Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/tSkgtw28-Km5F0YiHIf1O1pkoXI.roa
File: tSkgtw28-Km5F0YiHIf1O1pkoXI.roa (raw, json)
Hash identifier: 0ECcSRlX4TniqxVIh1N6rLlLbSyp1biqLJH1F5jVobk=
Subject key identifier: B5:29:20:B7:0D:BC:F8:A9:B9:17:46:22:1C:87:F5:3B:5A:64:A1:72
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 0194266AC988E6E75E2359AE8DE0E254C1D7
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/tSkgtw28-Km5F0YiHIf1O1pkoXI.roa
Signing time: Thu 02 Jan 2025 09:48:40 +0000
ROA not before: Thu 02 Jan 2025 09:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211588
IP address blocks: 185.229.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:c9:88:e6:e7:5e:23:59:ae:8d:e0:e2:54:c1:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 2 09:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b52920b70dbcf8a9b91746221c87f53b5a64a172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:a6:26:64:7b:c1:eb:47:70:6b:98:49:c0:
c3:97:01:ee:ef:da:4e:57:65:be:8c:14:81:64:51:
6c:35:2c:38:b5:0a:7d:69:d8:ae:4d:a4:86:57:ab:
98:a9:97:6c:16:d8:d7:90:70:1a:9f:f9:70:90:75:
80:21:00:56:54:80:22:58:c6:26:e2:d1:65:2d:0c:
5b:ad:d0:10:13:b7:a9:04:3b:8d:ad:e3:b2:d3:3b:
fa:4c:7f:1e:12:ff:1c:03:7b:b7:86:5c:82:f5:31:
80:57:fc:1b:23:cb:33:26:6d:8c:9b:6b:99:1c:bd:
17:01:7b:54:4f:0f:d1:d6:77:64:62:e7:36:5c:a5:
eb:ba:b3:7e:a4:29:af:71:f4:02:7e:78:86:dd:31:
2a:54:de:3d:e9:6c:2e:bf:93:80:f3:a7:2a:27:ca:
74:61:58:c6:c3:96:8f:c8:b7:c7:e2:ef:b6:11:98:
b6:87:19:45:b5:76:9b:e4:3d:c7:98:a9:09:a4:a3:
4d:46:02:fc:1d:fb:cd:4b:84:df:a9:61:56:dd:6e:
52:89:1b:b8:5f:c7:a1:51:8f:e5:0f:78:b9:38:de:
0c:14:2a:2b:ee:6f:c6:f8:81:b1:3b:d0:0e:6b:f4:
df:9b:5d:c0:07:69:b3:47:3f:61:87:c7:8f:3e:59:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:29:20:B7:0D:BC:F8:A9:B9:17:46:22:1C:87:F5:3B:5A:64:A1:72
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/tSkgtw28-Km5F0YiHIf1O1pkoXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.33.0/24
Signature Algorithm: sha256WithRSAEncryption
06:7e:39:45:84:d7:12:e0:cd:c8:df:6d:d6:c5:e3:44:62:27:
fd:a0:64:c6:e6:aa:a5:68:38:02:ff:eb:d8:80:99:13:23:eb:
f2:af:e2:ad:83:a8:e9:47:51:77:0f:96:f5:0d:6a:6e:56:e0:
f0:84:65:33:a7:ec:bf:6e:bc:5e:3b:5f:31:d9:47:50:dd:cb:
04:44:f0:c6:f7:3e:97:72:c0:51:bb:a2:bb:c7:6a:34:84:8c:
fb:19:d3:21:60:75:cd:4d:1f:c2:4f:0b:30:a2:63:6f:64:c1:
36:79:3b:86:41:06:78:e7:99:b9:fe:9c:40:c4:c2:49:e5:f2:
45:c0:cf:2d:5f:6f:45:77:6f:35:bd:9c:d8:a6:76:56:45:93:
04:35:55:e5:b0:af:9c:99:b7:bf:80:11:0a:35:84:55:79:f2:
23:15:52:7e:ea:cc:17:56:75:36:7e:07:54:b5:2a:5f:0b:76:
2b:e5:6f:ea:52:cb:65:32:cc:fa:d6:fb:90:ef:a5:1d:56:fb:
0e:3d:67:a9:53:f0:85:df:dd:77:28:25:be:e1:9c:3d:3e:42:
51:0f:8f:0e:b9:c5:9e:17:4f:3c:2a:77:0b:d2:7f:c9:c3:5b:
b8:c0:11:db:a5:9a:03:40:0b:90:34:ed:03:58:bd:bf:32:1d:
cc:b5:83:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmasmI5udeI1mujeDiVMHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjUwMTAyMDk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI5MjBiNzBkYmNmOGE5YjkxNzQ2MjIxYzg3ZjUzYjVhNjRhMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmWmJmR7wetHcGuYScDDlwHu79pO
V2W+jBSBZFFsNSw4tQp9adiuTaSGV6uYqZdsFtjXkHAan/lwkHWAIQBWVIAiWMYm
4tFlLQxbrdAQE7epBDuNreOy0zv6TH8eEv8cA3u3hlyC9TGAV/wbI8szJm2Mm2uZ
HL0XAXtUTw/R1ndkYuc2XKXrurN+pCmvcfQCfniG3TEqVN496Wwuv5OA86cqJ8p0
YVjGw5aPyLfH4u+2EZi2hxlFtXab5D3HmKkJpKNNRgL8HfvNS4TfqWFW3W5SiRu4
X8ehUY/lD3i5ON4MFCor7m/G+IGxO9AOa/Tfm13AB2mzRz9hh8ePPllwXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUpILcNvPipuRdGIhyH9TtaZKFyMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvdFNrZ3R3MjgtS201RjBZaUhJZjFPMXBrb1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueUhMA0G
CSqGSIb3DQEBCwUAA4IBAQAGfjlFhNcS4M3I323WxeNEYif9oGTG5qqlaDgC/+vY
gJkTI+vyr+Ktg6jpR1F3D5b1DWpuVuDwhGUzp+y/brxeO18x2UdQ3csERPDG9z6X
csBRu6K7x2o0hIz7GdMhYHXNTR/CTwswomNvZME2eTuGQQZ455m5/pxAxMJJ5fJF
wM8tX29Fd281vZzYpnZWRZMENVXlsK+cmbe/gBEKNYRVefIjFVJ+6swXVnU2fgdU
tSpfC3Yr5W/qUstlMsz61vuQ76UdVvsOPWepU/CF3913KCW+4Zw9PkJRD48OucWe
F088KncL0n/Jw1u4wBHbpZoDQAuQNO0DWL2/Mh3MtYPP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:32 2025 by rpki-client