Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/tknXucZVczrziUt3TxZyyd4zoHE.roa
File: tknXucZVczrziUt3TxZyyd4zoHE.roa (raw, json)
Hash identifier: fZyhy1ZEHV3i0UcIge+cXPVVDI4sNT1gqHZeXRDeWAc=
Subject key identifier: B6:49:D7:B9:C6:55:73:3A:F3:89:4B:77:4F:16:72:C9:DE:33:A0:71
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019422FC09DF36FA90A59C05EEF011A28E18
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/tknXucZVczrziUt3TxZyyd4zoHE.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 81.22.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:09:df:36:fa:90:a5:9c:05:ee:f0:11:a2:8e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b649d7b9c655733af3894b774f1672c9de33a071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d1:25:7d:5b:09:85:3f:44:8f:70:4b:ce:dd:
aa:c4:99:37:2d:d5:ef:a7:03:e9:32:bb:b8:5e:3b:
8f:5a:ea:4a:fa:43:21:03:da:a5:3f:7f:97:8e:81:
5d:5a:65:70:3d:72:86:2e:6d:dd:89:a5:0f:cc:fe:
4b:96:71:ac:2b:d4:2f:01:87:89:eb:44:63:2b:60:
cb:a6:f9:20:17:ea:85:52:08:52:2e:e6:07:89:ad:
6d:58:d0:07:ea:0b:8d:25:92:ab:82:7a:d8:a3:2f:
37:7e:b2:84:91:96:9f:cf:27:54:77:e2:7f:8c:00:
6c:80:45:3c:96:68:7f:f5:3e:d6:cc:ca:ac:dc:d4:
e4:90:a9:34:5d:e7:ce:f3:f8:27:97:04:d0:02:0d:
f7:d0:d1:ed:48:4d:0e:26:66:12:7e:83:84:3e:a7:
1a:3d:de:07:75:20:a8:14:b2:81:a0:dc:bc:8e:23:
0f:e8:27:c9:f8:f8:2a:56:ab:f6:9f:89:3e:95:9a:
be:f6:35:9c:0c:2e:34:8e:2e:8d:7f:3f:e1:51:db:
a7:93:5d:a1:27:aa:9c:c2:92:da:65:cf:dc:c6:03:
60:10:6f:f9:c2:3c:0f:04:91:e6:80:dd:e7:25:2d:
a3:b5:3b:6c:63:0d:ca:e7:3c:10:d1:cb:52:ce:fe:
b6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:49:D7:B9:C6:55:73:3A:F3:89:4B:77:4F:16:72:C9:DE:33:A0:71
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/tknXucZVczrziUt3TxZyyd4zoHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.141.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:55:e1:84:f7:43:60:86:da:cb:2c:dc:12:65:ec:09:7b:5f:
0b:29:78:fc:ab:72:a1:fe:2f:cb:41:59:f2:0c:67:b6:14:f1:
af:2e:8b:b4:f6:43:b4:6c:04:ae:4d:27:99:95:e4:77:25:be:
57:44:4d:75:c9:68:7f:1f:83:09:c1:58:90:66:15:57:d3:70:
fd:7a:db:d4:14:74:4a:0d:9e:7f:4e:39:eb:3a:41:3b:8f:06:
20:23:51:e4:7e:b5:59:4d:8b:e6:49:d1:9d:80:29:50:5a:c2:
7b:21:a5:2f:ce:5c:e7:2f:2b:91:79:b0:e3:17:71:70:f7:5b:
83:12:a2:a9:6b:d7:45:1a:b6:c1:9d:fa:60:78:d3:1f:1e:09:
10:64:6e:89:85:63:f3:fc:9e:41:9e:b4:df:fb:23:fc:16:e6:
49:b8:64:95:37:7f:05:7e:15:d8:42:3f:f0:3c:da:06:f7:9e:
2c:81:25:71:9e:02:28:98:3c:36:d6:76:06:9a:5d:98:0b:a8:
5d:a5:e2:3e:04:f8:7d:38:4d:3c:56:42:1a:7f:aa:47:3c:4f:
c5:ac:7f:34:69:57:df:d8:1d:2d:fd:9a:02:78:b3:28:ac:91:
b5:14:3f:e6:91:0b:ba:87:e8:04:69:e7:6e:9f:4c:08:1f:34:
fc:a3:14:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/AnfNvqQpZwF7vARoo4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ5ZDdiOWM2NTU3MzNhZjM4OTRiNzc0ZjE2NzJjOWRlMzNhMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9ElfVsJhT9Ej3BLzt2qxJk3LdXv
pwPpMru4XjuPWupK+kMhA9qlP3+XjoFdWmVwPXKGLm3diaUPzP5LlnGsK9QvAYeJ
60RjK2DLpvkgF+qFUghSLuYHia1tWNAH6guNJZKrgnrYoy83frKEkZafzydUd+J/
jABsgEU8lmh/9T7WzMqs3NTkkKk0XefO8/gnlwTQAg330NHtSE0OJmYSfoOEPqca
Pd4HdSCoFLKBoNy8jiMP6CfJ+PgqVqv2n4k+lZq+9jWcDC40ji6Nfz/hUdunk12h
J6qcwpLaZc/cxgNgEG/5wjwPBJHmgN3nJS2jtTtsYw3K5zwQ0ctSzv62dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZJ17nGVXM684lLd08WcsneM6BxMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdGtuWHVjWlZjenJ6aVV0M1R4Wnl5ZDR6b0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURaNMA0G
CSqGSIb3DQEBCwUAA4IBAQBuVeGE90NghtrLLNwSZewJe18LKXj8q3Kh/i/LQVny
DGe2FPGvLou09kO0bASuTSeZleR3Jb5XRE11yWh/H4MJwViQZhVX03D9etvUFHRK
DZ5/TjnrOkE7jwYgI1HkfrVZTYvmSdGdgClQWsJ7IaUvzlznLyuRebDjF3Fw91uD
EqKpa9dFGrbBnfpgeNMfHgkQZG6JhWPz/J5BnrTf+yP8FuZJuGSVN38FfhXYQj/w
PNoG954sgSVxngIomDw21nYGml2YC6hdpeI+BPh9OE08VkIaf6pHPE/FrH80aVff
2B0t/ZoCeLMorJG1FD/mkQu6h+gEaedun0wIHzT8oxTN
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:27:23 2025 by rpki-client