Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/tfLkQQCgxBh_FSk63XP5OPnQnI4.roa
File: tfLkQQCgxBh_FSk63XP5OPnQnI4.roa (raw, json)
Hash identifier: WP73XCY4Z0Z30t6e6N8L/Xm/0T1NsufJCvXqPDjpbJQ=
Subject key identifier: B5:F2:E4:41:00:A0:C4:18:7F:15:29:3A:DD:73:F9:38:F9:D0:9C:8E
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 01856EC22277234E549FAB98D93CB754279F
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/tfLkQQCgxBh_FSk63XP5OPnQnI4.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205100
IP address blocks: 185.220.100.0/24 maxlen: 24
2a0b:f4c0::/32 maxlen: 48
2a0b:f4c0:400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:22:77:23:4e:54:9f:ab:98:d9:3c:b7:54:27:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5f2e44100a0c4187f15293add73f938f9d09c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:06:bd:ba:29:b5:63:d3:50:5b:a5:fa:96:c7:
69:8b:80:36:9d:61:4d:74:39:b7:4b:f7:92:26:86:
f0:fb:02:e5:3b:43:cd:2f:13:92:da:2b:24:52:9f:
a6:03:9b:c4:8a:9f:2e:87:7f:ed:2c:03:b2:8b:c4:
19:d7:18:bf:5e:b5:f5:13:db:19:1c:24:fd:51:6d:
56:47:f6:95:df:cd:ea:35:81:36:20:e2:97:d2:71:
5d:12:33:09:90:e1:76:a5:e0:7d:31:3a:7c:dd:47:
9a:c3:48:1c:58:a2:c1:e7:f8:82:71:ee:32:c1:05:
60:89:cf:f0:7f:52:21:c8:62:b1:8f:22:7c:a6:07:
2c:7a:0a:86:e7:1a:2c:22:c0:db:30:79:6a:04:65:
92:b2:d4:d1:38:4e:7e:4c:b8:71:b6:71:23:22:29:
5e:44:5d:55:e9:b5:5c:3b:ff:92:e6:25:38:1b:3d:
eb:cf:de:e2:24:0c:b1:b9:39:6c:44:8d:0c:6e:81:
ff:eb:f0:66:8f:98:56:32:54:5b:c8:58:26:24:c3:
a2:35:30:ed:4d:59:19:d6:99:0b:3c:80:58:7d:6e:
65:cd:54:76:49:bb:9f:82:55:37:ef:eb:0f:54:3c:
3d:9b:c2:0c:1a:c0:40:cd:d4:46:a3:ed:bf:1f:61:
82:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F2:E4:41:00:A0:C4:18:7F:15:29:3A:DD:73:F9:38:F9:D0:9C:8E
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/tfLkQQCgxBh_FSk63XP5OPnQnI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.100.0/24
IPv6:
2a0b:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:20:a9:21:43:38:23:e2:c8:5e:95:05:d7:b6:69:a4:8f:ae:
38:93:ed:8c:4a:12:71:3d:3b:ca:0a:6f:e5:80:6d:2b:3a:43:
9f:3d:02:be:2e:0b:bf:0a:6e:d9:6e:b1:e1:95:fb:c8:a7:d2:
88:ca:84:d7:c3:01:63:5e:61:96:17:22:83:ac:76:0d:59:26:
8d:b4:3f:2c:b7:a5:5a:a9:45:7b:1f:b7:d0:4b:0f:c3:e0:b5:
e5:0e:92:f5:71:e3:8f:af:1e:aa:97:e8:e4:05:7c:89:50:a7:
fd:2d:7b:c2:6a:42:ff:7d:de:d6:ce:55:f3:1c:76:25:c7:a8:
e8:8d:dc:4d:4b:cc:dc:ca:b0:b7:00:c5:79:ba:6a:94:2b:1f:
75:31:d5:df:7d:b4:74:52:65:99:46:c2:19:ad:95:dc:ce:11:
91:5b:ad:4a:63:48:3a:de:60:5b:42:dd:a2:76:d2:2d:b6:30:
6a:da:9c:a5:a0:f1:b4:82:e5:4b:15:bb:fc:ea:c5:6e:6a:c8:
c9:5f:91:b5:e8:2a:4a:31:82:b9:c1:09:98:f8:b8:e7:32:e0:
61:73:50:0a:6f:81:d2:58:42:a2:8a:a9:ac:fe:e4:6e:17:c4:
23:7a:48:e6:d9:eb:54:2e:0f:12:62:03:a8:7c:56:f8:1d:5f:
ef:74:db:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuwiJ3I05Un6uY2Ty3VCefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWUyNTM5NzdiZjU4M2UwZTQyMGVjOTc3YThlY2Y0ZWQx
NTRkYmUwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWYyZTQ0MTAwYTBjNDE4N2YxNTI5M2FkZDczZjkzOGY5ZDA5YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQa9uim1Y9NQW6X6lsdpi4A2nWFN
dDm3S/eSJobw+wLlO0PNLxOS2iskUp+mA5vEip8uh3/tLAOyi8QZ1xi/XrX1E9sZ
HCT9UW1WR/aV383qNYE2IOKX0nFdEjMJkOF2peB9MTp83Ueaw0gcWKLB5/iCce4y
wQVgic/wf1IhyGKxjyJ8pgcsegqG5xosIsDbMHlqBGWSstTROE5+TLhxtnEjIile
RF1V6bVcO/+S5iU4Gz3rz97iJAyxuTlsRI0MboH/6/Bmj5hWMlRbyFgmJMOiNTDt
TVkZ1pkLPIBYfW5lzVR2SbufglU37+sPVDw9m8IMGsBAzdRGo+2/H2GCZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLXy5EEAoMQYfxUpOt1z+Tj50JyOMB8GA1UdIwQY
MBaAFC8eJTl3v1g+DkIOyXeo7PTtFU2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMt
ZjI2YjE1NTFlMGY1LzEvdGZMa1FRQ2d4QmhfRlNrNjNYUDVPUG5Rbkk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMtZjI2YjE1NTFlMGY1
LzEvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudxkMA0E
AgACMAcDBQAqC/TAMA0GCSqGSIb3DQEBCwUAA4IBAQAXIKkhQzgj4shelQXXtmmk
j644k+2MShJxPTvKCm/lgG0rOkOfPQK+Lgu/Cm7ZbrHhlfvIp9KIyoTXwwFjXmGW
FyKDrHYNWSaNtD8st6VaqUV7H7fQSw/D4LXlDpL1ceOPrx6ql+jkBXyJUKf9LXvC
akL/fd7WzlXzHHYlx6jojdxNS8zcyrC3AMV5umqUKx91MdXffbR0UmWZRsIZrZXc
zhGRW61KY0g63mBbQt2idtIttjBq2pyloPG0guVLFbv86sVuasjJX5G16CpKMYK5
wQmY+LjnMuBhc1AKb4HSWEKiiqms/uRuF8Qjekjm2etULg8SYgOofFb4HV/vdNt2
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:10:20 2025 by rpki-client