Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TpONcYBUDJdpGvqCNzrsSrQLDBo.roa
File: TpONcYBUDJdpGvqCNzrsSrQLDBo.roa (raw, json)
Hash identifier: MKAnjZTYLuXG6R4GM1zPbw8+cTGQrMoR78EtYSZghHU=
Subject key identifier: 4E:93:8D:71:80:54:0C:97:69:1A:FA:82:37:3A:EC:4A:B4:0B:0C:1A
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01959A151D2EDE480B3BDF6C5C078778C754
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TpONcYBUDJdpGvqCNzrsSrQLDBo.roa
Signing time: Sat 15 Mar 2025 13:53:49 +0000
ROA not before: Sat 15 Mar 2025 13:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.191.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:15:1d:2e:de:48:0b:3b:df:6c:5c:07:87:78:c7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Mar 15 13:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e938d7180540c97691afa82373aec4ab40b0c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:2f:41:40:fb:db:f1:60:b1:5f:8f:62:86:
68:92:de:09:36:a5:7f:ac:41:dc:6a:d8:f6:54:d3:
f1:bc:1e:b0:77:0e:05:7c:cc:37:1d:a0:0b:92:ac:
76:25:04:4c:d6:15:71:49:38:bd:d1:96:97:98:04:
19:3b:49:02:34:d9:62:24:5d:09:30:6a:7d:5a:80:
11:b9:9a:48:74:de:47:a4:67:d2:f3:67:6e:d2:bc:
dd:14:48:0a:9e:8a:3d:d1:00:2b:22:61:d9:a0:93:
4b:ad:61:32:30:3b:3a:7a:63:32:f4:d4:e5:cf:03:
82:85:e3:1a:c4:01:d9:9f:5c:2a:8a:ff:0e:9c:81:
14:19:e8:fc:df:5f:31:c3:df:e6:78:12:53:35:2d:
b8:5c:cf:44:75:1d:19:88:0a:69:3a:e2:78:d5:8a:
9d:8c:dc:a0:08:07:a7:aa:f6:c8:be:f4:18:89:ca:
00:e1:d5:46:12:f2:8d:6a:0e:d4:20:3c:db:d4:96:
74:5a:4e:36:7a:78:73:28:69:f9:3e:a7:cc:cc:38:
84:63:6b:b5:ba:2e:5d:14:cf:ef:5f:5c:c6:90:ef:
e3:c7:1b:2a:d8:6f:39:4e:db:6e:f8:0c:63:ae:ac:
b1:72:30:23:02:2c:1a:74:02:15:c3:2c:3a:97:32:
9f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:93:8D:71:80:54:0C:97:69:1A:FA:82:37:3A:EC:4A:B4:0B:0C:1A
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TpONcYBUDJdpGvqCNzrsSrQLDBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.104.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:c6:71:b6:ec:7d:a9:d1:5b:b9:94:67:2c:09:c2:c7:99:aa:
6d:da:e5:43:82:d0:c7:64:4d:84:e9:b8:db:ad:84:74:5d:8d:
55:16:c2:f6:2a:a9:64:c5:3b:de:96:58:f2:06:28:c7:0b:dc:
d9:ae:bc:b2:90:44:78:73:d8:1c:4a:73:6a:b5:73:96:a5:ab:
6d:60:9b:d3:0a:b2:e8:d9:16:fe:80:79:6d:dc:8f:fc:ea:3a:
74:d0:95:04:55:20:5e:ff:ad:ff:54:ec:8e:83:5e:07:50:92:
f3:e8:48:62:d0:6a:a1:6d:31:29:21:80:98:5e:62:26:38:69:
cc:4b:a6:ab:e1:44:58:86:3e:56:da:11:db:65:0f:da:ac:bc:
ee:7d:db:ad:7a:5b:c2:cf:17:79:28:cf:a2:92:0c:61:77:25:
25:c3:8b:69:fd:7b:00:70:5f:ee:97:fc:93:3c:75:16:3b:3f:
76:96:36:9f:e9:d0:c4:c6:18:03:7b:41:99:69:4d:2a:ec:8e:
93:af:f5:0c:a7:28:23:37:50:77:bd:22:a0:38:d7:f6:da:b3:
0f:12:cc:53:30:95:5a:9f:b2:54:87:50:5a:3d:ad:42:b3:0d:
9a:04:0c:ad:55:5b:81:22:d3:91:10:2f:92:d9:4a:55:da:db:
c3:22:67:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWaFR0u3kgLO99sXAeHeMdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMzE1MTM1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkzOGQ3MTgwNTQwYzk3NjkxYWZhODIzNzNhZWM0YWI0MGIwYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsQvQUD72/FgsV+PYoZokt4JNqV/
rEHcatj2VNPxvB6wdw4FfMw3HaALkqx2JQRM1hVxSTi90ZaXmAQZO0kCNNliJF0J
MGp9WoARuZpIdN5HpGfS82du0rzdFEgKnoo90QArImHZoJNLrWEyMDs6emMy9NTl
zwOCheMaxAHZn1wqiv8OnIEUGej8318xw9/meBJTNS24XM9EdR0ZiAppOuJ41Yqd
jNygCAenqvbIvvQYicoA4dVGEvKNag7UIDzb1JZ0Wk42enhzKGn5PqfMzDiEY2u1
ui5dFM/vX1zGkO/jxxsq2G85Tttu+AxjrqyxcjAjAiwadAIVwyw6lzKfNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6TjXGAVAyXaRr6gjc67Eq0CwwaMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvVHBPTmNZQlVESmRwR3ZxQ056cnNTclFMREJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9oMA0G
CSqGSIb3DQEBCwUAA4IBAQBtxnG27H2p0Vu5lGcsCcLHmapt2uVDgtDHZE2E6bjb
rYR0XY1VFsL2KqlkxTvelljyBijHC9zZrryykER4c9gcSnNqtXOWpattYJvTCrLo
2Rb+gHlt3I/86jp00JUEVSBe/63/VOyOg14HUJLz6Ehi0GqhbTEpIYCYXmImOGnM
S6ar4URYhj5W2hHbZQ/arLzufdutelvCzxd5KM+ikgxhdyUlw4tp/XsAcF/ul/yT
PHUWOz92ljaf6dDExhgDe0GZaU0q7I6Tr/UMpygjN1B3vSKgONf22rMPEsxTMJVa
n7JUh1BaPa1Csw2aBAytVVuBItOREC+S2UpV2tvDImdQ
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:31:49 2025 by rpki-client