Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/twkvRlKBbWGvXorm0QWgUQL2aXw.roa
File: twkvRlKBbWGvXorm0QWgUQL2aXw.roa (raw, json)
Hash identifier: RdMA83SLaDMkPV3ykgU6NQ7K1hlLuBXMiacxW37ziVo=
Subject key identifier: B7:09:2F:46:52:81:6D:61:AF:5E:8A:E6:D1:05:A0:51:02:F6:69:7C
Certificate issuer: /CN=e5de0de73e73874bbc66738805d373cab833b7a5
Certificate serial: 01941F8C84F52DB4192A83F689524E2D1AC8
Authority key identifier: E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/twkvRlKBbWGvXorm0QWgUQL2aXw.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.137.156.0/24 maxlen: 24
2a10:a100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:84:f5:2d:b4:19:2a:83:f6:89:52:4e:2d:1a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5de0de73e73874bbc66738805d373cab833b7a5
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7092f4652816d61af5e8ae6d105a05102f6697c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:35:71:b1:2f:4d:d2:75:0a:33:c3:7e:4c:5c:
f1:8d:42:fd:8b:1c:9f:75:9f:c6:46:3f:93:44:60:
10:f3:f9:43:80:93:a0:9e:74:54:d7:29:e6:2e:7d:
ae:e1:0f:58:0c:78:27:d0:a8:e4:bb:f1:50:03:eb:
4a:cb:bb:80:2c:1a:15:02:69:1b:e4:56:76:a6:ab:
85:3d:d3:60:43:77:e6:6c:15:b3:2e:ec:8e:e7:d9:
e3:e4:a5:74:74:5f:2f:5c:ae:76:61:06:aa:90:27:
07:c2:62:c5:9e:b6:18:5b:af:5b:1d:46:fc:04:81:
77:45:80:3d:f6:bd:15:22:3a:4a:11:5b:59:13:31:
ae:d5:1b:a7:b0:5e:6d:f4:78:bf:b2:d8:99:d6:d7:
43:37:7c:5a:bd:98:01:22:9b:04:7d:29:97:86:ec:
2d:0c:b3:7f:b7:82:16:84:02:49:93:13:7d:bb:81:
c4:d6:04:00:41:4f:5a:52:e2:27:7c:33:6f:bb:75:
da:fa:53:2c:15:06:5b:b4:1a:0a:68:01:58:ae:a4:
5a:19:16:57:60:fc:04:aa:03:e4:90:41:9a:d8:1c:
f5:28:54:73:9a:04:f2:09:2e:b5:b1:c3:e7:1a:aa:
47:43:c6:ed:67:17:20:18:47:71:31:76:b5:a5:d8:
a6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:09:2F:46:52:81:6D:61:AF:5E:8A:E6:D1:05:A0:51:02:F6:69:7C
X509v3 Authority Key Identifier:
keyid:E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/twkvRlKBbWGvXorm0QWgUQL2aXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.156.0/24
IPv6:
2a10:a100::/40
Signature Algorithm: sha256WithRSAEncryption
7f:d0:0a:49:e9:90:cb:c4:5c:72:98:65:86:1f:8d:0b:21:04:
c9:bb:77:55:c8:3a:04:e3:e9:f1:b1:90:3d:d4:9d:6b:7f:15:
f5:d0:88:3c:e3:bd:f5:50:d0:00:7e:28:4c:3b:b9:da:db:cd:
a9:f5:e0:42:1b:5a:13:69:3a:c6:8a:c5:0d:cd:6d:f0:6e:60:
93:f3:3a:1a:29:24:f1:97:01:e9:e7:b5:4f:aa:d8:de:71:f6:
54:78:71:6d:ec:02:1a:96:44:77:41:29:bb:34:8c:8a:7c:b2:
2d:fc:5d:e5:35:f5:28:23:d2:8a:d5:dc:58:3d:c2:84:7e:06:
51:d2:43:71:b5:8a:f5:cc:af:2f:ea:3a:5e:d8:48:c1:36:64:
21:14:9d:95:6b:34:95:5a:f1:7b:b4:a5:e5:71:71:a1:03:5e:
89:1b:40:0d:a8:ba:79:6a:e3:41:ae:53:f6:bb:f9:e6:ad:7d:
04:b6:c8:f9:d9:83:cb:9d:cc:91:ba:ff:36:81:82:fa:cf:92:
c9:c0:0c:b4:83:b7:9b:93:43:ff:59:90:93:65:da:2b:2c:90:
e7:bf:63:34:c1:55:26:51:7d:58:12:51:c0:53:fc:6e:c5:07:
89:36:8c:f2:80:dd:65:57:9c:a1:f6:07:af:3a:95:23:cd:86:
bd:10:cb:70
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQfjIT1LbQZKoP2iVJOLRrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZGUwZGU3M2U3Mzg3NGJiYzY2NzM4ODA1ZDM3M2NhYjgz
M2I3YTUwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA5MmY0NjUyODE2ZDYxYWY1ZThhZTZkMTA1YTA1MTAyZjY2OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzVxsS9N0nUKM8N+TFzxjUL9ixyf
dZ/GRj+TRGAQ8/lDgJOgnnRU1ynmLn2u4Q9YDHgn0Kjku/FQA+tKy7uALBoVAmkb
5FZ2pquFPdNgQ3fmbBWzLuyO59nj5KV0dF8vXK52YQaqkCcHwmLFnrYYW69bHUb8
BIF3RYA99r0VIjpKEVtZEzGu1RunsF5t9Hi/stiZ1tdDN3xavZgBIpsEfSmXhuwt
DLN/t4IWhAJJkxN9u4HE1gQAQU9aUuInfDNvu3Xa+lMsFQZbtBoKaAFYrqRaGRZX
YPwEqgPkkEGa2Bz1KFRzmgTyCS61scPnGqpHQ8btZxcgGEdxMXa1pdimBQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLcJL0ZSgW1hr16K5tEFoFEC9ml8MB8GA1UdIwQY
MBaAFOXeDec+c4dLvGZziAXTc8q4M7elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMt
MTA1MzRjNjdiYmI4LzEvdHdrdlJsS0JiV0d2WG9ybTBRV2dVUUwyYVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMtMTA1MzRjNjdiYmI4
LzEvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuYmcMA4E
AgACMAgDBgAqEKEAADANBgkqhkiG9w0BAQsFAAOCAQEAf9AKSemQy8Rccphlhh+N
CyEEybt3Vcg6BOPp8bGQPdSda38V9dCIPOO99VDQAH4oTDu52tvNqfXgQhtaE2k6
xorFDc1t8G5gk/M6Gikk8ZcB6ee1T6rY3nH2VHhxbewCGpZEd0EpuzSMinyyLfxd
5TX1KCPSitXcWD3ChH4GUdJDcbWK9cyvL+o6XthIwTZkIRSdlWs0lVrxe7Sl5XFx
oQNeiRtADai6eWrjQa5T9rv55q19BLbI+dmDy53Mkbr/NoGC+s+SycAMtIO3m5ND
/1mQk2XaKyyQ579jNMFVJlF9WBJRwFP8bsUHiTaM8oDdZVecofYHrzqVI82GvRDL
cA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:44:13 2025 by rpki-client