Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/TPgrv3-Rz1uG7sBK9Ywwao2cQ9E.roa
File: TPgrv3-Rz1uG7sBK9Ywwao2cQ9E.roa (raw, json)
Hash identifier: ZyBXgBAANbwNEAytjzMmGl4UbJNZMOlMnvPElhDeYkc=
Subject key identifier: 4C:F8:2B:BF:7F:91:CF:5B:86:EE:C0:4A:F5:8C:30:6A:8D:9C:43:D1
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D7731781E49DCF0C1166068FE29C00
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/TPgrv3-Rz1uG7sBK9Ywwao2cQ9E.roa
Signing time: Wed 01 Jan 2025 21:48:29 +0000
ROA not before: Wed 01 Jan 2025 21:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211975
IP address blocks: 31.47.239.0/24 maxlen: 24
94.247.46.0/23 maxlen: 24
178.251.225.0/24 maxlen: 24
178.251.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:73:17:81:e4:9d:cf:0c:11:66:06:8f:e2:9c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cf82bbf7f91cf5b86eec04af58c306a8d9c43d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:e2:f9:2d:e9:de:d9:43:0e:a4:0a:0e:ef:
ec:f3:a9:ab:62:f0:11:47:55:85:7a:c8:09:e6:0d:
9b:60:67:8a:99:1b:ac:59:4c:6f:2f:aa:79:77:63:
c1:5b:15:24:7b:24:61:d8:e3:3b:c2:76:38:ef:a8:
74:db:08:cb:1c:73:53:1d:36:ee:5c:d2:0c:a8:c5:
0f:03:bc:00:0d:58:48:30:09:47:b4:02:0a:fc:a8:
d9:63:88:f8:03:bc:54:78:08:e3:1a:ad:a1:b4:66:
a3:1e:2b:e5:7d:3e:4c:10:53:1a:33:34:b0:9d:e0:
97:d0:ae:cc:0c:a0:27:09:61:40:12:24:ca:dd:7d:
1e:f3:48:b6:9e:a9:41:ee:e5:cd:62:8e:37:ce:89:
09:89:f3:76:7b:6c:8e:12:06:02:35:db:d8:98:e6:
bc:21:07:74:02:e6:6a:b7:15:da:7f:5b:46:f6:ae:
b3:9f:a2:59:0f:33:37:ea:de:76:66:18:05:7b:fe:
ab:cc:17:1c:72:54:57:60:c6:ea:ad:8e:85:17:35:
e5:2c:36:65:96:7a:22:04:19:4c:2a:ec:e2:f5:b5:
45:1b:4c:59:8b:80:44:fd:53:11:15:6a:bd:cc:62:
bb:0c:b1:73:9f:73:fd:8b:58:26:7c:d0:42:c1:da:
24:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F8:2B:BF:7F:91:CF:5B:86:EE:C0:4A:F5:8C:30:6A:8D:9C:43:D1
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/TPgrv3-Rz1uG7sBK9Ywwao2cQ9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.239.0/24
94.247.46.0/23
178.251.225.0/24
178.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e6:3a:62:06:f7:71:77:c4:bb:f2:9f:f2:12:5a:06:cf:1b:
e0:24:b7:7a:88:5f:87:c6:30:3b:9f:e4:da:81:97:aa:a9:ec:
21:80:7a:f6:e5:6c:c1:3c:1c:fc:41:13:51:61:af:32:58:4d:
9f:57:61:38:48:5a:f3:29:de:64:74:8c:50:01:80:a6:53:a0:
83:0f:ef:04:15:a8:4b:b6:32:55:c9:fb:8b:77:31:31:20:83:
d6:9e:bd:b4:28:20:78:a9:e7:ff:9f:26:f3:d5:e7:95:6d:b8:
dc:ce:bd:a7:9e:29:9d:0e:11:2d:6e:3a:e8:12:78:04:d4:fb:
92:4c:41:65:e9:f8:97:7b:99:fa:83:4f:6d:18:d4:4b:6e:56:
a1:42:9f:7c:29:f5:64:a4:a4:26:5f:50:02:48:a5:b9:3b:75:
4c:ac:42:dd:c5:49:a8:cb:d2:4e:19:85:7e:3a:48:90:39:23:
96:82:1a:26:7c:e4:ac:ea:62:fd:eb:49:64:34:a6:8f:21:b1:
6d:af:85:16:a9:10:d0:89:60:34:b4:f7:d1:9b:11:f5:7b:81:
95:45:3a:f0:a0:e3:26:bc:c0:8c:51:47:a8:d9:66:93:c4:d1:
75:ce:4c:f1:72:27:d2:b2:30:dd:3d:bf:9b:04:e6:af:b6:c1:
54:a7:5a:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj13MXgeSdzwwRZgaP4pwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y4MmJiZjdmOTFjZjViODZlZWMwNGFmNThjMzA2YThkOWM0M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFri+S3p3tlDDqQKDu/s86mrYvAR
R1WFesgJ5g2bYGeKmRusWUxvL6p5d2PBWxUkeyRh2OM7wnY476h02wjLHHNTHTbu
XNIMqMUPA7wADVhIMAlHtAIK/KjZY4j4A7xUeAjjGq2htGajHivlfT5MEFMaMzSw
neCX0K7MDKAnCWFAEiTK3X0e80i2nqlB7uXNYo43zokJifN2e2yOEgYCNdvYmOa8
IQd0AuZqtxXaf1tG9q6zn6JZDzM36t52ZhgFe/6rzBccclRXYMbqrY6FFzXlLDZl
lnoiBBlMKuzi9bVFG0xZi4BE/VMRFWq9zGK7DLFzn3P9i1gmfNBCwdokkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEz4K79/kc9bhu7ASvWMMGqNnEPRMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvVFBncnYzLVJ6MXVHN3NCSzlZd3dhbzJjUTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHy/vAwQB
XvcuAwQAsvvhAwQAsvvnMA0GCSqGSIb3DQEBCwUAA4IBAQA55jpiBvdxd8S78p/y
EloGzxvgJLd6iF+HxjA7n+TagZeqqewhgHr25WzBPBz8QRNRYa8yWE2fV2E4SFrz
Kd5kdIxQAYCmU6CDD+8EFahLtjJVyfuLdzExIIPWnr20KCB4qef/nybz1eeVbbjc
zr2nnimdDhEtbjroEngE1PuSTEFl6fiXe5n6g09tGNRLblahQp98KfVkpKQmX1AC
SKW5O3VMrELdxUmoy9JOGYV+OkiQOSOWghomfOSs6mL960lkNKaPIbFtr4UWqRDQ
iWA0tPfRmxH1e4GVRTrwoOMmvMCMUUeo2WaTxNF1zkzxcifSsjDdPb+bBOavtsFU
p1pC
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:43:11 2025 by rpki-client