Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/tcfcD8XrHNRZGXOYojYOcZ6Qtmk.roa
File: tcfcD8XrHNRZGXOYojYOcZ6Qtmk.roa (raw, json)
Hash identifier: UAj4Z2JQukG1J8bRgpYlZQSUcqsvquGnzmdh8dtF5J8=
Subject key identifier: B5:C7:DC:0F:C5:EB:1C:D4:59:19:73:98:A2:36:0E:71:9E:90:B6:69
Certificate issuer: /CN=78d636c505d56af42a414c167d52407d356b3d0b
Certificate serial: 095C54B0
Authority key identifier: 78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/tcfcD8XrHNRZGXOYojYOcZ6Qtmk.roa
Signing time: Sat 01 Jan 2022 07:53:40 +0000
ROA not before: Sat 01 Jan 2022 07:53:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209480
IP address blocks: 188.65.144.0/21 maxlen: 21
91.204.168.0/22 maxlen: 22
2a00:1aa0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157045936 (0x95c54b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d636c505d56af42a414c167d52407d356b3d0b
Validity
Not Before: Jan 1 07:53:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5c7dc0fc5eb1cd459197398a2360e719e90b669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:4a:c3:25:32:e9:18:b5:1a:4d:48:7c:bb:
92:f3:c7:dc:91:d4:a8:39:90:5c:80:3f:20:4c:7b:
dd:34:5f:dc:d5:6a:df:a5:3d:04:0f:6f:21:9c:77:
c7:5e:8f:e3:81:9a:5c:25:2a:b1:ea:e3:18:c8:63:
1f:27:2c:66:41:c7:d0:c2:c9:53:09:94:36:dc:b7:
8a:19:88:cc:8e:82:b5:3f:65:f4:e7:ef:9f:03:ed:
a8:62:a6:32:2f:29:94:e1:7c:84:bb:22:9d:11:95:
31:ce:0c:41:31:05:e2:ec:fe:2b:94:b7:d4:8b:56:
a9:9e:21:1b:5a:9e:ee:a0:1a:20:22:ef:a1:40:ba:
0d:29:09:4d:58:5a:63:91:02:fd:30:f8:e7:64:1c:
c4:fc:aa:72:7e:11:3b:17:dd:43:fb:31:2e:2c:bc:
3c:96:5d:59:ac:e9:ea:85:a2:42:b3:a2:ba:a5:ff:
df:e7:5f:fa:37:4a:7e:3f:d1:64:f0:00:0f:eb:1e:
58:ff:94:85:80:f7:3c:73:8d:ec:3d:6b:e9:0f:42:
fe:45:e8:d5:ea:13:a6:2a:f1:da:88:fe:23:b6:f8:
ba:94:a7:d5:e5:1c:39:18:eb:1c:56:16:df:f4:3c:
af:32:a8:98:e1:90:01:d2:22:dc:0f:07:10:d3:80:
a6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C7:DC:0F:C5:EB:1C:D4:59:19:73:98:A2:36:0E:71:9E:90:B6:69
X509v3 Authority Key Identifier:
keyid:78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/tcfcD8XrHNRZGXOYojYOcZ6Qtmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/eNY2xQXVavQqQUwWfVJAfTVrPQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.168.0/22
188.65.144.0/21
IPv6:
2a00:1aa0::/32
Signature Algorithm: sha256WithRSAEncryption
61:5c:49:b3:71:41:dd:c4:07:94:33:a8:be:b8:39:20:ad:ab:
a8:3a:8d:6b:45:90:93:41:d7:62:48:e9:04:17:1a:d7:82:2b:
62:a7:64:8c:24:15:4c:6b:91:82:d7:af:b9:f7:eb:b1:3b:bb:
ec:cf:d2:29:21:e3:ce:51:84:4f:80:d8:83:88:d3:4c:55:19:
0b:08:cb:2d:eb:1c:ef:44:51:91:be:06:a2:ea:30:30:49:02:
e3:54:d3:41:76:07:61:eb:f1:b1:b7:22:01:90:6f:d2:58:43:
e0:e3:cc:aa:e2:2a:a5:10:59:8b:62:73:41:de:72:e4:40:8e:
9a:d2:31:2c:7c:28:fd:cf:f7:ab:6b:6b:27:6f:24:ec:e4:98:
3e:1e:64:f4:0f:1a:b1:00:e5:c3:ef:be:45:75:10:41:94:5f:
89:21:71:5e:ea:32:70:54:94:9e:91:8d:75:5f:bd:b5:09:93:
28:c6:51:18:03:6a:2d:ea:d9:42:db:a6:ef:90:48:63:dc:73:
d5:6f:61:d6:4c:ec:97:4d:2c:e8:ca:a4:38:84:fb:53:2d:82:
51:0a:af:97:35:93:a3:7a:2d:a6:75:e0:aa:60:e5:28:d0:50:
ee:26:63:73:c4:da:c6:a8:a3:fe:89:42:30:bb:d0:6c:58:64:
de:64:4c:89
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECVxUsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OGQ2MzZjNTA1ZDU2YWY0MmE0MTRjMTY3ZDUyNDA3ZDM1NmIzZDBiMB4XDTIyMDEw
MTA3NTM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVjN2RjMGZjNWVi
MWNkNDU5MTk3Mzk4YTIzNjBlNzE5ZTkwYjY2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVSSsMlMukYtRpNSHy7kvPH3JHUqDmQXIA/IEx73TRf3NVq
36U9BA9vIZx3x16P44GaXCUqserjGMhjHycsZkHH0MLJUwmUNty3ihmIzI6CtT9l
9OfvnwPtqGKmMi8plOF8hLsinRGVMc4MQTEF4uz+K5S31ItWqZ4hG1qe7qAaICLv
oUC6DSkJTVhaY5EC/TD452QcxPyqcn4ROxfdQ/sxLiy8PJZdWazp6oWiQrOiuqX/
3+df+jdKfj/RZPAAD+seWP+UhYD3PHON7D1r6Q9C/kXo1eoTpirx2oj+I7b4upSn
1eUcORjrHFYW3/Q8rzKomOGQAdIi3A8HENOApnUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS1x9wPxesc1FkZc5iiNg5xnpC2aTAfBgNVHSMEGDAWgBR41jbFBdVq9CpB
TBZ9UkB9NWs9CzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VOWTJ4UVhWYXZRcVFVd1dmVkpBZlRWclBRcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMWZhOTQ1LTUwZTctNDc5YS05ZDkyLWRkY2Q0ZDkzNTAzMC8x
L3RjZmNEOFhySE5SWkdYT1lvallPY1o2UXRtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MWZhOTQ1LTUwZTctNDc5YS05ZDkyLWRkY2Q0ZDkzNTAzMC8xL2VOWTJ4UVhWYXZR
cVFVd1dmVkpBZlRWclBRcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvMqAMEA7xBkDANBAIAAjAHAwUA
KgAaoDANBgkqhkiG9w0BAQsFAAOCAQEAYVxJs3FB3cQHlDOovrg5IK2rqDqNa0WQ
k0HXYkjpBBca14IrYqdkjCQVTGuRgtevuffrsTu77M/SKSHjzlGET4DYg4jTTFUZ
CwjLLesc70RRkb4GouowMEkC41TTQXYHYevxsbciAZBv0lhD4OPMquIqpRBZi2Jz
Qd5y5ECOmtIxLHwo/c/3q2trJ28k7OSYPh5k9A8asQDlw+++RXUQQZRfiSFxXuoy
cFSUnpGNdV+9tQmTKMZRGANqLerZQtum75BIY9xz1W9h1kzsl00s6MqkOIT7Uy2C
UQqvlzWTo3otpnXgqmDlKNBQ7iZjc8Taxqij/olCMLvQbFhk3mRMiQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:40 2025 by rpki-client