Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/tkt4SudQfK9uwQrgGKvvYflAjl8.roa
File: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (raw, json)
Hash identifier: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=
Subject key identifier: B6:4B:78:4A:E7:50:7C:AF:6E:C1:0A:E0:18:AB:EF:61:F9:40:8E:5F
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019423D6DF8025450CEC1296D31798016D1D
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/tkt4SudQfK9uwQrgGKvvYflAjl8.roa
Signing time: Wed 01 Jan 2025 21:47:51 +0000
ROA not before: Wed 01 Jan 2025 21:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20986
IP address blocks: 185.249.140.0/22 maxlen: 22
185.249.140.0/24 maxlen: 24
185.249.141.0/24 maxlen: 24
185.249.142.0/24 maxlen: 24
185.249.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:df:80:25:45:0c:ec:12:96:d3:17:98:01:6d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Jan 1 21:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b64b784ae7507caf6ec10ae018abef61f9408e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b9:5c:e9:1b:7a:b5:a3:63:ef:51:a4:e9:54:
57:6d:3d:28:53:81:e0:60:0c:65:19:34:5f:a6:5b:
d0:5a:9f:be:ed:75:a0:3c:df:3d:a7:e6:41:f8:72:
d2:39:9f:31:fd:7d:61:bb:6c:58:54:74:20:5c:0c:
68:d0:6f:6b:c0:b4:9b:fb:57:ca:07:50:cf:cd:0e:
60:52:ae:85:7f:49:2d:40:17:5a:f4:43:50:50:b5:
3b:40:18:ae:3d:2b:32:0f:b2:1e:d5:66:e7:11:cb:
e8:35:01:84:98:68:03:27:ab:3e:6d:23:10:c5:73:
34:57:be:36:1e:5c:9d:44:1e:90:14:05:7c:28:04:
5b:9f:06:3e:aa:dc:b6:08:79:d9:26:5f:b6:da:31:
06:80:97:28:04:82:75:19:76:38:82:07:79:ac:b0:
b2:0a:00:ab:d2:a3:aa:d2:ef:7b:76:e8:63:1d:3a:
5f:3d:02:a6:c1:93:6e:85:bd:47:f7:43:5d:f9:e9:
21:d1:7a:18:e7:9e:42:47:b6:37:be:72:b4:e6:ec:
20:57:49:95:ff:ad:72:92:a3:81:d6:ff:73:4b:4e:
8b:a1:dc:e1:25:e0:67:62:39:3b:e2:08:7b:81:ed:
2b:0f:35:c5:55:bb:a4:58:d3:d8:5c:34:57:73:e8:
3e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:78:4A:E7:50:7C:AF:6E:C1:0A:E0:18:AB:EF:61:F9:40:8E:5F
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/tkt4SudQfK9uwQrgGKvvYflAjl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.140.0/22
Signature Algorithm: sha256WithRSAEncryption
06:9d:f9:c5:2a:51:51:d5:a6:c0:b3:fc:fe:9c:0c:82:cb:c2:
c2:35:d5:b3:64:e8:23:ed:94:dd:55:46:50:84:f0:fd:dd:73:
f8:29:85:47:5e:de:5c:a0:11:e3:66:d2:2a:15:2e:a3:c7:c9:
9a:8a:b3:40:12:1d:f1:e2:98:31:c5:16:1e:da:26:0f:f6:52:
60:f9:5a:7c:86:6f:62:a1:dd:b3:51:7f:be:4d:51:c8:a4:b1:
29:73:d7:89:bc:5f:4b:a8:ef:60:1f:a1:56:bd:1f:4f:a6:dc:
fc:1c:76:d1:27:ea:03:a7:cf:2e:0a:7d:88:28:2f:d4:e6:de:
c2:a3:98:c3:42:ac:7d:5d:2e:fa:38:d5:5f:2f:64:3c:d2:93:
e0:6d:d2:5d:7d:85:2a:9e:16:e8:a9:c7:c8:c0:37:f5:cc:a8:
64:2d:3a:c6:88:6c:53:73:7f:fb:e0:35:99:35:c9:e7:89:0a:
c6:d0:88:45:1f:52:1c:67:30:ad:4a:7e:28:2e:f4:43:a3:db:
20:b4:49:d7:2c:08:f8:10:5a:65:3b:7c:ed:f5:58:23:84:41:
9f:17:87:ac:84:15:58:6a:48:35:81:dd:cf:1f:c5:95:4b:c6:
13:89:72:41:bd:e5:58:ce:50:0c:01:41:9f:4d:35:bf:02:a1:
5b:9a:7c:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1t+AJUUM7BKW0xeYAW0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjUwMTAxMjE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRiNzg0YWU3NTA3Y2FmNmVjMTBhZTAxOGFiZWY2MWY5NDA4ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rlc6Rt6taNj71Gk6VRXbT0oU4Hg
YAxlGTRfplvQWp++7XWgPN89p+ZB+HLSOZ8x/X1hu2xYVHQgXAxo0G9rwLSb+1fK
B1DPzQ5gUq6Ff0ktQBda9ENQULU7QBiuPSsyD7Ie1WbnEcvoNQGEmGgDJ6s+bSMQ
xXM0V742HlydRB6QFAV8KARbnwY+qty2CHnZJl+22jEGgJcoBIJ1GXY4ggd5rLCy
CgCr0qOq0u97duhjHTpfPQKmwZNuhb1H90Nd+ekh0XoY555CR7Y3vnK05uwgV0mV
/61ykqOB1v9zS06LodzhJeBnYjk74gh7ge0rDzXFVbukWNPYXDRXc+g+JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZLeErnUHyvbsEK4Bir72H5QI5fMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvdGt0NFN1ZFFmSzl1d1FyZ0dLdnZZZmxBamw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufmMMA0G
CSqGSIb3DQEBCwUAA4IBAQAGnfnFKlFR1abAs/z+nAyCy8LCNdWzZOgj7ZTdVUZQ
hPD93XP4KYVHXt5coBHjZtIqFS6jx8mairNAEh3x4pgxxRYe2iYP9lJg+Vp8hm9i
od2zUX++TVHIpLEpc9eJvF9LqO9gH6FWvR9Pptz8HHbRJ+oDp88uCn2IKC/U5t7C
o5jDQqx9XS76ONVfL2Q80pPgbdJdfYUqnhboqcfIwDf1zKhkLTrGiGxTc3/74DWZ
NcnniQrG0IhFH1IcZzCtSn4oLvRDo9sgtEnXLAj4EFplO3zt9VgjhEGfF4eshBVY
akg1gd3PH8WVS8YTiXJBveVYzlAMAUGfTTW/AqFbmnyn
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:42:02 2025 by rpki-client