Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/tnVVmFIZCAR5WGoNH7OB6mJ3jqM.roa
File: tnVVmFIZCAR5WGoNH7OB6mJ3jqM.roa (raw, json)
Hash identifier: klpb5PIB/QflMNJ57SALWvyn8xZvgvf87hmZuWFe0Dc=
Subject key identifier: B6:75:55:98:52:19:08:04:79:58:6A:0D:1F:B3:81:EA:62:77:8E:A3
Certificate issuer: /CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Certificate serial: 01856DE676F83D980C029E4360DB1D001A21
Authority key identifier: 6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/tnVVmFIZCAR5WGoNH7OB6mJ3jqM.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59796
IP address blocks: 185.121.240.0/24 maxlen: 24
185.121.240.0/22 maxlen: 22
185.121.243.0/24 maxlen: 24
185.121.241.0/24 maxlen: 24
185.121.242.0/24 maxlen: 24
185.71.64.0/22 maxlen: 22
185.71.64.0/24 maxlen: 24
185.71.67.0/24 maxlen: 24
185.71.65.0/24 maxlen: 24
185.71.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:76:f8:3d:98:0c:02:9e:43:60:db:1d:00:1a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b67555985219080479586a0d1fb381ea62778ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:45:59:6f:6d:bb:a1:90:55:48:09:84:23:8c:
76:f2:bc:27:03:29:33:52:f4:8a:40:09:cf:a8:aa:
19:7e:25:c0:e4:4e:b0:a8:39:81:8f:17:31:6a:2c:
2f:e2:8e:9f:71:3b:dc:ac:e0:2f:40:d5:e1:8b:c1:
da:f9:36:a3:6f:9a:50:0f:05:7a:c6:2d:8d:bf:31:
16:c7:b4:d5:e9:c5:56:e3:f9:49:2e:89:23:87:a8:
71:a1:2e:76:dd:6b:7f:9e:69:38:3e:61:00:70:c2:
65:a3:f8:11:1a:2a:55:ad:66:2a:c4:ec:37:ef:ed:
39:23:00:6b:82:5a:61:52:ff:c7:f3:90:f5:6f:92:
66:1a:3e:7f:e7:32:ee:6b:19:22:bf:c9:b3:72:8d:
a7:14:ff:62:aa:f0:0a:36:c7:00:c7:a5:7f:a2:d4:
44:1d:b6:f9:7e:0c:56:9e:90:dc:a8:60:29:4d:66:
19:39:20:1e:90:19:a4:8c:e5:29:ea:b7:87:f1:bc:
e3:e3:06:a4:5c:45:dd:3a:2a:f4:f9:76:8f:7d:02:
3f:da:be:f5:df:79:2c:ce:27:18:e2:8f:fa:0a:32:
f6:ed:f9:08:40:c3:ac:19:e4:43:90:ea:5b:7a:a0:
b7:a7:a8:fa:ca:73:15:d1:1c:09:77:ca:ce:7b:99:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:75:55:98:52:19:08:04:79:58:6A:0D:1F:B3:81:EA:62:77:8E:A3
X509v3 Authority Key Identifier:
keyid:6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/tnVVmFIZCAR5WGoNH7OB6mJ3jqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.64.0/22
185.121.240.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:3b:38:b9:09:1b:a3:8e:cf:13:13:a1:71:00:fd:64:c0:8c:
1e:15:6f:84:1d:2d:43:4a:3a:c7:05:fc:07:23:fa:b0:f0:58:
d2:d7:ec:1f:25:69:6e:7c:b3:04:9b:a1:47:b4:f6:76:a3:1e:
38:b9:8e:2c:9d:45:35:00:9b:6e:4f:d8:3a:83:6f:07:8e:1d:
08:3a:14:28:fb:f6:75:d7:0e:8c:b8:69:70:bc:a3:e6:4f:bf:
68:dc:dd:a4:41:f4:c2:58:98:89:d6:f3:aa:18:3a:02:89:3e:
8a:07:4a:d7:86:7d:e1:7a:07:a3:12:24:2a:f8:62:8e:58:ac:
27:94:a1:13:9c:6e:db:16:41:1a:04:5b:b4:9b:ba:47:9f:fc:
3b:f9:93:90:de:b6:be:2d:89:45:d5:87:d9:0e:2a:03:1c:60:
61:bb:7e:b3:1f:98:62:7e:74:cc:21:4d:a9:04:ad:e1:ff:49:
4b:c7:28:85:66:a2:5f:00:4e:69:e7:42:8c:3d:eb:3e:d6:9a:
fe:d3:d0:29:52:de:55:24:22:c9:12:43:5f:16:bb:df:7f:37:
26:8b:07:42:90:42:ea:31:b1:95:53:fb:88:42:3b:1f:7b:e5:
73:71:e2:ff:ac:79:67:8b:59:be:56:61:c0:d5:26:56:6f:45:
4d:17:73:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt5nb4PZgMAp5DYNsdABohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYzBkMDVmOGVlOWU5NThmYzk1ZGU2NWRjNTlhMjE0MWM1
ZjFlZmQwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc1NTU5ODUyMTkwODA0Nzk1ODZhMGQxZmIzODFlYTYyNzc4ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEVZb227oZBVSAmEI4x28rwnAykz
UvSKQAnPqKoZfiXA5E6wqDmBjxcxaiwv4o6fcTvcrOAvQNXhi8Ha+Tajb5pQDwV6
xi2NvzEWx7TV6cVW4/lJLokjh6hxoS523Wt/nmk4PmEAcMJlo/gRGipVrWYqxOw3
7+05IwBrglphUv/H85D1b5JmGj5/5zLuaxkiv8mzco2nFP9iqvAKNscAx6V/otRE
Hbb5fgxWnpDcqGApTWYZOSAekBmkjOUp6reH8bzj4wakXEXdOir0+XaPfQI/2r71
33kszicY4o/6CjL27fkIQMOsGeRDkOpbeqC3p6j6ynMV0RwJd8rOe5m9JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLZ1VZhSGQgEeVhqDR+zgepid46jMB8GA1UdIwQY
MBaAFG3A0F+O6elY/JXeZdxZohQcXx79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmNEUVg0N3A2Vmo4bGQ1bDNGbWlGQnhmSHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZDU3ZGQtNTU5OS00NWE3LWFiMDMt
NGQ2Y2UwNzY2ZWI1LzEvdG5WVm1GSVpDQVI1V0dvTkg3T0I2bUozanFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZDU3ZGQtNTU5OS00NWE3LWFiMDMtNGQ2Y2UwNzY2ZWI1
LzEvYmNEUVg0N3A2Vmo4bGQ1bDNGbWlGQnhmSHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUdAAwQC
uXnwMA0GCSqGSIb3DQEBCwUAA4IBAQCdOzi5CRujjs8TE6FxAP1kwIweFW+EHS1D
SjrHBfwHI/qw8FjS1+wfJWlufLMEm6FHtPZ2ox44uY4snUU1AJtuT9g6g28Hjh0I
OhQo+/Z11w6MuGlwvKPmT79o3N2kQfTCWJiJ1vOqGDoCiT6KB0rXhn3hegejEiQq
+GKOWKwnlKETnG7bFkEaBFu0m7pHn/w7+ZOQ3ra+LYlF1YfZDioDHGBhu36zH5hi
fnTMIU2pBK3h/0lLxyiFZqJfAE5p50KMPes+1pr+09ApUt5VJCLJEkNfFrvffzcm
iwdCkELqMbGVU/uIQjsfe+VzceL/rHlni1m+VmHA1SZWb0VNF3Pn
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:16:47 2025 by rpki-client