Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tLpOzipxyMh_oXKOsnqDHC1prCI.roa
File: tLpOzipxyMh_oXKOsnqDHC1prCI.roa (raw, json)
Hash identifier: RA8lMFHvcdkQqYTKbgXnmaGlL8ZNhi58ns2wdcuiHQs=
Subject key identifier: B4:BA:4E:CE:2A:71:C8:C8:7F:A1:72:8E:B2:7A:83:1C:2D:69:AC:22
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D710872454CB4A7F7830E479F88F0B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tLpOzipxyMh_oXKOsnqDHC1prCI.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51200
IP address blocks: 185.102.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:10:87:24:54:cb:4a:7f:78:30:e4:79:f8:8f:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4ba4ece2a71c8c87fa1728eb27a831c2d69ac22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7b:9a:b5:ef:12:15:88:41:04:2c:57:b9:ff:
19:e6:0d:00:bb:e6:44:37:34:a6:ee:5c:9f:5f:86:
89:8e:c4:fd:77:25:eb:1e:9a:af:43:4c:48:e9:dc:
03:3e:75:1c:96:72:0b:89:68:2a:15:b4:27:57:ac:
c6:49:2b:76:58:da:28:a2:63:34:21:65:f0:8b:ac:
a0:ec:07:43:7e:85:2a:24:d0:ea:ad:f6:a2:47:cc:
9f:b8:42:2a:93:0f:50:71:1c:91:58:c3:80:4b:9a:
a9:a0:24:ef:77:74:f4:7c:ea:f9:04:36:c5:b5:83:
17:1c:6b:42:45:d2:44:1c:0d:2b:35:5d:9e:5f:3b:
92:6b:3e:42:f5:2f:67:dc:2a:ea:04:22:60:11:b5:
c7:10:a3:2a:47:f6:bf:d0:72:e1:93:bd:97:75:07:
d2:73:38:76:0a:b1:bf:a1:8a:1d:8f:1b:81:15:69:
2d:fe:d1:37:ff:8f:40:a2:40:0e:c5:ab:99:8f:d9:
ae:31:ef:7f:62:10:e7:04:d0:e4:c7:56:4e:e8:e8:
8b:f9:80:4b:b9:e1:28:20:ce:ba:ce:c4:9a:c7:93:
ad:01:3e:b0:b2:49:19:df:6e:38:2a:1f:04:f0:28:
86:08:ed:0a:94:7a:d7:05:5c:c4:12:ce:41:ca:09:
8d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BA:4E:CE:2A:71:C8:C8:7F:A1:72:8E:B2:7A:83:1C:2D:69:AC:22
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tLpOzipxyMh_oXKOsnqDHC1prCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.138.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:50:9e:07:8c:65:ce:66:72:47:11:58:d6:b3:15:ed:7d:3a:
4e:20:d2:7c:c2:39:a7:94:f8:50:51:60:ef:e2:b3:f5:7d:29:
3e:c2:0c:ff:55:2b:0e:0e:b6:99:c3:2b:a9:a6:e6:4e:b5:2a:
e8:27:58:b8:1c:40:82:99:e4:a0:43:62:5a:c5:a8:1a:b5:0b:
f0:50:73:f9:0f:68:6e:24:45:14:7c:af:b7:d4:0a:43:69:15:
4a:d7:9d:fd:6b:06:b5:1c:0b:93:46:f0:86:e9:9f:36:5e:0c:
84:13:fc:7d:aa:c6:03:af:be:d1:3f:31:0c:6b:cd:5f:7b:6f:
59:a3:78:7d:00:1d:44:36:a6:17:ab:21:97:38:fe:e7:b2:e0:
69:d7:19:73:15:51:56:8c:b7:b9:80:8b:6a:28:55:ad:3c:85:
67:b0:a8:60:a1:5e:e1:3d:04:08:1c:5a:e0:ea:d2:40:3e:43:
3d:09:27:2c:c7:4d:33:a5:94:a7:5a:4d:5b:93:b9:93:03:fc:
ab:c4:af:6e:31:71:13:87:e3:9d:4b:cf:69:8f:43:bf:56:d7:
c0:d0:fe:83:e8:55:ff:39:ad:44:e8:07:2e:19:77:eb:3e:50:
26:6f:44:7e:f7:49:d9:1c:2a:cf:24:b1:37:c1:36:6a:58:5f:
06:0d:71:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xCHJFTLSn94MOR5+I8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhNGVjZTJhNzFjOGM4N2ZhMTcyOGViMjdhODMxYzJkNjlhYzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnuate8SFYhBBCxXuf8Z5g0Au+ZE
NzSm7lyfX4aJjsT9dyXrHpqvQ0xI6dwDPnUclnILiWgqFbQnV6zGSSt2WNooomM0
IWXwi6yg7AdDfoUqJNDqrfaiR8yfuEIqkw9QcRyRWMOAS5qpoCTvd3T0fOr5BDbF
tYMXHGtCRdJEHA0rNV2eXzuSaz5C9S9n3CrqBCJgEbXHEKMqR/a/0HLhk72XdQfS
czh2CrG/oYodjxuBFWkt/tE3/49AokAOxauZj9muMe9/YhDnBNDkx1ZO6OiL+YBL
ueEoIM66zsSax5OtAT6wskkZ3244Kh8E8CiGCO0KlHrXBVzEEs5BygmNhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLS6Ts4qccjIf6FyjrJ6gxwtaawiMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdExwT3ppcHh5TWhfb1hLT3NucURIQzFwckNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWaKMA0G
CSqGSIb3DQEBCwUAA4IBAQCpUJ4HjGXOZnJHEVjWsxXtfTpOINJ8wjmnlPhQUWDv
4rP1fSk+wgz/VSsODraZwyuppuZOtSroJ1i4HECCmeSgQ2JaxagatQvwUHP5D2hu
JEUUfK+31ApDaRVK1539awa1HAuTRvCG6Z82XgyEE/x9qsYDr77RPzEMa81fe29Z
o3h9AB1ENqYXqyGXOP7nsuBp1xlzFVFWjLe5gItqKFWtPIVnsKhgoV7hPQQIHFrg
6tJAPkM9CScsx00zpZSnWk1bk7mTA/yrxK9uMXETh+OdS89pj0O/VtfA0P6D6FX/
Oa1E6AcuGXfrPlAmb0R+90nZHCrPJLE3wTZqWF8GDXE0
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:44:26 2025 by rpki-client