Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/TS5dU-dNZUujultCmY7BAu2pYFM.roa
File: TS5dU-dNZUujultCmY7BAu2pYFM.roa (raw, json)
Hash identifier: kd4mAZi7fZdf6Pu+QadtDoB4bIr0e6oG3PdsjXNqlGY=
Subject key identifier: 4D:2E:5D:53:E7:4D:65:4B:A3:BA:5B:42:99:8E:C1:02:ED:A9:60:53
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 01856F024535CF3EC773D6EA853CD7E35C6F
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/TS5dU-dNZUujultCmY7BAu2pYFM.roa
Signing time: Sun 01 Jan 2023 20:24:57 +0000
ROA not before: Sun 01 Jan 2023 20:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 194.210.0.0/16 maxlen: 24
194.117.16.0/21 maxlen: 21
193.236.160.0/20 maxlen: 20
192.122.242.0/24 maxlen: 24
193.236.192.0/20 maxlen: 20
194.117.40.0/21 maxlen: 21
194.117.48.0/23 maxlen: 23
194.117.0.0/20 maxlen: 20
192.122.240.0/23 maxlen: 23
192.122.238.0/23 maxlen: 23
193.136.0.0/15 maxlen: 24
139.83.0.0/16 maxlen: 16
185.175.184.0/22 maxlen: 22
2001:690::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:45:35:cf:3e:c7:73:d6:ea:85:3c:d7:e3:5c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 1 20:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d2e5d53e74d654ba3ba5b42998ec102eda96053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c1:e8:78:c6:20:3c:bf:0c:a5:c9:75:d0:95:
22:51:1c:59:ef:34:fd:cb:79:9b:14:03:4d:12:ef:
79:67:a1:8d:7b:63:ac:9b:5e:55:c9:79:b4:f8:64:
f0:f6:39:b2:00:69:5b:31:68:b9:70:a7:2d:36:8c:
32:ff:c3:9e:a3:41:55:b4:a9:d9:17:cc:d4:6a:dd:
22:be:40:18:72:e4:79:74:a5:ea:bb:fe:76:27:75:
d7:dc:e2:2f:60:5d:7d:8c:06:2d:b3:95:99:a0:1e:
bc:16:b2:c6:60:fb:c6:5c:d0:ec:20:83:7f:03:59:
a8:29:be:d3:a5:d9:c0:d3:cb:fe:d7:3f:fb:43:ce:
47:d1:e4:78:4b:d4:0e:9f:16:6a:b5:f6:5e:84:f8:
a0:da:1d:22:22:61:05:de:bf:9f:79:84:f6:56:1c:
45:6f:c0:f2:a9:b8:97:8f:fb:34:21:58:a0:77:49:
2a:8b:27:28:05:0b:f3:1f:8a:ef:75:ca:98:ff:89:
15:3d:41:2e:4c:b8:ac:7b:83:e5:73:4b:14:c6:0e:
d3:46:e9:9f:5b:a3:9d:b2:fb:07:6a:69:5f:9d:2e:
cc:93:8a:53:78:e4:0d:95:16:2f:8d:2e:de:26:ab:
e8:69:61:71:63:da:8a:b2:36:24:35:c1:63:66:42:
e4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2E:5D:53:E7:4D:65:4B:A3:BA:5B:42:99:8E:C1:02:ED:A9:60:53
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/TS5dU-dNZUujultCmY7BAu2pYFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.83.0.0/16
185.175.184.0/22
192.122.238.0-192.122.242.255
193.136.0.0/15
193.236.160.0/20
193.236.192.0/20
194.117.0.0-194.117.23.255
194.117.40.0-194.117.49.255
194.210.0.0/16
IPv6:
2001:690::/32
Signature Algorithm: sha256WithRSAEncryption
33:ca:8f:a4:81:2c:6c:03:8c:62:6a:43:e9:77:6c:d7:88:a6:
4d:26:ff:31:b6:15:ab:66:2f:8e:42:a2:65:b9:ab:ab:21:20:
6e:c8:e0:7f:86:a5:b8:7d:40:ac:32:ef:dc:f3:d7:30:de:2e:
c7:23:12:83:c0:1b:eb:62:2d:ec:98:65:75:cf:fc:3a:b2:35:
83:9f:a1:dc:ff:d4:ca:38:6c:64:39:f8:9a:04:35:b1:2d:54:
0b:0a:86:d5:13:3c:b8:a6:6b:15:fb:3c:2e:4d:7c:e4:52:00:
7f:96:be:4f:25:a0:cf:ad:cc:cd:4d:30:d8:d1:c5:5f:35:a6:
ec:c3:1d:3f:dc:4a:20:aa:dc:76:42:af:d1:4d:5c:41:29:2a:
95:a7:02:7d:cc:47:bd:10:74:ea:85:25:db:35:70:37:45:26:
ea:9c:48:d6:db:8a:f0:8b:b2:bf:bb:6f:c8:e9:c8:30:b7:38:
5c:f8:98:81:4e:08:8b:6b:1f:11:1b:25:50:37:d5:76:37:25:
a9:93:0b:e0:e5:53:9f:db:7d:3e:6f:44:ff:96:63:63:12:83:
20:d7:e7:15:92:bb:07:cb:26:37:c9:16:11:17:62:3b:bd:39:
cc:d2:15:27:4c:95:a1:23:ef:c9:59:77:d0:9f:db:44:98:51:
52:b2:6d:1e
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYVvAkU1zz7Hc9bqhTzX41xvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjMwMTAxMjAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJlNWQ1M2U3NGQ2NTRiYTNiYTViNDI5OThlYzEwMmVkYTk2MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcHoeMYgPL8Mpcl10JUiURxZ7zT9
y3mbFANNEu95Z6GNe2Osm15VyXm0+GTw9jmyAGlbMWi5cKctNowy/8Oeo0FVtKnZ
F8zUat0ivkAYcuR5dKXqu/52J3XX3OIvYF19jAYts5WZoB68FrLGYPvGXNDsIIN/
A1moKb7TpdnA08v+1z/7Q85H0eR4S9QOnxZqtfZehPig2h0iImEF3r+feYT2VhxF
b8DyqbiXj/s0IVigd0kqiycoBQvzH4rvdcqY/4kVPUEuTLise4Plc0sUxg7TRumf
W6OdsvsHamlfnS7Mk4pTeOQNlRYvjS7eJqvoaWFxY9qKsjYkNcFjZkLk3wIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFE0uXVPnTWVLo7pbQpmOwQLtqWBTMB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvVFM1ZFUtZE5aVXVqdWx0Q21ZN0JBdTJwWUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwMAi1MDBAK5
r7gwDAMEAcB67gMEAMB68gMDAcGIAwQEweygAwQEwezAMAsDAwDCdQMEA8J1EDAM
AwQDwnUoAwQBwnUwAwMAwtIwDQQCAAIwBwMFACABBpAwDQYJKoZIhvcNAQELBQAD
ggEBADPKj6SBLGwDjGJqQ+l3bNeIpk0m/zG2FatmL45ComW5q6shIG7I4H+Gpbh9
QKwy79zz1zDeLscjEoPAG+tiLeyYZXXP/DqyNYOfodz/1Mo4bGQ5+JoENbEtVAsK
htUTPLimaxX7PC5NfORSAH+Wvk8loM+tzM1NMNjRxV81puzDHT/cSiCq3HZCr9FN
XEEpKpWnAn3MR70QdOqFJds1cDdFJuqcSNbbivCLsr+7b8jpyDC3OFz4mIFOCItr
HxEbJVA31XY3JamTC+DlU5/bfT5vRP+WY2MSgyDX5xWSuwfLJjfJFhEXYju9OczS
FSdMlaEj78lZd9Cf20SYUVKybR4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:10:04 2025 by rpki-client