Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/TKoxALo9u8PRYJQQjNMDBzOManE.roa
File: TKoxALo9u8PRYJQQjNMDBzOManE.roa (raw, json)
Hash identifier: e6LRQQhGn2Pm43QUsi5AMgfehOrdW1tISUFnEIiJny4=
Subject key identifier: 4C:AA:31:00:BA:3D:BB:C3:D1:60:94:10:8C:D3:03:07:33:8C:6A:71
Certificate issuer: /CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Certificate serial: 0194228E0FBD24D8C076272EF05176246BFB
Authority key identifier: 70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/TKoxALo9u8PRYJQQjNMDBzOManE.roa
Signing time: Wed 01 Jan 2025 15:48:42 +0000
ROA not before: Wed 01 Jan 2025 15:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50358
IP address blocks: 91.241.88.0/22 maxlen: 24
195.191.50.0/23 maxlen: 24
2001:67c:26a0::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0f:bd:24:d8:c0:76:27:2e:f0:51:76:24:6b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Validity
Not Before: Jan 1 15:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4caa3100ba3dbbc3d16094108cd30307338c6a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6e:d0:14:15:33:65:c9:89:26:9c:ae:c4:ce:
d2:e6:53:ad:bf:40:73:6b:ac:36:18:69:40:75:59:
06:3a:f0:a7:83:81:6f:c9:05:1f:06:3e:21:27:ea:
45:73:29:13:af:cf:56:f9:df:69:99:71:31:45:a4:
23:5b:a1:ae:66:e4:99:83:68:2d:b8:81:9a:c9:82:
08:34:39:4d:b2:0f:5a:c6:4e:34:fd:db:f8:04:b1:
1c:76:ea:0a:6f:6f:72:84:c5:18:b7:bf:9b:62:3c:
03:ce:89:30:b8:37:15:17:3a:5b:e2:fc:d2:19:84:
39:98:a3:94:63:a0:2d:44:b0:c5:49:cf:c6:27:54:
a2:0c:fa:0d:fc:47:7b:c7:af:aa:99:17:9e:f1:fd:
a3:33:6a:48:d4:da:cb:92:ff:a4:52:0f:de:04:2f:
49:e9:b8:c0:39:76:c7:77:2b:b3:77:7d:12:d2:7a:
86:f3:f8:2d:ed:ac:c0:31:11:28:07:bf:45:d9:82:
7a:37:07:f5:ab:e8:a9:9e:f3:d1:6b:dd:39:45:af:
34:a7:34:d3:24:50:5d:2d:2b:11:77:e1:ca:67:87:
cb:12:cf:fc:70:3a:ab:94:ce:e2:48:97:e7:50:bd:
17:da:7a:0b:23:e1:a3:ad:50:dc:7c:ac:34:fe:93:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AA:31:00:BA:3D:BB:C3:D1:60:94:10:8C:D3:03:07:33:8C:6A:71
X509v3 Authority Key Identifier:
keyid:70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/TKoxALo9u8PRYJQQjNMDBzOManE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.88.0/22
195.191.50.0/23
IPv6:
2001:67c:26a0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:91:e2:3a:f8:b0:78:27:29:a5:28:53:ac:6e:db:41:98:f4:
4b:ba:4a:70:d2:4a:95:7c:56:8e:ae:37:fb:00:84:98:ac:b4:
e2:15:8a:57:59:36:d7:db:f2:d9:7c:15:3f:c5:76:af:78:88:
fa:57:68:9f:66:51:54:41:69:91:8b:f9:35:45:12:14:d6:1a:
c7:1f:84:83:0c:60:0f:21:6b:3d:1c:52:c2:25:85:97:cd:10:
9c:c7:be:0e:1d:dd:d2:8f:dc:a4:18:f2:2a:f9:95:94:06:fa:
d0:26:fb:db:69:b6:d5:f5:cc:52:11:4c:4d:fd:61:94:a5:a7:
30:aa:a2:76:a2:73:90:da:cf:d7:66:bb:28:51:bb:ee:60:b1:
11:24:43:88:7e:7c:1f:5f:80:5e:c8:f0:2d:fc:96:51:a2:39:
7c:ca:f8:52:a9:c0:3b:4c:ab:ac:a6:91:0d:d6:0f:c4:c5:14:
1c:d4:46:c8:d7:37:c7:cf:7e:ae:2f:39:ab:70:cb:84:c2:0c:
47:0d:ff:bd:53:0b:1c:eb:f2:03:05:2f:e5:e4:3c:58:1a:ae:
dc:c1:df:6c:a4:c7:a5:d8:8c:a0:78:5e:a2:78:09:cf:13:6c:
ac:63:dd:a8:ee:92:1e:1b:de:54:03:7f:cf:a8:ba:47:43:79:
50:a1:a9:19
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijg+9JNjAdicu8FF2JGv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWRlMTUyOTA2NjY0YWU3YWM5ZjIwODdhYzRkMDA2ODVh
NWQ3ZjAwHhcNMjUwMTAxMTU0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FhMzEwMGJhM2RiYmMzZDE2MDk0MTA4Y2QzMDMwNzMzOGM2YTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG7QFBUzZcmJJpyuxM7S5lOtv0Bz
a6w2GGlAdVkGOvCng4FvyQUfBj4hJ+pFcykTr89W+d9pmXExRaQjW6GuZuSZg2gt
uIGayYIINDlNsg9axk40/dv4BLEcduoKb29yhMUYt7+bYjwDzokwuDcVFzpb4vzS
GYQ5mKOUY6AtRLDFSc/GJ1SiDPoN/Ed7x6+qmRee8f2jM2pI1NrLkv+kUg/eBC9J
6bjAOXbHdyuzd30S0nqG8/gt7azAMREoB79F2YJ6Nwf1q+ipnvPRa905Ra80pzTT
JFBdLSsRd+HKZ4fLEs/8cDqrlM7iSJfnUL0X2noLI+GjrVDcfKw0/pOMhwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEyqMQC6PbvD0WCUEIzTAwczjGpxMB8GA1UdIwQY
MBaAFHBd4VKQZmSuesnyCHrE0AaFpdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQt
ZjU2MTg0NzdmOGQ0LzEvVEtveEFMbzl1OFBSWUpRUWpOTURCek9NYW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQtZjU2MTg0NzdmOGQ0
LzEvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW/FYAwQB
w78yMA8EAgACMAkDBwAgAQZ8JqAwDQYJKoZIhvcNAQELBQADggEBABqR4jr4sHgn
KaUoU6xu20GY9Eu6SnDSSpV8Vo6uN/sAhJistOIVildZNtfb8tl8FT/Fdq94iPpX
aJ9mUVRBaZGL+TVFEhTWGscfhIMMYA8haz0cUsIlhZfNEJzHvg4d3dKP3KQY8ir5
lZQG+tAm+9tpttX1zFIRTE39YZSlpzCqonaic5Daz9dmuyhRu+5gsREkQ4h+fB9f
gF7I8C38llGiOXzK+FKpwDtMq6ymkQ3WD8TFFBzURsjXN8fPfq4vOatwy4TCDEcN
/71TCxzr8gMFL+XkPFgartzB32ykx6XYjKB4XqJ4Cc8TbKxj3ajukh4b3lQDf8+o
ukdDeVChqRk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:45 2025 by rpki-client