Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/TpQ5Z-UdKferYkvwPdK8R7DUnj0.roa
File: TpQ5Z-UdKferYkvwPdK8R7DUnj0.roa (raw, json)
Hash identifier: QghfP6CKI1HCADXXFPrgTYVwEH/4oteFqhbAKuXsWlY=
Subject key identifier: 4E:94:39:67:E5:1D:29:F7:AB:62:4B:F0:3D:D2:BC:47:B0:D4:9E:3D
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0194252099DC4205422005EA06ECC11255FD
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/TpQ5Z-UdKferYkvwPdK8R7DUnj0.roa
Signing time: Thu 02 Jan 2025 03:48:00 +0000
ROA not before: Thu 02 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207990
IP address blocks: 43.240.140.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
83.229.76.0/22 maxlen: 32
83.229.104.0/22 maxlen: 32
84.39.224.0/21 maxlen: 32
89.19.42.0/23 maxlen: 32
89.34.78.0/23 maxlen: 32
89.38.132.0/23 maxlen: 32
89.249.51.0/24 maxlen: 32
91.132.184.0/22 maxlen: 32
92.43.84.0/22 maxlen: 32
93.114.8.0/23 maxlen: 32
93.114.10.0/23 maxlen: 32
93.114.12.0/22 maxlen: 32
93.115.12.0/23 maxlen: 32
93.180.192.0/20 maxlen: 32
93.180.224.0/20 maxlen: 32
94.176.112.0/20 maxlen: 32
95.215.36.0/22 maxlen: 32
103.204.124.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
119.13.208.0/20 maxlen: 32
121.91.80.0/21 maxlen: 32
150.129.92.0/22 maxlen: 32
185.38.102.0/24 maxlen: 32
185.90.243.0/24 maxlen: 32
185.125.192.0/22 maxlen: 32
185.131.220.0/24 maxlen: 32
185.229.250.0/24 maxlen: 32
188.119.116.0/22 maxlen: 32
203.109.60.0/22 maxlen: 32
203.166.148.0/22 maxlen: 32
203.166.152.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:99:dc:42:05:42:20:05:ea:06:ec:c1:12:55:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 2 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e943967e51d29f7ab624bf03dd2bc47b0d49e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6d:04:f5:0c:4f:0d:e9:f2:48:43:ad:1d:20:
9d:41:e0:50:44:1c:e8:e7:b7:56:a1:8b:4e:19:aa:
64:3c:ed:d7:c0:2f:13:d3:e1:14:d7:91:9b:a6:6e:
27:8b:2e:f4:7c:ac:72:e9:ca:7d:c1:4b:c4:8e:45:
74:12:50:f7:f3:43:da:bd:3a:56:82:a0:ce:ad:79:
c1:9d:84:8d:fe:b0:61:e0:8b:4f:02:f8:05:9f:04:
37:90:84:99:e3:c3:b8:db:a7:5b:07:4d:37:95:35:
49:88:3a:de:29:5a:77:a7:47:79:23:cd:43:8e:42:
2c:a0:d7:51:14:fe:a2:2a:c5:67:44:8f:dc:60:14:
99:4c:fc:ff:94:d9:70:25:97:fc:cd:a9:ef:7e:5b:
d4:0f:4d:9f:d0:17:58:e8:93:13:54:98:f6:1d:f8:
8d:03:2c:26:87:20:7c:b3:93:8a:3c:96:14:ab:90:
c0:ce:63:a2:a2:4d:6e:8e:02:e6:2d:bc:2b:bf:39:
f5:e1:64:a5:ee:15:9e:b3:28:53:2e:f1:fc:56:7f:
68:b6:4a:b7:b4:d8:e2:8a:fe:98:70:c5:6f:8b:a9:
db:32:87:ea:21:d7:91:14:3c:5c:12:6a:57:d9:1c:
ae:8c:b2:e4:7d:e5:39:6a:e4:0d:10:5f:af:b7:30:
ff:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:94:39:67:E5:1D:29:F7:AB:62:4B:F0:3D:D2:BC:47:B0:D4:9E:3D
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/TpQ5Z-UdKferYkvwPdK8R7DUnj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.140.0/22
45.142.92.0/22
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
89.19.42.0/23
89.34.78.0/23
89.38.132.0/23
89.249.51.0/24
91.132.184.0/22
92.43.84.0/22
93.114.8.0/21
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
95.215.36.0/22
103.204.124.0/22
119.13.192.0/19
121.91.80.0/21
150.129.92.0/22
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.229.250.0/24
188.119.116.0/22
203.109.60.0/22
203.166.148.0-203.166.155.255
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
14:6e:96:0f:35:33:85:b2:a6:9b:24:90:08:6f:bd:02:64:39:
c7:d8:da:08:b8:52:57:6f:47:21:6b:ca:d8:d6:4e:4d:e1:9f:
6a:70:d0:90:e8:cf:2d:b1:6e:db:ae:69:15:3d:31:3f:71:ec:
46:4b:40:3f:33:06:71:51:52:f9:b3:55:20:4b:42:ce:60:6f:
86:25:b3:12:91:1e:cf:89:7b:2d:65:e8:52:eb:3d:00:6a:64:
82:58:ca:40:e9:a8:b9:d4:ba:44:db:bb:63:5b:74:89:f9:d8:
df:d7:e1:35:9e:86:0b:db:f8:f3:ba:eb:9a:09:a0:d6:ce:44:
cf:9a:71:55:6b:b6:5a:a5:2a:3b:c5:d3:07:81:81:96:9b:e0:
af:13:e2:0b:2e:a4:af:45:da:d0:c4:d3:20:10:b7:9f:d9:07:
dc:b2:e9:2c:64:7b:24:07:09:7d:f6:38:3b:2d:38:c9:9e:a3:
8a:a1:0c:3b:8d:90:ee:2c:ee:a0:d2:e1:45:79:a5:96:5c:73:
7a:b8:65:38:f8:6b:7d:cf:5a:a9:0d:e4:f3:f4:c4:14:f8:5b:
eb:93:6f:46:5e:46:cd:8e:80:a3:da:8f:58:f0:6a:40:ce:4f:
2c:8e:48:7c:99:75:c7:33:52:2e:b6:42:6e:e8:0b:71:da:e4:
04:49:9b:e6
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZQlIJncQgVCIAXqBuzBElX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjUwMTAyMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk0Mzk2N2U1MWQyOWY3YWI2MjRiZjAzZGQyYmM0N2IwZDQ5ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs20E9QxPDenySEOtHSCdQeBQRBzo
57dWoYtOGapkPO3XwC8T0+EU15Gbpm4niy70fKxy6cp9wUvEjkV0ElD380PavTpW
gqDOrXnBnYSN/rBh4ItPAvgFnwQ3kISZ48O426dbB003lTVJiDreKVp3p0d5I81D
jkIsoNdRFP6iKsVnRI/cYBSZTPz/lNlwJZf8zanvflvUD02f0BdY6JMTVJj2HfiN
AywmhyB8s5OKPJYUq5DAzmOiok1ujgLmLbwrvzn14WSl7hWesyhTLvH8Vn9otkq3
tNjiiv6YcMVvi6nbMofqIdeRFDxcEmpX2RyujLLkfeU5auQNEF+vtzD/RQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFE6UOWflHSn3q2JL8D3SvEew1J49MB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvVHBRNVotVWRLZmVyWWt2d1BkSzhSN0RVbmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAIr
8IwDBAItjlwDBABOiigwDAMEAE6KLwMEAE6KMAMEAE6KMgMEAlPlTAMEAlPlaAME
A1Qn4AMEAVkTKgMEAVkiTgMEAVkmhAMEAFn5MwMEAluEuAMEAlwrVAMEA11yCAME
AV1zDAMEBF20wAMEBF204AMEBF6wcAMEAl/XJAMEAmfMfAMEBXcNwAMEA3lbUAME
ApaBXAMEALkmZgMEALla8wMEArl9wAMEALmD3AMEALnl+gMEArx3dAMEAsttPDAM
AwQCy6aUAwQCy6aYAwQD0RSwMA0GCSqGSIb3DQEBCwUAA4IBAQAUbpYPNTOFsqab
JJAIb70CZDnH2NoIuFJXb0cha8rY1k5N4Z9qcNCQ6M8tsW7brmkVPTE/cexGS0A/
MwZxUVL5s1UgS0LOYG+GJbMSkR7PiXstZehS6z0AamSCWMpA6ai51LpE27tjW3SJ
+djf1+E1noYL2/jzuuuaCaDWzkTPmnFVa7ZapSo7xdMHgYGWm+CvE+ILLqSvRdrQ
xNMgELef2QfcsuksZHskBwl99jg7LTjJnqOKoQw7jZDuLO6g0uFFeaWWXHN6uGU4
+Gt9z1qpDeTz9MQU+Fvrk29GXkbNjoCj2o9Y8GpAzk8sjkh8mXXHM1IutkJu6Atx
2uQESZvm
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:58 2025 by rpki-client