Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/TVvIcX-QpAgY2-XhAXccg1jFrRg.roa
File: TVvIcX-QpAgY2-XhAXccg1jFrRg.roa (raw, json)
Hash identifier: WjfluRc0Fup/iu8TvUhwhH3tTXWhtQSLGQGQQCQnqlU=
Subject key identifier: 4D:5B:C8:71:7F:90:A4:08:18:DB:E5:E1:01:77:1C:83:58:C5:AD:18
Certificate issuer: /CN=e7e356fd885796e5d3fe3c4ab51a8c7fd2e8ae5c
Certificate serial: 0195BD66DCED02E11712C1CDE82504740E2C
Authority key identifier: E7:E3:56:FD:88:57:96:E5:D3:FE:3C:4A:B5:1A:8C:7F:D2:E8:AE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5-NW_YhXluXT_jxKtRqMf9Lorlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/TVvIcX-QpAgY2-XhAXccg1jFrRg.roa
Signing time: Sat 22 Mar 2025 10:29:49 +0000
ROA not before: Sat 22 Mar 2025 10:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60735
IP address blocks: 194.124.236.0/24 maxlen: 24
2a0f:3cc3::/36 maxlen: 36
2a0f:3cc3:1000::/36 maxlen: 36
2a0f:3cc3:2000::/36 maxlen: 36
2a0f:3cc6::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bd:66:dc:ed:02:e1:17:12:c1:cd:e8:25:04:74:0e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7e356fd885796e5d3fe3c4ab51a8c7fd2e8ae5c
Validity
Not Before: Mar 22 10:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d5bc8717f90a40818dbe5e101771c8358c5ad18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bf:a9:11:4d:7c:4c:4a:78:d6:92:c4:b5:4f:
5d:e5:56:e5:ab:e0:11:1a:8c:e2:49:26:ff:60:74:
59:66:5e:a2:f2:e6:52:ef:e0:5a:69:94:dd:99:0b:
18:e6:76:2c:a8:8b:92:2b:43:1f:fa:ae:83:91:4f:
51:f3:1d:e6:24:5a:e8:10:64:36:b7:b2:83:2f:e3:
5a:a4:8f:a2:59:58:52:47:89:27:72:ee:ee:98:d5:
3d:ed:d8:14:53:58:9e:a6:93:4f:2d:c7:ad:98:04:
cb:8a:03:47:d2:26:db:f2:3d:5d:fa:49:58:5f:58:
d1:55:99:74:2b:ae:93:c9:17:b5:2f:6e:3e:12:9f:
ed:69:2d:aa:5f:c2:db:d8:3f:32:47:92:f7:78:44:
cb:ec:ca:55:ea:3e:21:e4:db:2e:61:06:44:fc:37:
94:5d:b7:c0:b0:f3:39:ac:5e:07:42:48:2a:6b:27:
e8:83:25:a5:de:a8:07:1c:40:44:00:65:1c:97:ca:
19:34:14:ab:52:0f:b9:bf:83:80:3d:bc:f0:6e:e7:
4f:f0:38:cc:30:c7:54:82:8d:59:ad:80:a0:ae:59:
ab:98:fb:fd:a4:62:08:56:9d:e7:5c:30:46:bb:60:
19:39:23:85:aa:77:11:35:c8:ed:05:5f:37:48:0d:
c4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5B:C8:71:7F:90:A4:08:18:DB:E5:E1:01:77:1C:83:58:C5:AD:18
X509v3 Authority Key Identifier:
keyid:E7:E3:56:FD:88:57:96:E5:D3:FE:3C:4A:B5:1A:8C:7F:D2:E8:AE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-NW_YhXluXT_jxKtRqMf9Lorlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/TVvIcX-QpAgY2-XhAXccg1jFrRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e2891d-6652-4fc2-b992-1386f490b1bf/1/5-NW_YhXluXT_jxKtRqMf9Lorlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.236.0/24
IPv6:
2a0f:3cc3::-2a0f:3cc3:2fff:ffff:ffff:ffff:ffff:ffff
2a0f:3cc6::/32
Signature Algorithm: sha256WithRSAEncryption
92:50:5e:72:35:ad:ca:e6:12:19:e0:28:b2:27:7a:62:91:9c:
53:46:53:8e:08:df:50:d1:05:02:f0:82:c9:2f:08:a6:96:85:
cc:c3:59:6f:59:2e:76:a9:f8:5b:76:ac:6f:67:91:e4:31:7e:
ff:39:9f:e5:37:cd:1a:90:3e:34:04:8c:a9:e6:cc:a6:cb:24:
17:8c:39:30:88:65:52:1f:54:69:17:e7:8c:0c:bd:77:99:a9:
b1:ef:fa:4a:19:15:1c:6c:47:2e:65:11:32:b6:c3:84:79:6a:
67:97:e8:eb:cd:37:e8:79:48:17:da:f9:83:96:75:bc:3a:2d:
4f:e3:dc:89:ae:91:bc:dd:5b:b5:83:7e:5a:08:a1:cb:99:82:
ee:3b:98:1d:31:19:a4:fb:c5:d1:9a:c8:9d:22:90:c2:60:eb:
2b:fc:aa:f9:e2:72:c0:da:e2:08:d2:21:0f:1f:ee:1a:df:93:
40:c7:e4:db:fd:6d:e5:f2:49:3b:5a:1b:e4:d1:86:f1:2d:f0:
af:b9:d5:91:c6:78:13:3e:ff:d5:bc:51:88:a5:21:45:f9:bd:
8e:38:8f:6d:12:d8:57:e7:7a:7b:8f:08:85:2e:ee:81:7a:21:
ac:7a:8b:90:21:da:ad:7b:30:db:76:e9:88:d8:6f:cc:c1:47:
9e:b6:ec:35
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZW9ZtztAuEXEsHN6CUEdA4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTM1NmZkODg1Nzk2ZTVkM2ZlM2M0YWI1MWE4YzdmZDJl
OGFlNWMwHhcNMjUwMzIyMTAyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDViYzg3MTdmOTBhNDA4MThkYmU1ZTEwMTc3MWM4MzU4YzVhZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL+pEU18TEp41pLEtU9d5Vblq+AR
GoziSSb/YHRZZl6i8uZS7+BaaZTdmQsY5nYsqIuSK0Mf+q6DkU9R8x3mJFroEGQ2
t7KDL+NapI+iWVhSR4kncu7umNU97dgUU1ieppNPLcetmATLigNH0ibb8j1d+klY
X1jRVZl0K66TyRe1L24+Ep/taS2qX8Lb2D8yR5L3eETL7MpV6j4h5NsuYQZE/DeU
XbfAsPM5rF4HQkgqayfogyWl3qgHHEBEAGUcl8oZNBSrUg+5v4OAPbzwbudP8DjM
MMdUgo1ZrYCgrlmrmPv9pGIIVp3nXDBGu2AZOSOFqncRNcjtBV83SA3ENQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE1byHF/kKQIGNvl4QF3HINYxa0YMB8GA1UdIwQY
MBaAFOfjVv2IV5bl0/48SrUajH/S6K5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1OV19ZaFhsdVhUX2p4S3RScU1mOUxvcmx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjg5MWQtNjY1Mi00ZmMyLWI5OTIt
MTM4NmY0OTBiMWJmLzEvVFZ2SWNYLVFwQWdZMi1YaEFYY2NnMWpGclJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjg5MWQtNjY1Mi00ZmMyLWI5OTItMTM4NmY0OTBiMWJm
LzEvNS1OV19ZaFhsdVhUX2p4S3RScU1mOUxvcmx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQAwnzsMB4E
AgACMBgwDwMFACoPPMMDBgQqDzzDIAMFACoPPMYwDQYJKoZIhvcNAQELBQADggEB
AJJQXnI1rcrmEhngKLInemKRnFNGU44I31DRBQLwgskvCKaWhczDWW9ZLnap+Ft2
rG9nkeQxfv85n+U3zRqQPjQEjKnmzKbLJBeMOTCIZVIfVGkX54wMvXeZqbHv+koZ
FRxsRy5lETK2w4R5ameX6OvNN+h5SBfa+YOWdbw6LU/j3ImukbzdW7WDfloIocuZ
gu47mB0xGaT7xdGayJ0ikMJg6yv8qvnicsDa4gjSIQ8f7hrfk0DH5Nv9beXySTta
G+TRhvEt8K+51ZHGeBM+/9W8UYilIUX5vY44j20S2FfnenuPCIUu7oF6Iax6i5Ah
2q17MNt26YjYb8zBR5627DU=
-----END CERTIFICATE-----
Generated at Wed Apr 23 13:58:49 2025 by rpki-client