Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/TP9gFKgxBg6Q0nRcWGidlz7qFCE.roa
File: TP9gFKgxBg6Q0nRcWGidlz7qFCE.roa (raw, json)
Hash identifier: jhQI7t+AgP6hvPj91hzIOl0xoOYJULkePtGE660/ydE=
Subject key identifier: 4C:FF:60:14:A8:31:06:0E:90:D2:74:5C:58:68:9D:97:3E:EA:14:21
Certificate issuer: /CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Certificate serial: 0194EFC51DE0588CAA8F58A9752AFE51877D
Authority key identifier: 93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/TP9gFKgxBg6Q0nRcWGidlz7qFCE.roa
Signing time: Mon 10 Feb 2025 12:11:00 +0000
ROA not before: Mon 10 Feb 2025 12:11:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214438
IP address blocks: 62.169.158.0/23 maxlen: 24
185.216.20.0/24 maxlen: 24
185.216.21.0/24 maxlen: 24
185.216.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:c5:1d:e0:58:8c:aa:8f:58:a9:75:2a:fe:51:87:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ece780dfda43ab4a841727eb20d71fc76528bc
Validity
Not Before: Feb 10 12:11:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cff6014a831060e90d2745c58689d973eea1421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:db:ce:1e:46:39:a0:3f:aa:10:13:09:84:33:
fb:9d:75:a4:bc:73:95:20:d5:46:aa:d5:f6:29:0b:
0a:5a:a3:17:4a:51:08:e8:f1:a7:03:ea:ac:a1:94:
e9:45:5b:d3:67:c0:75:f5:98:32:41:de:1c:97:8f:
17:cc:d8:c9:df:25:47:b9:bd:2d:d4:db:a4:87:49:
dc:f4:fd:ec:54:4f:bf:23:22:d0:5e:84:e4:1e:22:
db:90:0c:d2:cb:73:d3:4a:e5:f4:fc:4e:c4:9f:4d:
11:c0:75:65:c4:72:c9:3d:4a:3d:e5:58:0e:2d:d4:
cc:90:5a:b9:0c:cc:40:82:57:9d:1f:31:5b:a9:d5:
80:61:1f:e6:43:04:14:02:c9:1d:d5:4b:dd:43:0e:
e3:33:44:f6:34:54:40:d6:d9:17:e2:05:2f:ae:4c:
82:47:1f:a3:16:de:9b:3a:ea:5b:ca:c7:83:32:ec:
70:ed:dd:43:ff:1c:33:a8:be:d7:9c:24:9a:d0:d5:
2f:00:80:11:c3:7f:fb:c9:6a:2a:18:9e:49:d1:96:
b5:dd:f9:98:bc:8b:75:4f:23:1c:9e:55:c9:72:5a:
1a:de:85:7c:7d:26:36:bc:08:c9:c0:31:2b:63:16:
96:4b:93:35:b6:79:28:4f:d2:72:eb:34:45:bf:ad:
c5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FF:60:14:A8:31:06:0E:90:D2:74:5C:58:68:9D:97:3E:EA:14:21
X509v3 Authority Key Identifier:
keyid:93:EC:E7:80:DF:DA:43:AB:4A:84:17:27:EB:20:D7:1F:C7:65:28:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-zngN_aQ6tKhBcn6yDXH8dlKLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/TP9gFKgxBg6Q0nRcWGidlz7qFCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7fa943-9ea6-4068-b6ae-a4d413d7f89c/1/k-zngN_aQ6tKhBcn6yDXH8dlKLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.158.0/23
185.216.20.0-185.216.22.255
Signature Algorithm: sha256WithRSAEncryption
ba:dc:6a:ef:ba:94:7a:a6:06:4c:ef:45:58:82:c0:fb:d8:06:
4f:bf:3d:68:62:7c:d4:a2:26:82:f2:4d:7d:ec:a8:1a:45:49:
2d:63:32:52:f9:89:30:2e:4d:cc:4c:2e:7a:13:3f:29:83:5f:
e0:92:e6:8b:31:ae:f2:c5:8c:f0:62:8e:73:63:84:4e:c1:de:
0e:2a:3e:43:7b:77:0b:90:0e:92:87:de:db:e1:a5:1d:ea:47:
63:fe:ed:f0:8b:0b:29:bd:2f:cf:28:84:75:72:43:5d:4f:80:
27:92:9e:e1:90:8e:80:88:6e:6f:6c:de:0f:70:b0:7c:e3:40:
59:78:05:56:33:64:41:17:7e:8b:a1:4b:8f:25:e6:6f:ed:d7:
fe:61:08:05:1a:d0:59:d7:f2:c1:b6:f0:8f:16:38:0b:64:07:
e5:8a:8c:e3:b3:6f:59:eb:b5:1c:7b:d8:24:78:b1:0a:3b:98:
1e:f9:9e:73:8e:98:aa:a4:5f:f0:64:d8:a6:82:ca:72:68:c5:
3d:76:72:67:f1:04:d6:be:42:cc:65:95:be:eb:2b:2a:07:0a:
e4:df:b1:54:24:7a:95:cd:df:7e:cd:59:be:7e:49:5f:02:a7:
b3:8a:39:57:06:d3:10:ef:5c:5f:e6:a5:1f:67:98:12:11:7a:
8f:8d:2e:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTvxR3gWIyqj1ipdSr+UYd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWNlNzgwZGZkYTQzYWI0YTg0MTcyN2ViMjBkNzFmYzc2
NTI4YmMwHhcNMjUwMjEwMTIxMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZmNjAxNGE4MzEwNjBlOTBkMjc0NWM1ODY4OWQ5NzNlZWExNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dvOHkY5oD+qEBMJhDP7nXWkvHOV
INVGqtX2KQsKWqMXSlEI6PGnA+qsoZTpRVvTZ8B19ZgyQd4cl48XzNjJ3yVHub0t
1Nukh0nc9P3sVE+/IyLQXoTkHiLbkAzSy3PTSuX0/E7En00RwHVlxHLJPUo95VgO
LdTMkFq5DMxAgledHzFbqdWAYR/mQwQUAskd1UvdQw7jM0T2NFRA1tkX4gUvrkyC
Rx+jFt6bOupbyseDMuxw7d1D/xwzqL7XnCSa0NUvAIARw3/7yWoqGJ5J0Za13fmY
vIt1TyMcnlXJcloa3oV8fSY2vAjJwDErYxaWS5M1tnkoT9Jy6zRFv63FRwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEz/YBSoMQYOkNJ0XFhonZc+6hQhMB8GA1UdIwQY
MBaAFJPs54Df2kOrSoQXJ+sg1x/HZSi8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUt
YTRkNDEzZDdmODljLzEvVFA5Z0ZLZ3hCZzZRMG5SY1dHaWRsejdxRkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83ZmE5NDMtOWVhNi00MDY4LWI2YWUtYTRkNDEzZDdmODlj
LzEvay16bmdOX2FRNnRLaEJjbjZ5RFhIOGRsS0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBPqmeMAwD
BAK52BQDBAC52BYwDQYJKoZIhvcNAQELBQADggEBALrcau+6lHqmBkzvRViCwPvY
Bk+/PWhifNSiJoLyTX3sqBpFSS1jMlL5iTAuTcxMLnoTPymDX+CS5osxrvLFjPBi
jnNjhE7B3g4qPkN7dwuQDpKH3tvhpR3qR2P+7fCLCym9L88ohHVyQ11PgCeSnuGQ
joCIbm9s3g9wsHzjQFl4BVYzZEEXfouhS48l5m/t1/5hCAUa0FnX8sG28I8WOAtk
B+WKjOOzb1nrtRx72CR4sQo7mB75nnOOmKqkX/Bk2KaCynJoxT12cmfxBNa+Qsxl
lb7rKyoHCuTfsVQkepXN337NWb5+SV8Cp7OKOVcG0xDvXF/mpR9nmBIReo+NLsE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:21 2025 by rpki-client