Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/0c2a79-dcdf-4b14-84b4-b2b7a45586c4/1/TkmTKJ1oEdaPTs7zNspqgZFtOYM.roa
File: TkmTKJ1oEdaPTs7zNspqgZFtOYM.roa (raw, json)
Hash identifier: FqU9Kg1Z0Zr+VrAmGUy5zLSangaFJy2es74C/zlowFs=
Subject key identifier: 4E:49:93:28:9D:68:11:D6:8F:4E:CE:F3:36:CA:6A:81:91:6D:39:83
Certificate issuer: /CN=2df746308f9d976d5b1ff6363140ec7c2c35beea
Certificate serial: 01856D93F15BE13262DD34D5613E707B2F1B
Authority key identifier: 2D:F7:46:30:8F:9D:97:6D:5B:1F:F6:36:31:40:EC:7C:2C:35:BE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LfdGMI-dl21bH_Y2MUDsfCw1vuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/0c2a79-dcdf-4b14-84b4-b2b7a45586c4/1/TkmTKJ1oEdaPTs7zNspqgZFtOYM.roa
Signing time: Sun 01 Jan 2023 13:44:50 +0000
ROA not before: Sun 01 Jan 2023 13:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29423
IP address blocks: 185.201.144.0/22 maxlen: 24
2a0a:c5c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:f1:5b:e1:32:62:dd:34:d5:61:3e:70:7b:2f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df746308f9d976d5b1ff6363140ec7c2c35beea
Validity
Not Before: Jan 1 13:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e4993289d6811d68f4ecef336ca6a81916d3983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f6:b6:35:58:eb:40:59:81:be:f8:e7:06:d7:
e4:57:95:10:b3:c4:b9:82:ef:d1:07:fd:e4:34:05:
fd:c1:b7:d6:75:9c:3e:26:fe:85:08:e8:c2:eb:d9:
ee:60:55:32:36:7e:ba:df:78:58:c0:d5:16:a8:da:
8b:2b:fb:df:cf:1a:af:49:8b:0d:e3:cc:8a:93:71:
04:8f:6b:7d:8d:0c:53:42:5a:21:14:da:88:fc:0f:
c4:94:62:c4:7a:b2:f9:24:e5:67:46:44:c9:b5:8f:
65:01:a6:68:8c:65:66:54:8b:9d:de:11:85:8c:bd:
7a:9d:33:cb:71:71:ec:21:86:cb:34:b3:14:d3:73:
09:8a:9e:43:72:e3:f1:ef:60:d9:d1:6b:67:5f:82:
ca:0d:85:6d:ee:14:30:ab:ec:b5:3b:47:50:3e:09:
61:69:49:ce:a9:7d:3f:9a:5f:3b:90:31:2f:1a:7e:
bc:96:af:26:75:39:63:c4:6f:1a:98:ca:f7:fb:c2:
89:8d:d0:d7:48:91:cc:1d:94:5c:25:57:9b:d7:1d:
d2:83:21:bb:23:82:79:9d:71:23:ea:ef:06:7c:08:
77:a8:1a:17:ba:34:84:61:a1:4a:d1:11:6a:2a:b2:
33:d9:79:77:8d:02:28:e4:b2:3d:78:72:ab:38:92:
91:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:49:93:28:9D:68:11:D6:8F:4E:CE:F3:36:CA:6A:81:91:6D:39:83
X509v3 Authority Key Identifier:
keyid:2D:F7:46:30:8F:9D:97:6D:5B:1F:F6:36:31:40:EC:7C:2C:35:BE:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LfdGMI-dl21bH_Y2MUDsfCw1vuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0c2a79-dcdf-4b14-84b4-b2b7a45586c4/1/TkmTKJ1oEdaPTs7zNspqgZFtOYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0c2a79-dcdf-4b14-84b4-b2b7a45586c4/1/LfdGMI-dl21bH_Y2MUDsfCw1vuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.144.0/22
IPv6:
2a0a:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:43:9f:a8:4d:36:8a:b4:51:f4:31:1b:36:33:65:80:e5:f1:
a8:f9:32:ec:79:c2:dd:be:a7:e7:0f:6a:22:12:f9:53:5f:e0:
ad:d5:75:5e:be:b2:d5:ec:dc:58:c0:9b:17:86:20:ea:b7:a8:
80:33:65:de:d1:e6:35:67:c0:c2:c0:7b:bc:4d:e5:79:3a:36:
5d:1a:90:bf:10:52:a8:e4:66:65:54:e2:47:b4:2d:16:a1:cf:
a6:1f:06:93:56:fa:72:03:9d:ab:cd:c2:c7:ab:48:e1:03:af:
b1:2d:1e:a7:14:dc:4d:32:ca:99:b0:e7:52:cb:96:db:b2:17:
c7:1a:58:c0:46:b5:97:bd:ce:42:67:09:6d:95:1b:1b:d0:be:
5d:91:7c:e9:0e:8f:3a:62:7d:28:0a:2f:a3:0c:53:e8:37:65:
3b:b4:17:9c:00:5d:4c:be:a1:18:a8:de:92:89:3b:3c:2d:85:
a7:61:78:bf:d6:46:2e:5e:c6:b8:57:64:c0:4d:ae:16:3e:e3:
36:6c:18:87:e9:3b:ca:a7:ff:0e:63:4c:cc:f4:7b:23:d5:a5:
3a:e2:8e:01:ff:d8:45:83:df:74:a4:1a:0a:4e:16:98:ef:e5:
12:c9:f4:55:20:46:d7:a9:86:c1:6f:d5:fb:9d:1d:7d:28:3c:
18:57:fa:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtk/Fb4TJi3TTVYT5wey8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZjc0NjMwOGY5ZDk3NmQ1YjFmZjYzNjMxNDBlYzdjMmMz
NWJlZWEwHhcNMjMwMTAxMTM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ5OTMyODlkNjgxMWQ2OGY0ZWNlZjMzNmNhNmE4MTkxNmQzOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmva2NVjrQFmBvvjnBtfkV5UQs8S5
gu/RB/3kNAX9wbfWdZw+Jv6FCOjC69nuYFUyNn6633hYwNUWqNqLK/vfzxqvSYsN
48yKk3EEj2t9jQxTQlohFNqI/A/ElGLEerL5JOVnRkTJtY9lAaZojGVmVIud3hGF
jL16nTPLcXHsIYbLNLMU03MJip5DcuPx72DZ0WtnX4LKDYVt7hQwq+y1O0dQPglh
aUnOqX0/ml87kDEvGn68lq8mdTljxG8amMr3+8KJjdDXSJHMHZRcJVeb1x3SgyG7
I4J5nXEj6u8GfAh3qBoXujSEYaFK0RFqKrIz2Xl3jQIo5LI9eHKrOJKRTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE5JkyidaBHWj07O8zbKaoGRbTmDMB8GA1UdIwQY
MBaAFC33RjCPnZdtWx/2NjFA7HwsNb7qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZkR01JLWRsMjFiSF9ZMk1VRHNmQ3cxdnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8wYzJhNzktZGNkZi00YjE0LTg0YjQt
YjJiN2E0NTU4NmM0LzEvVGttVEtKMW9FZGFQVHM3ek5zcHFnWkZ0T1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8wYzJhNzktZGNkZi00YjE0LTg0YjQtYjJiN2E0NTU4NmM0
LzEvTGZkR01JLWRsMjFiSF9ZMk1VRHNmQ3cxdnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucmQMA0E
AgACMAcDBQMqCsXAMA0GCSqGSIb3DQEBCwUAA4IBAQB8Q5+oTTaKtFH0MRs2M2WA
5fGo+TLsecLdvqfnD2oiEvlTX+Ct1XVevrLV7NxYwJsXhiDqt6iAM2Xe0eY1Z8DC
wHu8TeV5OjZdGpC/EFKo5GZlVOJHtC0Woc+mHwaTVvpyA52rzcLHq0jhA6+xLR6n
FNxNMsqZsOdSy5bbshfHGljARrWXvc5CZwltlRsb0L5dkXzpDo86Yn0oCi+jDFPo
N2U7tBecAF1MvqEYqN6SiTs8LYWnYXi/1kYuXsa4V2TATa4WPuM2bBiH6TvKp/8O
Y0zM9Hsj1aU64o4B/9hFg990pBoKThaY7+USyfRVIEbXqYbBb9X7nR19KDwYV/o8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:04 2025 by rpki-client