Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/TVDjYzkETmBCT7v1_fe4s6H8gEU.roa
File: TVDjYzkETmBCT7v1_fe4s6H8gEU.roa (raw, json)
Hash identifier: zxaM+TU0HD4P7dxOW2gfkICzMAb8AYSlKoeUfD1Wv0k=
Subject key identifier: 4D:50:E3:63:39:04:4E:60:42:4F:BB:F5:FD:F7:B8:B3:A1:FC:80:45
Certificate issuer: /CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Certificate serial: 019425FD65F75F5A8D1D627C63590820439B
Authority key identifier: 16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/TVDjYzkETmBCT7v1_fe4s6H8gEU.roa
Signing time: Thu 02 Jan 2025 07:49:11 +0000
ROA not before: Thu 02 Jan 2025 07:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12778
IP address blocks: 5.32.136.0/21 maxlen: 24
77.234.128.0/19 maxlen: 19
91.199.161.0/24 maxlen: 24
185.205.116.0/22 maxlen: 24
194.247.162.0/23 maxlen: 24
212.72.96.0/19 maxlen: 19
2a02:d68::/32 maxlen: 32
2a06:c180::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:65:f7:5f:5a:8d:1d:62:7c:63:59:08:20:43:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Validity
Not Before: Jan 2 07:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d50e36339044e60424fbbf5fdf7b8b3a1fc8045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ba:cf:e4:b0:4b:d2:a2:0b:89:9a:d7:9d:e1:
7f:84:d2:49:d0:0e:09:67:60:4e:92:d8:4c:bd:10:
20:d2:b6:0e:a9:f6:51:f9:ae:00:9a:13:fd:09:dc:
33:64:36:d7:9d:49:03:dd:a4:a7:49:81:e2:3c:22:
f7:19:a9:15:00:d9:8c:02:d7:3d:50:26:3e:02:0a:
60:dc:a6:89:38:3a:dd:76:52:75:19:13:a5:a2:e3:
f7:63:3a:28:2f:d8:e3:21:21:dc:e3:72:ff:08:37:
53:19:80:19:18:88:8f:d4:34:3e:86:d7:a6:f0:89:
fc:39:70:3c:3a:25:3d:54:28:39:6b:34:3a:50:5b:
d5:3b:a3:96:fd:55:78:47:09:3c:8d:77:2d:cd:25:
99:4f:84:b5:3d:13:73:32:bc:18:94:7b:0b:74:51:
a8:ed:12:1c:1a:3f:2a:79:ee:c4:95:8a:5c:84:b1:
00:fc:2b:b2:66:d3:e7:ee:19:53:7d:26:70:7c:d1:
23:72:64:b6:4e:23:6d:6b:79:4d:45:ee:70:5e:96:
2a:7b:38:8b:5f:59:12:b4:95:88:11:f1:c3:2c:37:
21:de:59:33:59:d6:2b:9e:df:1c:aa:a7:6e:f7:f4:
f3:67:6f:21:84:1a:ae:93:65:84:83:13:f0:69:5a:
d7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:50:E3:63:39:04:4E:60:42:4F:BB:F5:FD:F7:B8:B3:A1:FC:80:45
X509v3 Authority Key Identifier:
keyid:16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/TVDjYzkETmBCT7v1_fe4s6H8gEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.136.0/21
77.234.128.0/19
91.199.161.0/24
185.205.116.0/22
194.247.162.0/23
212.72.96.0/19
IPv6:
2a02:d68::/32
2a06:c180::/29
Signature Algorithm: sha256WithRSAEncryption
7b:aa:e2:a2:51:fc:0d:4e:c0:51:37:aa:dc:20:4b:2f:37:68:
92:c7:b3:98:ec:68:a5:01:5f:d7:93:37:39:5a:31:ae:08:05:
51:b2:58:80:ac:78:21:1b:64:ef:c1:9b:09:49:f1:bf:4a:a0:
22:ca:9d:2f:78:ef:a8:02:5a:68:11:3b:e3:1a:4a:2e:64:b7:
52:72:8b:20:8d:94:56:79:3b:5a:75:db:1f:1e:cc:9c:fb:e7:
5d:b4:46:bf:24:3c:85:d6:91:03:36:e6:45:c2:1c:44:2e:f3:
a7:e9:ba:b8:05:cd:50:6d:16:83:fe:25:33:7d:c8:d0:c1:83:
b7:19:fb:b1:20:0c:0f:e8:20:c2:ec:24:96:6e:73:bd:ba:2c:
54:f7:ca:56:21:37:9b:79:03:71:5c:dc:1a:13:7c:e2:17:e4:
5d:6d:26:37:71:e4:bc:dd:31:f2:8f:56:6b:f2:3e:a4:df:3e:
08:6d:f8:ba:72:6d:7f:38:fc:18:45:eb:6e:52:d6:cc:e9:31:
b6:66:38:78:df:20:b4:97:8a:4d:0c:31:b7:1b:1f:36:c8:80:
7d:fd:da:bf:37:71:ec:9e:8b:18:8e:7a:29:f1:df:08:76:06:
88:6f:d1:b0:31:8a:50:e6:10:b6:8b:0a:05:8f:8d:29:3d:37:
12:48:6d:da
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQl/WX3X1qNHWJ8Y1kIIEObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDk2Y2Y0MTA5YTRhODVkMTg2M2JmNTRhYTRmYTNlODFl
MGMwZTYwHhcNMjUwMTAyMDc0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUwZTM2MzM5MDQ0ZTYwNDI0ZmJiZjVmZGY3YjhiM2ExZmM4MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbrP5LBL0qILiZrXneF/hNJJ0A4J
Z2BOkthMvRAg0rYOqfZR+a4AmhP9CdwzZDbXnUkD3aSnSYHiPCL3GakVANmMAtc9
UCY+Agpg3KaJODrddlJ1GROlouP3YzooL9jjISHc43L/CDdTGYAZGIiP1DQ+htem
8In8OXA8OiU9VCg5azQ6UFvVO6OW/VV4Rwk8jXctzSWZT4S1PRNzMrwYlHsLdFGo
7RIcGj8qee7ElYpchLEA/CuyZtPn7hlTfSZwfNEjcmS2TiNta3lNRe5wXpYqeziL
X1kStJWIEfHDLDch3lkzWdYrnt8cqqdu9/TzZ28hhBquk2WEgxPwaVrXdQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFE1Q42M5BE5gQk+79f33uLOh/IBFMB8GA1UdIwQY
MBaAFBbZbPQQmkqF0YY79Uqk+j6B4MDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAt
MTQwN2MwOGRiNTgyLzEvVFZEall6a0VUbUJDVDd2MV9mZTRzNkg4Z0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAtMTQwN2MwOGRiNTgy
LzEvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBSCIAwQF
TeqAAwQAW8ehAwQCuc10AwQBwveiAwQF1EhgMBQEAgACMA4DBQAqAg1oAwUDKgbB
gDANBgkqhkiG9w0BAQsFAAOCAQEAe6riolH8DU7AUTeq3CBLLzdoksezmOxopQFf
15M3OVoxrggFUbJYgKx4IRtk78GbCUnxv0qgIsqdL3jvqAJaaBE74xpKLmS3UnKL
II2UVnk7WnXbHx7MnPvnXbRGvyQ8hdaRAzbmRcIcRC7zp+m6uAXNUG0Wg/4lM33I
0MGDtxn7sSAMD+ggwuwklm5zvbosVPfKViE3m3kDcVzcGhN84hfkXW0mN3HkvN0x
8o9Wa/I+pN8+CG34unJtfzj8GEXrblLWzOkxtmY4eN8gtJeKTQwxtxsfNsiAff3a
vzdx7J6LGI56KfHfCHYGiG/RsDGKUOYQtosKBY+NKT03Ekht2g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:32 2025 by rpki-client