Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/22c510-3480-4ce1-8dd8-19746947558d/1/tBmRUMmtwnwv4vXNsQJqDfSw9xM.roa
File: tBmRUMmtwnwv4vXNsQJqDfSw9xM.roa (raw, json)
Hash identifier: 05hPKt6waoEeOKJXfn+K3RZpsPO/WPF96iW+iOqijmE=
Subject key identifier: B4:19:91:50:C9:AD:C2:7C:2F:E2:F5:CD:B1:02:6A:0D:F4:B0:F7:13
Certificate issuer: /CN=ffb2627672877d0f6de9bc4e7e186eedd1356110
Certificate serial: 019424B3AEB0AD16D8AA02ED8163CEBA04F6
Authority key identifier: FF:B2:62:76:72:87:7D:0F:6D:E9:BC:4E:7E:18:6E:ED:D1:35:61:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7JidnKHfQ9t6bxOfhhu7dE1YRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/22c510-3480-4ce1-8dd8-19746947558d/1/tBmRUMmtwnwv4vXNsQJqDfSw9xM.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 185.147.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ae:b0:ad:16:d8:aa:02:ed:81:63:ce:ba:04:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffb2627672877d0f6de9bc4e7e186eedd1356110
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4199150c9adc27c2fe2f5cdb1026a0df4b0f713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:47:58:db:e5:d6:31:db:2a:08:c3:1b:59:
e7:cb:8c:d5:0e:ee:95:ed:09:0b:2b:a3:d9:2a:09:
9f:f9:06:36:06:33:03:fe:2f:f3:09:36:b7:1b:c4:
7d:a7:45:53:e1:49:18:04:d9:e4:d0:3c:ce:0e:eb:
61:cf:0b:70:f3:ec:bc:80:cc:cb:6b:5c:53:a8:f6:
75:b1:12:9f:37:d1:b9:c5:5d:15:7d:82:b9:b1:65:
28:64:b9:66:ef:12:a7:37:c8:ac:30:b6:68:39:5b:
28:7a:2c:84:b3:7e:af:00:4c:b2:05:21:74:17:d1:
f2:df:1a:67:25:87:18:09:4e:9a:bb:6f:2d:37:f7:
64:20:b7:2a:9c:70:c1:86:dd:ec:66:b0:89:37:6f:
19:f7:fd:03:95:d1:25:a8:50:e5:56:85:46:b9:2b:
ec:1c:33:d2:b0:21:a3:87:96:51:b5:b3:69:8a:ee:
96:4f:a5:92:37:3a:4d:d1:42:b6:cd:c5:2a:e4:54:
17:0a:6d:58:e4:c1:62:ca:ee:1e:50:85:f0:e6:50:
03:b3:44:37:7d:b0:cd:03:9a:7f:99:ab:60:c6:56:
1c:cf:f2:90:f9:0a:23:b5:15:90:f3:5c:af:45:79:
2d:f3:98:5c:9f:f5:2f:0f:ad:17:2a:d5:ba:7e:97:
44:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:19:91:50:C9:AD:C2:7C:2F:E2:F5:CD:B1:02:6A:0D:F4:B0:F7:13
X509v3 Authority Key Identifier:
keyid:FF:B2:62:76:72:87:7D:0F:6D:E9:BC:4E:7E:18:6E:ED:D1:35:61:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7JidnKHfQ9t6bxOfhhu7dE1YRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/22c510-3480-4ce1-8dd8-19746947558d/1/tBmRUMmtwnwv4vXNsQJqDfSw9xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/22c510-3480-4ce1-8dd8-19746947558d/1/_7JidnKHfQ9t6bxOfhhu7dE1YRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.127.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f2:29:ee:4b:37:92:9b:73:36:93:f8:52:a1:b3:2d:e5:48:
21:c2:45:e7:c6:51:53:5a:9d:f6:64:0f:0b:dd:06:29:c2:f4:
90:f1:ca:a3:53:b7:e0:ff:8f:f4:45:3e:dd:7d:dc:93:4c:58:
4b:bb:b1:9e:97:0a:09:2e:34:93:15:49:be:b0:c2:51:d1:0b:
f3:02:4f:4b:2e:ec:ae:5d:db:16:82:6f:5a:90:73:2a:ac:7b:
c3:40:f6:39:f7:5f:3b:91:18:99:68:f5:05:34:f4:68:e8:98:
c3:fb:8b:0b:d5:6f:08:46:fa:34:84:70:12:3d:ca:36:79:c7:
0b:be:54:2e:c5:80:76:96:26:01:24:e4:b8:4e:9e:35:99:64:
5e:32:b7:62:d0:13:ac:cc:bb:cb:98:fd:9e:24:11:99:90:2f:
b8:25:68:90:a2:68:8e:f7:75:d4:47:dd:6f:bb:08:54:c1:b4:
bd:7f:85:66:e3:91:fa:4d:c4:b5:3b:70:96:d2:6d:a3:55:14:
5f:75:13:b6:ee:ac:fc:08:32:5c:1b:cc:f4:a0:e8:2d:dc:d9:
cf:93:ac:22:d2:12:9a:46:de:c8:c4:57:17:fd:11:1f:a7:e4:
75:b7:7b:a1:a9:0c:53:ea:d0:e1:5f:d1:e3:da:a1:27:fa:96:
b8:e0:f2:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks66wrRbYqgLtgWPOugT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYjI2Mjc2NzI4NzdkMGY2ZGU5YmM0ZTdlMTg2ZWVkZDEz
NTYxMTAwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE5OTE1MGM5YWRjMjdjMmZlMmY1Y2RiMTAyNmEwZGY0YjBmNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptJHWNvl1jHbKgjDG1nny4zVDu6V
7QkLK6PZKgmf+QY2BjMD/i/zCTa3G8R9p0VT4UkYBNnk0DzODuthzwtw8+y8gMzL
a1xTqPZ1sRKfN9G5xV0VfYK5sWUoZLlm7xKnN8isMLZoOVsoeiyEs36vAEyyBSF0
F9Hy3xpnJYcYCU6au28tN/dkILcqnHDBht3sZrCJN28Z9/0DldElqFDlVoVGuSvs
HDPSsCGjh5ZRtbNpiu6WT6WSNzpN0UK2zcUq5FQXCm1Y5MFiyu4eUIXw5lADs0Q3
fbDNA5p/matgxlYcz/KQ+QojtRWQ81yvRXkt85hcn/UvD60XKtW6fpdE/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQZkVDJrcJ8L+L1zbECag30sPcTMB8GA1UdIwQY
MBaAFP+yYnZyh30Pbem8Tn4Ybu3RNWEQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzdKaWRuS0hmUTl0NmJ4T2ZoaHU3ZEUxWVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8yMmM1MTAtMzQ4MC00Y2UxLThkZDgt
MTk3NDY5NDc1NThkLzEvdEJtUlVNbXR3bnd2NHZYTnNRSnFEZlN3OXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8yMmM1MTAtMzQ4MC00Y2UxLThkZDgtMTk3NDY5NDc1NThk
LzEvXzdKaWRuS0hmUTl0NmJ4T2ZoaHU3ZEUxWVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZN/MA0G
CSqGSIb3DQEBCwUAA4IBAQBu8inuSzeSm3M2k/hSobMt5UghwkXnxlFTWp32ZA8L
3QYpwvSQ8cqjU7fg/4/0RT7dfdyTTFhLu7GelwoJLjSTFUm+sMJR0QvzAk9LLuyu
XdsWgm9akHMqrHvDQPY59187kRiZaPUFNPRo6JjD+4sL1W8IRvo0hHASPco2eccL
vlQuxYB2liYBJOS4Tp41mWReMrdi0BOszLvLmP2eJBGZkC+4JWiQomiO93XUR91v
uwhUwbS9f4Vm45H6TcS1O3CW0m2jVRRfdRO27qz8CDJcG8z0oOgt3NnPk6wi0hKa
Rt7IxFcX/REfp+R1t3uhqQxT6tDhX9Hj2qEn+pa44PIT
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:10:25 2025 by rpki-client