Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/TPdcZLcH_YATAX6AnH-DrKOIyW4.roa
File: TPdcZLcH_YATAX6AnH-DrKOIyW4.roa (raw, json)
Hash identifier: 7Q4klUwlKvLOmsqK9in2FaKGpBVinFLluA+jbJEiVAQ=
Subject key identifier: 4C:F7:5C:64:B7:07:FD:80:13:01:7E:80:9C:7F:83:AC:A3:88:C9:6E
Certificate issuer: /CN=d78a4914d96009b6822d168a0ed53e936d3a41f8
Certificate serial: 019421B1AAB804DEFE8AE2A14368AB944343
Authority key identifier: D7:8A:49:14:D9:60:09:B6:82:2D:16:8A:0E:D5:3E:93:6D:3A:41:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14pJFNlgCbaCLRaKDtU-k206Qfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/TPdcZLcH_YATAX6AnH-DrKOIyW4.roa
Signing time: Wed 01 Jan 2025 11:47:59 +0000
ROA not before: Wed 01 Jan 2025 11:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207773
IP address blocks: 185.98.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:aa:b8:04:de:fe:8a:e2:a1:43:68:ab:94:43:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d78a4914d96009b6822d168a0ed53e936d3a41f8
Validity
Not Before: Jan 1 11:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cf75c64b707fd8013017e809c7f83aca388c96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:13:b3:1e:b2:b1:98:3a:07:6e:59:bd:bc:81:
99:76:c7:b7:fd:04:a0:6f:80:93:ca:36:04:54:80:
cc:31:2e:78:30:e8:86:c5:a8:46:43:50:4e:e0:f0:
72:d1:60:a0:29:16:ba:ad:d4:9c:6f:33:28:6e:a1:
80:d5:d6:84:ec:76:88:db:c5:36:8a:ee:3a:0b:1d:
fa:57:9d:42:0a:18:7c:3b:bd:1a:db:64:87:06:7e:
38:b0:73:34:0d:b2:f5:cc:0a:d3:76:0b:f5:6f:79:
8f:2c:f5:ac:91:e7:0a:01:1d:11:bb:51:9f:22:08:
aa:9b:c8:3e:44:d6:1f:fa:aa:2b:dc:f1:5b:ab:aa:
d2:a6:80:a0:04:c8:bc:70:1a:6b:f7:0e:09:a9:df:
b2:ac:16:69:ee:3f:1f:99:93:63:f7:93:03:f5:4f:
e9:f7:cd:7f:28:bc:d4:d9:0a:a4:13:4f:2b:61:1f:
19:79:1c:07:02:ea:a1:45:7c:49:1d:63:0b:69:89:
14:11:00:5f:b4:7d:04:a6:87:4c:04:dd:33:7d:55:
ae:8f:28:5a:e6:3d:bf:1f:59:66:24:72:28:96:67:
88:ff:19:b9:1e:cf:df:e9:fe:35:d3:47:95:0d:96:
1b:cf:fb:30:8b:01:00:d9:d0:14:f5:04:64:3e:46:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F7:5C:64:B7:07:FD:80:13:01:7E:80:9C:7F:83:AC:A3:88:C9:6E
X509v3 Authority Key Identifier:
keyid:D7:8A:49:14:D9:60:09:B6:82:2D:16:8A:0E:D5:3E:93:6D:3A:41:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14pJFNlgCbaCLRaKDtU-k206Qfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/TPdcZLcH_YATAX6AnH-DrKOIyW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/7cf43d-8c85-4817-bd75-230fda66abcb/1/14pJFNlgCbaCLRaKDtU-k206Qfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.15.0/24
Signature Algorithm: sha256WithRSAEncryption
46:d7:ef:ef:bc:80:cb:93:e7:be:9a:b2:bd:66:f7:51:fe:68:
ea:f8:27:1d:2d:da:9d:66:f5:81:fb:21:34:46:67:dc:f2:c4:
f4:b9:ef:22:3e:68:0e:8b:2d:ec:1c:ca:45:53:0b:a0:40:f6:
3b:46:17:34:c0:a3:16:f3:a5:12:7f:92:5b:47:73:8c:5e:69:
2d:94:5e:86:b5:4d:31:7e:6a:1f:ec:ef:6e:03:ff:01:81:64:
d0:9e:a1:ea:19:68:e0:9c:c2:d6:12:0c:da:4d:b2:0c:ef:ff:
cf:9e:79:ce:71:fc:d2:a1:2f:48:b6:25:98:32:0e:25:ef:81:
0c:9e:58:e2:dd:78:db:13:14:35:50:a9:78:0f:9d:6a:18:e8:
9f:8a:50:43:de:5a:ba:e8:bc:5d:22:3c:4d:19:4a:fb:6a:6d:
9b:8c:65:9c:6d:a2:21:ef:a3:23:4a:af:5f:57:4d:da:09:8c:
15:52:5e:3a:e3:a7:07:ce:69:92:ec:f2:16:fb:6f:25:33:b4:
1d:7e:dd:23:45:33:92:8a:f7:62:84:c3:2d:fc:b5:6e:b5:b6:
04:82:69:3e:34:dd:9a:c3:1e:14:c4:a4:cb:96:49:cf:54:01:
0b:16:72:0f:19:eb:90:87:18:90:74:3d:70:e9:5a:df:e6:9f:
bf:9d:49:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaq4BN7+iuKhQ2irlENDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OGE0OTE0ZDk2MDA5YjY4MjJkMTY4YTBlZDUzZTkzNmQz
YTQxZjgwHhcNMjUwMTAxMTE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y3NWM2NGI3MDdmZDgwMTMwMTdlODA5YzdmODNhY2EzODhjOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBOzHrKxmDoHblm9vIGZdse3/QSg
b4CTyjYEVIDMMS54MOiGxahGQ1BO4PBy0WCgKRa6rdScbzMobqGA1daE7HaI28U2
iu46Cx36V51CChh8O70a22SHBn44sHM0DbL1zArTdgv1b3mPLPWskecKAR0Ru1Gf
Igiqm8g+RNYf+qor3PFbq6rSpoCgBMi8cBpr9w4Jqd+yrBZp7j8fmZNj95MD9U/p
981/KLzU2QqkE08rYR8ZeRwHAuqhRXxJHWMLaYkUEQBftH0EpodMBN0zfVWujyha
5j2/H1lmJHIolmeI/xm5Hs/f6f4100eVDZYbz/swiwEA2dAU9QRkPkZPJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEz3XGS3B/2AEwF+gJx/g6yjiMluMB8GA1UdIwQY
MBaAFNeKSRTZYAm2gi0Wig7VPpNtOkH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRwSkZObGdDYmFDTFJhS0R0VS1rMjA2UWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi83Y2Y0M2QtOGM4NS00ODE3LWJkNzUt
MjMwZmRhNjZhYmNiLzEvVFBkY1pMY0hfWUFUQVg2QW5ILURyS09JeVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi83Y2Y0M2QtOGM4NS00ODE3LWJkNzUtMjMwZmRhNjZhYmNi
LzEvMTRwSkZObGdDYmFDTFJhS0R0VS1rMjA2UWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWIPMA0G
CSqGSIb3DQEBCwUAA4IBAQBG1+/vvIDLk+e+mrK9ZvdR/mjq+CcdLdqdZvWB+yE0
Rmfc8sT0ue8iPmgOiy3sHMpFUwugQPY7Rhc0wKMW86USf5JbR3OMXmktlF6GtU0x
fmof7O9uA/8BgWTQnqHqGWjgnMLWEgzaTbIM7//PnnnOcfzSoS9ItiWYMg4l74EM
nlji3XjbExQ1UKl4D51qGOifilBD3lq66LxdIjxNGUr7am2bjGWcbaIh76MjSq9f
V03aCYwVUl4646cHzmmS7PIW+28lM7Qdft0jRTOSivdihMMt/LVutbYEgmk+NN2a
wx4UxKTLlknPVAELFnIPGeuQhxiQdD1w6Vrf5p+/nUkJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:21:57 2025 by rpki-client