Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/tkNgBbUczBhXw3Q7nsd4bFDL5Ko.roa
File: tkNgBbUczBhXw3Q7nsd4bFDL5Ko.roa (raw, json)
Hash identifier: 2ZBjCKDVEUumVBdfZIcGHq5+w377C2/RlriHj7O796c=
Subject key identifier: B6:43:60:05:B5:1C:CC:18:57:C3:74:3B:9E:C7:78:6C:50:CB:E4:AA
Certificate issuer: /CN=d2491770ce9b663002a794542d9886d1a2ce63ab
Certificate serial: 019423D80990A205BDF63D4DBB5CAAA8EF36
Authority key identifier: D2:49:17:70:CE:9B:66:30:02:A7:94:54:2D:98:86:D1:A2:CE:63:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kkXcM6bZjACp5RULZiG0aLOY6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/tkNgBbUczBhXw3Q7nsd4bFDL5Ko.roa
Signing time: Wed 01 Jan 2025 21:49:08 +0000
ROA not before: Wed 01 Jan 2025 21:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198958
IP address blocks: 193.107.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:09:90:a2:05:bd:f6:3d:4d:bb:5c:aa:a8:ef:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2491770ce9b663002a794542d9886d1a2ce63ab
Validity
Not Before: Jan 1 21:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6436005b51ccc1857c3743b9ec7786c50cbe4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:05:32:a4:ee:bc:da:ca:ec:e5:1d:32:b0:
a0:ab:7b:01:e5:1f:ba:c9:b2:46:4b:cb:9d:34:34:
42:7c:4e:8f:af:34:f6:b1:fe:5b:a0:ea:4e:6d:a2:
9c:bc:24:28:67:c5:dd:e3:16:ff:30:fe:c2:43:99:
e3:f0:e4:8e:59:f5:b6:1e:b9:74:f9:2e:2d:b4:74:
48:6c:e6:df:22:1d:87:ef:61:17:6d:70:be:db:9b:
0a:63:31:d2:62:58:15:2d:d5:d5:63:e2:b8:97:cd:
97:bd:3e:09:81:6a:60:bf:2c:1d:b0:6b:7d:53:15:
6e:71:7c:fd:e3:c7:1b:af:db:d0:43:08:1e:4f:1f:
c3:41:17:57:ed:d3:3a:91:06:57:53:c4:b3:9d:3f:
f9:c8:2f:e1:b6:f4:f3:1b:05:23:68:0c:60:d3:fc:
8b:65:d5:c2:06:6a:a6:14:fe:c4:21:d7:88:e6:d2:
1e:f9:ff:fc:8b:32:d0:02:af:0c:4d:d9:f2:90:7a:
d0:f9:92:3b:93:12:ad:67:47:20:15:f1:45:f0:6a:
a4:94:0f:92:7f:73:c1:e8:9e:39:3b:0d:d5:71:02:
d5:fb:16:9d:59:9e:c8:de:98:62:ae:6d:db:73:db:
7b:61:22:71:05:4b:1e:88:42:04:fb:99:49:de:6b:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:43:60:05:B5:1C:CC:18:57:C3:74:3B:9E:C7:78:6C:50:CB:E4:AA
X509v3 Authority Key Identifier:
keyid:D2:49:17:70:CE:9B:66:30:02:A7:94:54:2D:98:86:D1:A2:CE:63:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kkXcM6bZjACp5RULZiG0aLOY6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/tkNgBbUczBhXw3Q7nsd4bFDL5Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bd22ce-772c-4f1e-b4aa-85c0d01f9de2/1/0kkXcM6bZjACp5RULZiG0aLOY6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.111.0/24
Signature Algorithm: sha256WithRSAEncryption
56:98:6a:5c:d2:6b:00:4f:e9:96:7c:15:a6:84:75:4c:ce:33:
75:97:7e:18:b1:db:d0:ef:2c:c1:91:73:68:8a:9d:b6:d1:de:
36:05:03:cb:cc:e7:d9:0a:aa:65:21:80:cc:66:c8:0d:3a:b5:
43:5e:ab:67:58:1e:d5:da:a1:f8:22:fc:7c:46:13:d5:74:68:
28:c6:c5:11:50:29:21:64:c4:ff:f6:84:30:dc:09:cd:ff:03:
44:d3:14:62:d3:3f:e7:d6:be:9e:7b:24:e5:b9:93:5d:7e:4c:
6d:e4:46:f4:52:c2:a3:9b:02:2a:41:8d:b0:0f:8b:ee:90:54:
8b:6f:ac:0f:3e:90:14:fa:ca:b9:7d:df:8f:cc:62:e6:79:00:
75:5c:b2:d7:a2:da:3a:ca:59:e9:43:cc:71:0f:55:55:d3:bb:
c7:f8:6b:d5:1b:f9:01:69:d0:20:a7:7a:52:d3:0a:e5:cc:8e:
86:81:32:77:90:c7:6d:28:6f:ec:78:3d:4e:64:6f:57:6b:5d:
4b:98:c7:76:88:47:38:1f:b3:0a:0c:5f:fe:df:d3:a2:ed:07:
98:4e:7e:89:47:f8:63:68:ec:c7:0c:b1:b3:5b:32:f7:16:9c:
3c:47:22:6e:4d:07:d2:32:a9:bf:76:c2:9b:0e:11:f3:78:09:
c7:5b:88:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj2AmQogW99j1Nu1yqqO82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDkxNzcwY2U5YjY2MzAwMmE3OTQ1NDJkOTg4NmQxYTJj
ZTYzYWIwHhcNMjUwMTAxMjE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQzNjAwNWI1MWNjYzE4NTdjMzc0M2I5ZWM3Nzg2YzUwY2JlNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs94FMqTuvNrK7OUdMrCgq3sB5R+6
ybJGS8udNDRCfE6PrzT2sf5boOpObaKcvCQoZ8Xd4xb/MP7CQ5nj8OSOWfW2Hrl0
+S4ttHRIbObfIh2H72EXbXC+25sKYzHSYlgVLdXVY+K4l82XvT4JgWpgvywdsGt9
UxVucXz948cbr9vQQwgeTx/DQRdX7dM6kQZXU8SznT/5yC/htvTzGwUjaAxg0/yL
ZdXCBmqmFP7EIdeI5tIe+f/8izLQAq8MTdnykHrQ+ZI7kxKtZ0cgFfFF8GqklA+S
f3PB6J45Ow3VcQLV+xadWZ7I3phirm3bc9t7YSJxBUseiEIE+5lJ3mtDKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZDYAW1HMwYV8N0O57HeGxQy+SqMB8GA1UdIwQY
MBaAFNJJF3DOm2YwAqeUVC2YhtGizmOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtrWGNNNmJaakFDcDVSVUxaaUcwYUxPWTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZDIyY2UtNzcyYy00ZjFlLWI0YWEt
ODVjMGQwMWY5ZGUyLzEvdGtOZ0JiVWN6QmhYdzNRN25zZDRiRkRMNUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZDIyY2UtNzcyYy00ZjFlLWI0YWEtODVjMGQwMWY5ZGUy
LzEvMGtrWGNNNmJaakFDcDVSVUxaaUcwYUxPWTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWtvMA0G
CSqGSIb3DQEBCwUAA4IBAQBWmGpc0msAT+mWfBWmhHVMzjN1l34YsdvQ7yzBkXNo
ip220d42BQPLzOfZCqplIYDMZsgNOrVDXqtnWB7V2qH4Ivx8RhPVdGgoxsURUCkh
ZMT/9oQw3AnN/wNE0xRi0z/n1r6eeyTluZNdfkxt5Eb0UsKjmwIqQY2wD4vukFSL
b6wPPpAU+sq5fd+PzGLmeQB1XLLXoto6ylnpQ8xxD1VV07vH+GvVG/kBadAgp3pS
0wrlzI6GgTJ3kMdtKG/seD1OZG9Xa11LmMd2iEc4H7MKDF/+39Oi7QeYTn6JR/hj
aOzHDLGzWzL3Fpw8RyJuTQfSMqm/dsKbDhHzeAnHW4gq
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:37 2025 by rpki-client