Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/tktnNkqo-Ucay9gG5szDFherVRo.roa
File: tktnNkqo-Ucay9gG5szDFherVRo.roa (raw, json)
Hash identifier: fENlsqvH8zzdUmZ9S6kxqqHzh2VPnW1ALr3bQ6F8fDs=
Subject key identifier: B6:4B:67:36:4A:A8:F9:47:1A:CB:D8:06:E6:CC:C3:16:17:AB:55:1A
Certificate issuer: /CN=090fac7852b42d1e6b1c3f0f29d13ce5e9ecb2d6
Certificate serial: 019427463DAA9AA805843FF673AEAFB40274
Authority key identifier: 09:0F:AC:78:52:B4:2D:1E:6B:1C:3F:0F:29:D1:3C:E5:E9:EC:B2:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ-seFK0LR5rHD8PKdE85ensstY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/tktnNkqo-Ucay9gG5szDFherVRo.roa
Signing time: Thu 02 Jan 2025 13:48:22 +0000
ROA not before: Thu 02 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24837
IP address blocks: 185.108.196.0/23 maxlen: 23
185.108.198.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:3d:aa:9a:a8:05:84:3f:f6:73:ae:af:b4:02:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090fac7852b42d1e6b1c3f0f29d13ce5e9ecb2d6
Validity
Not Before: Jan 2 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b64b67364aa8f9471acbd806e6ccc31617ab551a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:17:0d:ce:42:f5:76:ee:37:53:ae:e6:d6:30:
54:5f:8c:24:6c:cb:32:69:9e:24:fc:e9:fc:26:d6:
25:7b:e0:da:b9:c7:48:9a:83:5f:80:0c:f8:60:6a:
a7:1e:01:3a:fa:a6:d2:ec:c8:fa:fe:c4:c9:1a:56:
01:2d:dc:68:13:ea:04:8a:57:cb:8b:82:c4:6a:35:
d0:85:0e:3a:4a:96:7c:15:76:c0:71:74:92:21:fe:
27:80:38:1b:9f:63:16:f6:df:46:59:93:9d:53:06:
66:4b:30:b9:19:95:67:08:9f:2e:17:18:a4:b1:a5:
ff:c9:e2:19:d6:27:3b:44:e4:32:74:bd:2c:87:8b:
04:5b:b3:c5:9a:6f:6a:14:fd:be:68:73:49:69:c4:
4e:fc:98:2c:67:be:a9:74:93:47:17:89:b9:7b:be:
2c:4e:2d:e6:32:03:41:02:92:4b:23:2c:fb:75:ab:
cd:16:fd:84:95:2a:5a:d4:31:f7:52:d8:f1:ac:86:
84:6f:75:c6:e2:6f:92:e8:81:f3:bd:7e:a9:f8:f5:
d0:57:6a:3a:52:2e:1c:b5:84:08:37:e5:dd:44:02:
75:09:47:e8:5b:1a:9b:e6:45:61:d6:c9:ad:85:24:
57:ba:6e:c6:ed:4b:26:f2:df:ff:4f:b3:94:80:ce:
6c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:67:36:4A:A8:F9:47:1A:CB:D8:06:E6:CC:C3:16:17:AB:55:1A
X509v3 Authority Key Identifier:
keyid:09:0F:AC:78:52:B4:2D:1E:6B:1C:3F:0F:29:D1:3C:E5:E9:EC:B2:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ-seFK0LR5rHD8PKdE85ensstY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/tktnNkqo-Ucay9gG5szDFherVRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8710ba-fb59-466b-9e6b-e898681bc89e/1/CQ-seFK0LR5rHD8PKdE85ensstY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.196.0/22
Signature Algorithm: sha256WithRSAEncryption
11:5d:bd:15:bd:4c:9f:84:16:ee:ca:74:be:ef:23:e5:86:bf:
a8:97:70:f0:f8:f2:d6:bd:5b:73:ca:08:86:4b:77:f2:11:42:
de:24:41:f0:27:20:a6:e6:cb:3b:54:e9:20:87:82:de:a7:db:
e9:ed:77:cd:f3:7d:97:73:b9:28:32:69:9b:fe:df:bf:91:e5:
46:0e:23:b2:ce:0b:c0:5a:87:c5:47:a4:61:62:2d:d7:0b:d8:
47:2d:6d:5f:3b:5f:1e:78:4c:4b:d2:c6:88:e7:ea:d4:8c:c0:
ee:2b:5c:db:03:3c:bb:7c:7c:b7:41:cc:86:15:8b:6c:26:77:
e0:cd:94:e7:7f:9a:2a:a1:fd:8c:0f:23:05:2a:3b:86:ee:1e:
da:2c:4a:fc:73:a6:9c:02:0b:af:bc:26:29:f0:7b:a7:f8:4e:
00:5e:aa:7e:c7:43:45:dc:50:79:b9:f0:10:06:e5:54:5f:24:
fb:a0:0a:64:de:ae:db:24:ff:60:19:80:58:1a:73:ea:02:38:
b2:b5:84:eb:4d:73:de:4f:39:aa:b4:64:de:d6:f1:bf:e7:61:
35:9d:5b:49:5d:7f:11:c5:06:c1:24:a8:0b:5b:c7:bd:8d:8b:
c5:55:47:0e:5f:ce:1d:74:38:49:86:f8:93:27:31:49:80:67:
3e:fe:18:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRj2qmqgFhD/2c66vtAJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGZhYzc4NTJiNDJkMWU2YjFjM2YwZjI5ZDEzY2U1ZTll
Y2IyZDYwHhcNMjUwMTAyMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRiNjczNjRhYThmOTQ3MWFjYmQ4MDZlNmNjYzMxNjE3YWI1NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBcNzkL1du43U67m1jBUX4wkbMsy
aZ4k/On8JtYle+DaucdImoNfgAz4YGqnHgE6+qbS7Mj6/sTJGlYBLdxoE+oEilfL
i4LEajXQhQ46SpZ8FXbAcXSSIf4ngDgbn2MW9t9GWZOdUwZmSzC5GZVnCJ8uFxik
saX/yeIZ1ic7ROQydL0sh4sEW7PFmm9qFP2+aHNJacRO/JgsZ76pdJNHF4m5e74s
Ti3mMgNBApJLIyz7davNFv2ElSpa1DH3UtjxrIaEb3XG4m+S6IHzvX6p+PXQV2o6
Ui4ctYQIN+XdRAJ1CUfoWxqb5kVh1smthSRXum7G7Usm8t//T7OUgM5sLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZLZzZKqPlHGsvYBubMwxYXq1UaMB8GA1UdIwQY
MBaAFAkPrHhStC0eaxw/DynRPOXp7LLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1Etc2VGSzBMUjVySEQ4UEtkRTg1ZW5zc3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84NzEwYmEtZmI1OS00NjZiLTllNmIt
ZTg5ODY4MWJjODllLzEvdGt0bk5rcW8tVWNheTlnRzVzekRGaGVyVlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84NzEwYmEtZmI1OS00NjZiLTllNmItZTg5ODY4MWJjODll
LzEvQ1Etc2VGSzBMUjVySEQ4UEtkRTg1ZW5zc3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWzEMA0G
CSqGSIb3DQEBCwUAA4IBAQARXb0VvUyfhBbuynS+7yPlhr+ol3Dw+PLWvVtzygiG
S3fyEULeJEHwJyCm5ss7VOkgh4Lep9vp7XfN832Xc7koMmmb/t+/keVGDiOyzgvA
WofFR6RhYi3XC9hHLW1fO18eeExL0saI5+rUjMDuK1zbAzy7fHy3QcyGFYtsJnfg
zZTnf5oqof2MDyMFKjuG7h7aLEr8c6acAguvvCYp8Hun+E4AXqp+x0NF3FB5ufAQ
BuVUXyT7oApk3q7bJP9gGYBYGnPqAjiytYTrTXPeTzmqtGTe1vG/52E1nVtJXX8R
xQbBJKgLW8e9jYvFVUcOX84ddDhJhviTJzFJgGc+/hhy
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:44:56 2025 by rpki-client