Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/TC3vIZNyLyWMOmczSRqgj7XrAsc.roa
File: TC3vIZNyLyWMOmczSRqgj7XrAsc.roa (raw, json)
Hash identifier: vtaXLlAksqvijMS2vKyzTr/rHCL1K9PWUclBwfIJ7BY=
Subject key identifier: 4C:2D:EF:21:93:72:2F:25:8C:3A:67:33:49:1A:A0:8F:B5:EB:02:C7
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBBF735F1F164581BB10444FEEED41
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/TC3vIZNyLyWMOmczSRqgj7XrAsc.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396559
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bf:73:5f:1f:16:45:81:bb:10:44:4f:ee:ed:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c2def2193722f258c3a6733491aa08fb5eb02c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4c:5a:00:c2:21:78:e3:32:90:b7:63:fe:a0:
a0:67:79:fc:ca:a4:84:bf:01:f5:44:d9:7e:0d:ab:
32:46:d5:8c:21:c4:f9:98:45:5e:8d:32:ac:95:9f:
44:83:f5:41:39:15:8f:7c:ee:d6:9f:80:3e:1f:ad:
76:4a:51:ae:bb:cd:ac:84:97:5a:14:3d:43:de:49:
cf:d5:7f:04:03:c1:c7:23:ee:1b:a1:d0:2f:ef:44:
57:70:fa:15:f4:2b:62:6d:2c:9b:c3:83:32:e7:6a:
56:b0:0d:97:eb:03:83:4d:c5:ee:d4:9b:a8:4a:9f:
fe:36:30:2c:e4:45:62:f6:3e:ac:6e:1d:e9:59:2b:
7d:f8:de:db:81:b1:eb:df:53:a4:03:bc:72:b6:e9:
a7:17:0a:cf:6f:a5:5e:19:8e:29:74:ce:b6:de:a4:
d7:e9:30:dd:3e:55:6b:46:86:d3:67:5b:eb:3e:0e:
ef:27:8c:f7:72:59:89:b9:a0:a8:d6:31:39:f6:1b:
db:fa:09:f6:df:2d:d2:93:01:5f:cd:f8:5f:24:1c:
13:4f:47:f1:89:30:e8:56:03:83:bb:49:c6:22:da:
92:49:e7:05:5e:38:32:05:ba:d3:32:49:12:09:70:
ce:26:2d:79:78:a4:62:6f:10:6a:b4:8d:ce:b4:75:
74:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2D:EF:21:93:72:2F:25:8C:3A:67:33:49:1A:A0:8F:B5:EB:02:C7
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/TC3vIZNyLyWMOmczSRqgj7XrAsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
ab:c0:ae:4e:84:46:6b:05:46:a1:5e:86:75:49:f3:e1:17:43:
ca:8b:cc:ab:89:8f:95:61:a0:bb:6c:5b:cf:5e:bd:b6:ed:83:
6b:f1:2a:ce:9c:06:00:02:32:6b:75:f0:04:77:c6:4b:15:2d:
7f:b4:3c:26:f2:e4:d6:86:a4:e8:76:6c:3a:c1:df:1e:d3:2d:
31:e8:a3:3d:cd:44:2d:39:3d:3c:91:99:a0:ef:3c:db:75:bd:
0a:36:0b:7e:9a:1d:87:12:27:00:0f:ea:dc:07:82:87:8f:b0:
70:b0:11:24:8a:0a:b6:de:47:34:e1:dc:e4:54:8f:26:2c:7c:
24:50:11:87:20:91:ca:9b:19:d0:c7:2f:d9:a1:15:db:b7:ca:
02:38:d8:73:42:ec:4c:73:83:b3:0b:d9:42:c5:61:df:cb:c0:
ed:d0:05:a5:2c:85:85:7c:ea:8a:3d:c3:45:6b:62:3b:ca:b8:
61:7f:d8:d1:7b:66:83:88:54:b1:6c:6e:0e:a4:df:81:73:c2:
1b:c9:83:29:3e:bb:ef:3a:8e:2d:63:bd:e7:ae:59:4e:f3:77:
25:9a:1f:17:f4:2b:03:24:0f:48:a8:27:de:0a:ba:af:b8:29:
fe:87:73:47:b9:79:d8:ce:cf:3f:e6:98:47:7b:36:01:99:ae:
3b:e4:cb:c2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+79zXx8WRYG7EERP7u1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzJkZWYyMTkzNzIyZjI1OGMzYTY3MzM0OTFhYTA4ZmI1ZWIwMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUxaAMIheOMykLdj/qCgZ3n8yqSE
vwH1RNl+DasyRtWMIcT5mEVejTKslZ9Eg/VBORWPfO7Wn4A+H612SlGuu82shJda
FD1D3knP1X8EA8HHI+4bodAv70RXcPoV9CtibSybw4My52pWsA2X6wODTcXu1Juo
Sp/+NjAs5EVi9j6sbh3pWSt9+N7bgbHr31OkA7xytumnFwrPb6VeGY4pdM623qTX
6TDdPlVrRobTZ1vrPg7vJ4z3clmJuaCo1jE59hvb+gn23y3SkwFfzfhfJBwTT0fx
iTDoVgODu0nGItqSSecFXjgyBbrTMkkSCXDOJi15eKRibxBqtI3OtHV0PQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEwt7yGTci8ljDpnM0kaoI+16wLHMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvVEMzdklaTnlMeVdNT21jelNScWdqN1hyQXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAKvArk6ERmsFRqFehnVJ8+EXQ8qLzKuJ
j5VhoLtsW89evbbtg2vxKs6cBgACMmt18AR3xksVLX+0PCby5NaGpOh2bDrB3x7T
LTHooz3NRC05PTyRmaDvPNt1vQo2C36aHYcSJwAP6twHgoePsHCwESSKCrbeRzTh
3ORUjyYsfCRQEYcgkcqbGdDHL9mhFdu3ygI42HNC7Exzg7ML2ULFYd/LwO3QBaUs
hYV86oo9w0VrYjvKuGF/2NF7ZoOIVLFsbg6k34FzwhvJgyk+u+86ji1jveeuWU7z
dyWaHxf0KwMkD0ioJ94Kuq+4Kf6Hc0e5edjOzz/mmEd7NgGZrjvky8I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:23 2025 by rpki-client