f0:8c:
23:b0:c7:1e:ba:a8:67:bb:29:53:8b:78:f2:f1:01:d0:77:e7:
5b:77:eb:f1:62:59:78:8f:fd:8b:21:c5:6b:ab:61:f0:fc:82:
95:59:27:a9:d0:8d:35:fe:5d:7b:3d:d1:f8:97:90:57:d9:3b:
be:9a:62:7b:d3:fd:b5:6e:f5:29:9d:d2:83:85:6b:ec:53:05:
e1:24:f6:aa:49:7b:ce:48:d4:c9:9d:21:21:a7:9e:29:05:f1:
b7:12:70:b5:db:d6:81:49:34:9b:fc:b1:ce:f5:06:3f:5f:8b:
a1:dd:5e:b2:9d:73:e2:ec:85:00:06:48:39:c7:fa:79:b1:0a:
13:40:41:17:db:68:55:32:9f:27:1e:9c:32:e4:4f:8e:1d:8a:
16:61:49:28:e7:e5:3d:a9:da:3c:de:db:7e:61:17:69:5b:3f:
a5:bb:86:ea:0f:23:f0:66:8c:d3:64:b9:7b:cd:21:27:5e:23:
71:d7:70:f3:93:49:1a:68:04:b0:2b:54:e3:01:26:ea:1d:a9:
5a:42:95:e6:51:ef:db:bf:e7:5b:f7:05:8f:b1:3e:31:e1:0a:
05:78:19:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/Bg1mwd8jz7urfrzo5r4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYwZTVkODM1MGJmNGVjYzQ3ZGZhZTVlOGIzNGExMjgzYmU2ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaoPcIz4qpvX0xCCSADca91Avwnx
KYg5eCF1hXR6yIO2B6tFYzuatoj4PhAdj5HseF00FDIPuueqcRI/KzkMTAKs8rf1
RN+HOVYuV9v3LFCUk2m7NsLzqn0Ndhl1/dJL1TlhbvGRgTW3hvmOh+/Q11k2MVFX
uwdNz83Cppn3CjsNthWTFQoptA4p8IVPzT9ywbzWbRQ5FXLYh/dLXvte3i91bv7W
/hn9uOjb81S/vjH01EqA0LVJ5crmsjVNIIwWJaCRDstzLCNPtt8oryNA4K66TXCH
shxqyfqWpiMjpHe8r1i7OeAjpL9cDAD0/bW5gaZ9KYfwS96Sf1Nf7X/JHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE5g5dg1C/TsxH365eizShKDvm/VMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVG1EbDJEVUw5T3pFZmZybDZMTktFb08tYjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjvMAwQC
Bf3kAwQCuZFQMA0GCSqGSIb3DQEBCwUAA4IBAQAKScpZSDLvi48blxVg28dyb0Wk
LH8sQNTBw1vE4XpCjZMx8IwjsMceuqhnuylTi3jy8QHQd+dbd+vxYll4j/2LIcVr
q2Hw/IKVWSep0I01/l17PdH4l5BX2Tu+mmJ70/21bvUpndKDhWvsUwXhJPaqSXvO
SNTJnSEhp54pBfG3EnC129aBSTSb/LHO9QY/X4uh3V6ynXPi7IUABkg5x/p5sQoT
QEEX22hVMp8nHpwy5E+OHYoWYUko5+U9qdo83tt+YRdpWz+lu4bqDyPwZozTZLl7
zSEnXiNx13Dzk0kaaASwK1TjASbqHalaQpXmUe/bv+db9wWPsT4x4QoFeBly
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:11:17 2025 by rpki-client