Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/TmtbffGKJCoB6KaITSDYwVaNuwg.roa
File: TmtbffGKJCoB6KaITSDYwVaNuwg.roa (raw, json)
Hash identifier: 9FENVzGrCx3+V6le/ReQ6+C3ptJBYI3u30nI4IXsVV4=
Subject key identifier: 4E:6B:5B:7D:F1:8A:24:2A:01:E8:A6:88:4D:20:D8:C1:56:8D:BB:08
Certificate issuer: /CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Certificate serial: 019425213E5CB110F63F8DD0E911FA4C2DF3
Authority key identifier: 50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/TmtbffGKJCoB6KaITSDYwVaNuwg.roa
Signing time: Thu 02 Jan 2025 03:48:43 +0000
ROA not before: Thu 02 Jan 2025 03:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213837
IP address blocks: 91.203.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:3e:5c:b1:10:f6:3f:8d:d0:e9:11:fa:4c:2d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50182bee9aa010c1ffd2d804f6aa7b14bddb91f7
Validity
Not Before: Jan 2 03:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e6b5b7df18a242a01e8a6884d20d8c1568dbb08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ea:cb:b8:03:42:89:06:2b:1e:46:ce:1a:6e:
40:49:f6:a0:f7:c4:ac:15:ea:89:04:9c:3a:89:b7:
5e:a7:3c:17:c8:f6:82:c2:58:cc:d5:db:3b:9a:73:
3c:64:ba:63:d6:85:73:e2:c9:08:4e:c8:ec:5f:08:
7a:09:3e:1e:4f:18:88:26:d2:c1:eb:79:83:72:91:
bb:7f:94:3f:d5:d1:d2:98:43:52:09:77:ec:5c:58:
c1:4f:3e:99:29:10:f4:66:54:ef:07:e2:10:b4:77:
46:5a:50:88:a0:d2:73:53:79:ed:3c:ce:46:fe:3b:
f0:3d:73:81:d0:33:39:e7:fe:a9:6b:ea:15:c2:4b:
6e:a2:0e:86:68:93:81:a1:39:7d:4b:27:e9:e7:f3:
32:c3:9d:fc:0d:e7:11:91:e2:c0:3d:ca:fb:1f:a5:
0a:80:f3:32:dc:f9:ea:75:eb:47:8c:22:64:d3:13:
0d:49:c2:8a:35:25:ca:9c:49:4d:5f:14:ef:a1:d2:
bb:c5:c3:24:13:a9:9f:72:9f:3a:5b:4e:2e:0e:b1:
25:8f:8d:13:85:fc:d1:b0:5b:f7:7c:e3:84:9e:f0:
17:fb:71:17:86:04:dc:0a:6b:33:d2:94:31:d5:a4:
61:42:18:50:cb:37:26:9c:d2:81:4c:17:c0:f6:ae:
86:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6B:5B:7D:F1:8A:24:2A:01:E8:A6:88:4D:20:D8:C1:56:8D:BB:08
X509v3 Authority Key Identifier:
keyid:50:18:2B:EE:9A:A0:10:C1:FF:D2:D8:04:F6:AA:7B:14:BD:DB:91:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBgr7pqgEMH_0tgE9qp7FL3bkfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/TmtbffGKJCoB6KaITSDYwVaNuwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/bd4566-ac27-46f8-94f9-19d1bb61d9a7/1/UBgr7pqgEMH_0tgE9qp7FL3bkfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:6d:c0:cb:70:02:31:e9:e9:f0:3f:4d:79:bb:d1:79:ed:0a:
bd:df:c6:c1:f8:b7:33:17:d3:29:7a:cc:a2:40:d1:20:83:b1:
31:8a:bf:99:dd:cb:4c:40:ce:4c:a2:7f:b7:56:43:c8:87:66:
1f:fc:e4:16:fc:d3:55:49:1a:29:76:28:51:d6:8b:55:d2:fd:
f6:c3:c5:7c:3f:0c:c9:98:c1:56:51:45:0b:73:73:b7:fa:4f:
74:ed:1d:1c:7c:9c:81:b9:c6:45:d3:86:de:33:1a:f3:c8:ea:
0a:2e:71:58:0c:a7:e9:c4:fa:de:a3:9a:0d:92:c3:ac:68:49:
15:a7:55:8a:9e:c5:67:56:6b:56:2d:fa:75:53:01:45:ed:d7:
fd:1c:01:e8:36:19:06:70:4f:26:f9:d6:2e:cc:e4:a2:24:98:
99:16:c1:f4:1d:bd:9c:4b:34:cb:8f:04:4a:37:8a:d5:b7:31:
d1:1a:48:09:c5:76:3a:ed:74:39:5b:d3:1d:94:96:9b:b4:75:
5a:62:73:a2:c3:f4:e1:56:3e:ce:8e:7b:88:14:44:72:ea:49:
3d:87:d3:e7:5d:b9:b3:64:6e:cb:b1:fb:23:7e:ab:c4:c8:48:
a5:fc:ec:75:7f:d2:a8:46:4d:ae:ab:8a:47:45:b0:34:cc:07:
5b:0a:1e:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIT5csRD2P43Q6RH6TC3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTgyYmVlOWFhMDEwYzFmZmQyZDgwNGY2YWE3YjE0YmRk
YjkxZjcwHhcNMjUwMTAyMDM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTZiNWI3ZGYxOGEyNDJhMDFlOGE2ODg0ZDIwZDhjMTU2OGRiYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OrLuANCiQYrHkbOGm5ASfag98Ss
FeqJBJw6ibdepzwXyPaCwljM1ds7mnM8ZLpj1oVz4skITsjsXwh6CT4eTxiIJtLB
63mDcpG7f5Q/1dHSmENSCXfsXFjBTz6ZKRD0ZlTvB+IQtHdGWlCIoNJzU3ntPM5G
/jvwPXOB0DM55/6pa+oVwktuog6GaJOBoTl9Syfp5/Myw538DecRkeLAPcr7H6UK
gPMy3PnqdetHjCJk0xMNScKKNSXKnElNXxTvodK7xcMkE6mfcp86W04uDrElj40T
hfzRsFv3fOOEnvAX+3EXhgTcCmsz0pQx1aRhQhhQyzcmnNKBTBfA9q6GrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5rW33xiiQqAeimiE0g2MFWjbsIMB8GA1UdIwQY
MBaAFFAYK+6aoBDB/9LYBPaqexS925H3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0Zjkt
MTlkMWJiNjFkOWE3LzEvVG10YmZmR0tKQ29CNkthSVRTRFl3VmFOdXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iZDQ1NjYtYWMyNy00NmY4LTk0ZjktMTlkMWJiNjFkOWE3
LzEvVUJncjdwcWdFTUhfMHRnRTlxcDdGTDNia2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8t4MA0G
CSqGSIb3DQEBCwUAA4IBAQASbcDLcAIx6enwP015u9F57Qq938bB+LczF9Mpesyi
QNEgg7Exir+Z3ctMQM5Mon+3VkPIh2Yf/OQW/NNVSRopdihR1otV0v32w8V8PwzJ
mMFWUUULc3O3+k907R0cfJyBucZF04beMxrzyOoKLnFYDKfpxPreo5oNksOsaEkV
p1WKnsVnVmtWLfp1UwFF7df9HAHoNhkGcE8m+dYuzOSiJJiZFsH0Hb2cSzTLjwRK
N4rVtzHRGkgJxXY67XQ5W9MdlJabtHVaYnOiw/ThVj7OjnuIFERy6kk9h9PnXbmz
ZG7LsfsjfqvEyEil/Ox1f9KoRk2uq4pHRbA0zAdbCh73
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:00:11 2025 by rpki-client