Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/TFGcxJc1hz5sSLNvCaBuhb3JcFY.roa
File: TFGcxJc1hz5sSLNvCaBuhb3JcFY.roa (raw, json)
Hash identifier: IVGRn6jYdKaVvVkrmcrSKzMRsOoEhE2vOI0riR6WQTo=
Subject key identifier: 4C:51:9C:C4:97:35:87:3E:6C:48:B3:6F:09:A0:6E:85:BD:C9:70:56
Certificate issuer: /CN=29a03997b28f59b08031c898407dd5e5137dddb1
Certificate serial: 019420686300CBB77F40BBCBC540E3D02951
Authority key identifier: 29:A0:39:97:B2:8F:59:B0:80:31:C8:98:40:7D:D5:E5:13:7D:DD:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KaA5l7KPWbCAMciYQH3V5RN93bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/TFGcxJc1hz5sSLNvCaBuhb3JcFY.roa
Signing time: Wed 01 Jan 2025 05:48:19 +0000
ROA not before: Wed 01 Jan 2025 05:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60458
IP address blocks: 193.84.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:63:00:cb:b7:7f:40:bb:cb:c5:40:e3:d0:29:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a03997b28f59b08031c898407dd5e5137dddb1
Validity
Not Before: Jan 1 05:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c519cc49735873e6c48b36f09a06e85bdc97056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0d:d2:65:a4:f8:9f:86:9f:92:5c:f9:0f:b9:
77:fb:b9:bf:d1:92:3e:25:67:52:90:30:2d:08:33:
c6:da:f0:eb:e6:56:3e:d8:80:b0:a2:09:62:88:3c:
11:d6:79:d9:74:b3:6a:e0:70:4b:83:f7:44:c3:b5:
a1:1d:e9:62:6e:0c:77:07:d4:c0:cd:cf:63:43:f9:
92:3b:a6:1f:7e:4e:26:ae:08:71:10:0b:a0:00:de:
f5:68:24:d4:23:3a:86:2b:29:1b:07:ba:5a:34:85:
25:4b:23:27:85:c0:eb:e1:26:3c:76:4b:92:89:9e:
1a:b2:c1:79:50:12:3f:4e:9a:0d:11:86:ca:65:fb:
c0:bf:67:4a:df:39:d8:bb:5b:85:3a:3a:65:1d:1a:
34:55:9d:86:0b:cf:07:96:e1:b8:b7:03:a9:f6:e7:
80:96:55:fc:09:ef:8d:f9:6b:a9:86:ff:25:a9:1f:
cd:c7:50:d7:e3:03:01:14:9d:ca:e2:69:6e:d2:b2:
b7:ac:f6:46:1a:bc:e3:44:29:21:c0:a1:2d:a7:db:
ff:34:75:92:e2:fc:96:cc:cc:91:f4:d3:70:55:2d:
26:4f:48:43:9c:29:ae:73:64:5b:dc:b5:de:1f:22:
a0:06:d1:f9:fd:2b:d1:a0:a6:6e:13:db:a4:a5:b9:
02:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:51:9C:C4:97:35:87:3E:6C:48:B3:6F:09:A0:6E:85:BD:C9:70:56
X509v3 Authority Key Identifier:
keyid:29:A0:39:97:B2:8F:59:B0:80:31:C8:98:40:7D:D5:E5:13:7D:DD:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KaA5l7KPWbCAMciYQH3V5RN93bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/TFGcxJc1hz5sSLNvCaBuhb3JcFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/219be2-396f-427f-942c-1f8e522408a5/1/KaA5l7KPWbCAMciYQH3V5RN93bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.177.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:40:dd:17:b5:31:a8:6c:0f:eb:c2:8f:2a:7a:58:3e:2f:bb:
54:49:29:49:9b:e6:1e:ef:49:8b:c3:1d:46:c6:5e:1f:27:20:
1d:92:2a:c1:98:f9:8b:64:7a:0a:6e:4e:47:32:d3:9b:b3:42:
9f:5b:df:fe:b9:8e:5e:76:a4:e4:d8:5c:1e:5f:65:cf:9d:a0:
8a:47:e2:09:b1:b4:d3:23:2b:16:73:e8:ec:42:50:c9:09:59:
97:58:b4:5a:70:f9:7a:30:2b:1d:fa:39:a2:75:aa:56:40:f5:
0c:0e:1c:72:07:bd:af:8b:a6:47:14:32:4e:45:ad:72:92:27:
a8:f5:6f:73:36:16:77:d5:9e:09:d5:85:3a:9f:ea:57:85:42:
c3:04:57:17:c1:b9:b9:4b:b4:11:e9:86:b1:ba:4c:d2:2a:e2:
aa:e8:9f:5d:b4:00:02:f0:b8:6a:f3:49:72:ff:23:10:f1:91:
95:78:0d:10:37:59:af:59:a3:c3:9c:1a:62:d4:e0:ce:7c:89:
5d:46:7e:49:de:f5:e4:28:3f:d3:9d:c5:69:3d:37:c6:60:c4:
b5:51:40:39:90:ad:65:e3:79:96:5a:37:73:33:dc:dc:1e:a6:
f6:2f:65:89:e9:0f:4c:b7:58:de:9c:e2:d4:7c:a7:87:70:01:
44:8d:a7:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGMAy7d/QLvLxUDj0ClRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTAzOTk3YjI4ZjU5YjA4MDMxYzg5ODQwN2RkNWU1MTM3
ZGRkYjEwHhcNMjUwMTAxMDU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzUxOWNjNDk3MzU4NzNlNmM0OGIzNmYwOWEwNmU4NWJkYzk3MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzw3SZaT4n4afklz5D7l3+7m/0ZI+
JWdSkDAtCDPG2vDr5lY+2ICwogliiDwR1nnZdLNq4HBLg/dEw7WhHelibgx3B9TA
zc9jQ/mSO6Yffk4mrghxEAugAN71aCTUIzqGKykbB7paNIUlSyMnhcDr4SY8dkuS
iZ4assF5UBI/TpoNEYbKZfvAv2dK3znYu1uFOjplHRo0VZ2GC88HluG4twOp9ueA
llX8Ce+N+Wuphv8lqR/Nx1DX4wMBFJ3K4mlu0rK3rPZGGrzjRCkhwKEtp9v/NHWS
4vyWzMyR9NNwVS0mT0hDnCmuc2Rb3LXeHyKgBtH5/SvRoKZuE9ukpbkCAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExRnMSXNYc+bEizbwmgboW9yXBWMB8GA1UdIwQY
MBaAFCmgOZeyj1mwgDHImEB91eUTfd2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FBNWw3S1BXYkNBTWNpWVFIM1Y1Uk45M2JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMTliZTItMzk2Zi00MjdmLTk0MmMt
MWY4ZTUyMjQwOGE1LzEvVEZHY3hKYzFoejVzU0xOdkNhQnVoYjNKY0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMTliZTItMzk2Zi00MjdmLTk0MmMtMWY4ZTUyMjQwOGE1
LzEvS2FBNWw3S1BXYkNBTWNpWVFIM1Y1Uk45M2JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVSxMA0G
CSqGSIb3DQEBCwUAA4IBAQCkQN0XtTGobA/rwo8qelg+L7tUSSlJm+Ye70mLwx1G
xl4fJyAdkirBmPmLZHoKbk5HMtObs0KfW9/+uY5edqTk2FweX2XPnaCKR+IJsbTT
IysWc+jsQlDJCVmXWLRacPl6MCsd+jmidapWQPUMDhxyB72vi6ZHFDJORa1ykieo
9W9zNhZ31Z4J1YU6n+pXhULDBFcXwbm5S7QR6YaxukzSKuKq6J9dtAAC8Lhq80ly
/yMQ8ZGVeA0QN1mvWaPDnBpi1ODOfIldRn5J3vXkKD/TncVpPTfGYMS1UUA5kK1l
43mWWjdzM9zcHqb2L2WJ6Q9Mt1jenOLUfKeHcAFEjada
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:51:21 2025 by rpki-client