Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/TABTJULa08qW8JvWVsEQyzw988E.roa
File: TABTJULa08qW8JvWVsEQyzw988E.roa (raw, json)
Hash identifier: 87wXXKShbA2i/rBeWUQa5kEso+hDeyLyGQQ2xrHpSsU=
Subject key identifier: 4C:00:53:25:42:DA:D3:CA:96:F0:9B:D6:56:C1:10:CB:3C:3D:F3:C1
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0191E158F445712AA5011042B3788FDDC0DF
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/TABTJULa08qW8JvWVsEQyzw988E.roa
Signing time: Wed 11 Sep 2024 13:49:48 +0000
ROA not before: Wed 11 Sep 2024 13:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 82.97.196.0/23 maxlen: 24
89.38.106.0/23 maxlen: 24
91.238.148.0/23 maxlen: 24
188.214.89.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.24.234.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:58:f4:45:71:2a:a5:01:10:42:b3:78:8f:dd:c0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Sep 11 13:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c00532542dad3ca96f09bd656c110cb3c3df3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6e:bd:77:e5:07:04:56:13:cd:0e:7b:ff:d2:
55:3e:b4:5c:40:64:99:0a:ad:9d:5f:ac:2f:fe:7d:
00:f4:14:65:8e:fa:07:c3:4b:ae:46:42:d4:dc:70:
21:9a:4a:aa:8f:a3:e3:ea:3e:a6:ee:f7:6f:56:6c:
d0:05:5d:4f:35:86:1f:1d:f4:79:5d:11:c0:af:73:
16:d9:22:05:28:3b:15:7c:ad:f6:77:75:80:0e:9a:
9b:2c:eb:da:dd:72:74:f2:9f:38:18:a1:bf:3c:13:
c1:16:b8:e2:1a:1c:14:5d:57:18:09:96:8b:a4:f0:
4b:7f:e4:60:6a:1f:2c:47:b2:b0:39:25:97:54:b6:
69:1f:48:59:10:c2:bc:48:af:47:7f:3d:f1:c4:78:
a4:33:4d:36:20:76:cc:d5:1c:a6:b9:89:fa:ac:50:
4e:cf:95:6c:ce:cb:2c:d3:b1:96:2b:e3:de:f3:1c:
77:96:44:46:da:69:2b:75:ad:62:ef:e7:af:94:1a:
a3:58:67:fd:64:84:db:3e:90:33:5a:34:15:a5:a3:
11:24:8b:69:d7:4b:0b:cc:89:12:0e:b5:6f:32:ef:
62:dc:ec:67:fc:e6:18:26:c2:41:a0:0a:04:7c:44:
84:0a:aa:10:52:77:f7:4c:03:0d:77:60:f2:d4:fe:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:00:53:25:42:DA:D3:CA:96:F0:9B:D6:56:C1:10:CB:3C:3D:F3:C1
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/TABTJULa08qW8JvWVsEQyzw988E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.196.0/23
89.38.106.0/23
91.238.148.0/23
188.214.89.0/24
188.241.59.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.24.234.0/23
194.88.134.0/23
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:2e:58:3b:42:32:d8:7a:4d:15:f0:8c:be:10:4d:10:86:e7:
c1:2e:56:6f:8e:b0:53:59:9b:e6:b3:6c:c7:05:51:64:09:21:
fb:f8:f5:f5:ed:ae:b7:65:4e:94:9a:cc:a2:92:04:f3:c9:d7:
32:2b:f3:59:2e:a4:75:84:89:09:7c:f0:57:80:1e:54:f5:37:
3c:c7:69:44:4d:dd:5b:82:f9:31:48:52:01:18:62:72:9a:1a:
29:2d:26:ce:d4:ae:3b:61:cc:22:8b:64:7a:e6:e0:39:07:00:
5b:9d:24:ad:23:d6:2a:f2:50:f5:20:1a:4b:9d:39:18:8b:57:
36:7f:2d:25:de:d0:b8:06:3f:24:23:d3:26:01:14:d5:77:8d:
82:0a:6a:8c:9a:35:d9:28:21:dc:97:03:ad:ee:5a:19:14:41:
b0:59:a6:1c:44:41:51:37:5c:59:a0:b2:98:06:91:6c:42:b2:
bc:be:82:a2:aa:85:c9:14:80:7a:a9:c6:c4:9f:e2:3a:91:b7:
84:da:5b:51:ce:8f:3b:fb:31:15:fa:ec:3f:16:44:2f:28:9e:
43:64:d4:82:fd:53:61:95:76:57:d4:9d:92:96:c4:2c:df:10:
0e:9d:74:97:77:93:6a:3b:d4:a4:e4:73:be:ad:40:e7:97:b1:
c3:ec:c8:cc
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZHhWPRFcSqlARBCs3iP3cDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjQwOTExMTM0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzAwNTMyNTQyZGFkM2NhOTZmMDliZDY1NmMxMTBjYjNjM2RmM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5m69d+UHBFYTzQ57/9JVPrRcQGSZ
Cq2dX6wv/n0A9BRljvoHw0uuRkLU3HAhmkqqj6Pj6j6m7vdvVmzQBV1PNYYfHfR5
XRHAr3MW2SIFKDsVfK32d3WADpqbLOva3XJ08p84GKG/PBPBFrjiGhwUXVcYCZaL
pPBLf+Rgah8sR7KwOSWXVLZpH0hZEMK8SK9Hfz3xxHikM002IHbM1RymuYn6rFBO
z5Vszsss07GWK+Pe8xx3lkRG2mkrda1i7+evlBqjWGf9ZITbPpAzWjQVpaMRJItp
10sLzIkSDrVvMu9i3Oxn/OYYJsJBoAoEfESECqoQUnf3TAMNd2Dy1P5jQQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEwAUyVC2tPKlvCb1lbBEMs8PfPBMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvVEFCVEpVTGEwOHFXOEp2V1ZzRVF5enc5ODhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAVJh
xAMEAVkmagMEAVvulAMEALzWWQMEALzxOwMEAcGpCAMEAcHANAMEAcHvrAMEAcHv
9gMEAcIY6gMEAcJYhgMEAcL2agMEAcMCxAMEAcMNMAMEAcMiUAMEAcNdjAMEAcOA
vAMEAcOHwAMEAcO9+gMEAcPSLAMEAcP+jDANBgkqhkiG9w0BAQsFAAOCAQEAPS5Y
O0Iy2HpNFfCMvhBNEIbnwS5Wb46wU1mb5rNsxwVRZAkh+/j19e2ut2VOlJrMopIE
88nXMivzWS6kdYSJCXzwV4AeVPU3PMdpRE3dW4L5MUhSARhicpoaKS0mztSuO2HM
IotkeubgOQcAW50krSPWKvJQ9SAaS505GItXNn8tJd7QuAY/JCPTJgEU1XeNggpq
jJo12Sgh3JcDre5aGRRBsFmmHERBUTdcWaCymAaRbEKyvL6CoqqFyRSAeqnGxJ/i
OpG3hNpbUc6PO/sxFfrsPxZELyieQ2TUgv1TYZV2V9SdkpbELN8QDp10l3eTajvU
pORzvq1A55exw+zIzA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:55 2025 by rpki-client