Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/tlqKEYYvFMWYK-JPntFn1nyKI1U.roa
File: tlqKEYYvFMWYK-JPntFn1nyKI1U.roa (raw, json)
Hash identifier: /wIoPxgkbhHCyNQ8NB2J0bNqG5fb1wxitY8EONuXMt0=
Subject key identifier: B6:5A:8A:11:86:2F:14:C5:98:2B:E2:4F:9E:D1:67:D6:7C:8A:23:55
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 019424451C8FC8CE95EC84037C46CB146F0F
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/tlqKEYYvFMWYK-JPntFn1nyKI1U.roa
Signing time: Wed 01 Jan 2025 23:48:16 +0000
ROA not before: Wed 01 Jan 2025 23:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212781
IP address blocks: 185.107.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:1c:8f:c8:ce:95:ec:84:03:7c:46:cb:14:6f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Jan 1 23:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b65a8a11862f14c5982be24f9ed167d67c8a2355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c8:ca:cc:c1:bc:97:ff:95:26:b3:21:59:02:
20:13:8f:88:e8:c4:ba:29:26:34:a4:76:56:14:35:
cb:86:09:6b:be:6c:b4:53:2d:61:8f:1e:56:ec:a9:
06:34:ca:56:6f:38:20:8c:f3:bd:5e:91:22:cb:a4:
55:1d:4c:47:21:90:34:a9:58:12:d9:9a:92:76:1f:
f2:b2:7a:0e:b4:54:ec:85:c5:2a:03:c3:b0:73:fd:
2f:6b:e4:20:69:2f:cd:2c:80:b5:ae:3b:04:0c:eb:
9e:40:6e:e7:f1:22:5e:3b:a0:e0:50:cc:dd:10:02:
71:6b:0d:f3:87:bc:07:7c:57:6d:69:d5:a1:42:55:
48:a4:2a:55:42:39:2f:f9:9a:31:92:c1:3c:33:2c:
da:52:5a:22:30:de:de:6f:3f:87:9c:4b:29:36:89:
27:4c:ae:d9:a5:1a:77:ae:d8:50:34:2b:d7:23:64:
a4:e3:55:78:01:9c:00:22:d0:fc:3b:05:25:d9:fb:
8a:9d:4c:8d:2d:dd:7f:0d:be:35:b3:d6:63:db:87:
2c:22:2e:75:c1:8b:59:e3:23:9d:75:24:5e:3b:5f:
6d:7f:c6:0b:5b:8d:d2:94:19:ab:c4:87:5d:69:c3:
72:3b:f5:d2:17:92:b9:fd:80:f1:0b:4a:65:6e:99:
41:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5A:8A:11:86:2F:14:C5:98:2B:E2:4F:9E:D1:67:D6:7C:8A:23:55
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/tlqKEYYvFMWYK-JPntFn1nyKI1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.64.0/24
Signature Algorithm: sha256WithRSAEncryption
55:f8:24:0a:f6:51:1f:7d:fc:bc:cc:57:07:e4:42:16:66:16:
8b:32:11:70:e6:f8:76:22:4a:34:39:b5:95:fb:e2:4e:41:7d:
4a:f0:38:13:89:7c:72:43:ad:67:31:a0:59:6a:02:10:dc:ff:
0b:76:a8:6a:c6:d1:75:87:57:c0:cf:05:00:77:ac:ad:20:9a:
9d:2c:51:3f:0b:a3:d5:31:bd:4b:68:b4:65:67:9c:9d:b0:1b:
34:0d:0a:36:3f:f2:6c:7e:54:1d:3b:50:9d:20:b6:2f:31:2c:
1d:d4:85:00:0c:fe:ce:ca:1f:f6:4a:44:75:e8:6b:eb:90:71:
8c:c1:95:9d:4a:1b:18:65:33:20:04:3c:29:94:ab:27:08:ea:
31:9a:39:c8:70:63:30:da:54:bd:0d:42:e9:b9:66:25:08:ff:
34:14:67:c9:2a:82:f5:3d:5c:87:1e:c2:2d:0a:67:5d:6b:6c:
32:89:3e:3c:a6:d4:4d:7e:22:bf:0f:d2:77:46:8a:c0:e6:f3:
50:ba:76:0b:85:93:dc:5a:de:1f:58:29:ab:08:6e:cc:84:ab:
7c:8b:9b:f4:e0:e2:31:1a:95:35:e0:b3:77:f2:03:fc:51:0f:
20:8c:1a:b5:c9:b5:54:14:81:75:c3:0f:8f:b7:39:71:18:37:
2e:37:f1:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRRyPyM6V7IQDfEbLFG8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjUwMTAxMjM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjVhOGExMTg2MmYxNGM1OTgyYmUyNGY5ZWQxNjdkNjdjOGEyMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8jKzMG8l/+VJrMhWQIgE4+I6MS6
KSY0pHZWFDXLhglrvmy0Uy1hjx5W7KkGNMpWbzggjPO9XpEiy6RVHUxHIZA0qVgS
2ZqSdh/ysnoOtFTshcUqA8Owc/0va+QgaS/NLIC1rjsEDOueQG7n8SJeO6DgUMzd
EAJxaw3zh7wHfFdtadWhQlVIpCpVQjkv+ZoxksE8MyzaUloiMN7ebz+HnEspNokn
TK7ZpRp3rthQNCvXI2Sk41V4AZwAItD8OwUl2fuKnUyNLd1/Db41s9Zj24csIi51
wYtZ4yOddSReO19tf8YLW43SlBmrxIddacNyO/XSF5K5/YDxC0plbplB9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZaihGGLxTFmCviT57RZ9Z8iiNVMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvdGxxS0VZWXZGTVdZSy1KUG50Rm4xbnlLSTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWtAMA0G
CSqGSIb3DQEBCwUAA4IBAQBV+CQK9lEfffy8zFcH5EIWZhaLMhFw5vh2Iko0ObWV
++JOQX1K8DgTiXxyQ61nMaBZagIQ3P8LdqhqxtF1h1fAzwUAd6ytIJqdLFE/C6PV
Mb1LaLRlZ5ydsBs0DQo2P/JsflQdO1CdILYvMSwd1IUADP7Oyh/2SkR16GvrkHGM
wZWdShsYZTMgBDwplKsnCOoxmjnIcGMw2lS9DULpuWYlCP80FGfJKoL1PVyHHsIt
Cmdda2wyiT48ptRNfiK/D9J3RorA5vNQunYLhZPcWt4fWCmrCG7MhKt8i5v04OIx
GpU14LN38gP8UQ8gjBq1ybVUFIF1ww+PtzlxGDcuN/HH
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:32 2025 by rpki-client