Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/tkngR5wwQ6qh3iGid8LqkeZO0Sg.roa
File: tkngR5wwQ6qh3iGid8LqkeZO0Sg.roa (raw, json)
Hash identifier: XAoboSbFoG6N+OZ4mfDqaXa/N9sFsWbZUGbRzqL5oH0=
Subject key identifier: B6:49:E0:47:9C:30:43:AA:A1:DE:21:A2:77:C2:EA:91:E6:4E:D1:28
Certificate issuer: /CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Certificate serial: 019420D5A79685FE3E0485FC2FE530AB130F
Authority key identifier: B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/tkngR5wwQ6qh3iGid8LqkeZO0Sg.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205313
IP address blocks: 185.222.72.0/22 maxlen: 22
185.222.72.0/23 maxlen: 23
185.222.72.0/24 maxlen: 24
185.222.73.0/24 maxlen: 24
185.222.74.0/23 maxlen: 23
185.222.74.0/24 maxlen: 24
185.222.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a7:96:85:fe:3e:04:85:fc:2f:e5:30:ab:13:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b649e0479c3043aaa1de21a277c2ea91e64ed128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:d7:df:ac:f1:db:58:e1:cf:ab:cf:07:b4:
09:83:e6:23:cd:36:27:cb:52:9d:cd:bb:f4:be:b0:
31:cf:38:31:ee:88:18:e9:ae:15:21:ee:07:a5:0e:
70:cf:d1:87:93:54:6e:20:12:fb:77:66:4e:1f:36:
bf:b9:1b:5d:bc:ea:93:a6:20:60:2f:5e:21:1d:7f:
fc:34:6f:8e:87:69:ae:66:9b:d2:87:a9:a4:b2:38:
19:24:6e:4f:e9:93:6c:77:51:b1:cf:7e:b7:23:a3:
d9:51:aa:b6:4e:80:09:81:a3:df:29:ae:08:d6:a5:
48:ea:5c:67:ab:96:36:fe:45:f7:ee:da:93:a3:0b:
ee:e5:17:58:ea:71:9a:5f:80:8a:8b:dd:20:d9:ee:
4d:cb:75:71:61:d2:bf:83:de:4c:32:35:03:d1:38:
c7:d5:68:98:ec:09:b3:d3:c1:60:62:ff:cf:16:08:
7f:d5:5f:23:17:27:e4:54:bc:e5:67:b3:32:bb:a4:
0d:f9:5f:59:42:24:58:ba:79:8b:d3:b7:fc:c8:11:
bf:31:58:ba:98:04:96:5e:f8:17:dd:0e:40:45:0d:
cf:3b:2e:63:3f:8c:c8:49:7f:c8:2c:61:34:ec:8a:
d7:33:54:bf:e7:19:93:35:36:e7:74:51:04:c3:ea:
c8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:49:E0:47:9C:30:43:AA:A1:DE:21:A2:77:C2:EA:91:E6:4E:D1:28
X509v3 Authority Key Identifier:
keyid:B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/tkngR5wwQ6qh3iGid8LqkeZO0Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
73:2f:37:5d:6f:5d:f1:8f:ae:e6:e7:b3:4c:43:e5:02:43:30:
ee:76:9e:fe:80:23:d3:a1:61:54:6f:93:ee:af:36:be:0f:42:
8c:4b:8b:f9:4b:6e:bb:a0:b4:78:18:4e:33:16:ae:da:d0:e0:
2e:58:aa:49:65:1c:c3:e0:5b:a3:a5:76:fd:df:a0:1a:10:f7:
c2:27:ea:9d:7d:93:ce:5e:c5:92:62:c1:32:51:07:32:a0:83:
7a:d9:4a:24:a9:e8:11:db:53:d7:59:86:cf:72:26:2b:12:cf:
cd:bd:75:13:c4:6a:ec:ec:e5:60:9a:c2:4e:fb:66:6c:59:4a:
b7:0e:fe:23:f4:b4:09:a5:ca:a6:a1:92:94:16:72:20:75:93:
78:a7:91:8b:26:7d:04:1c:e0:e5:fc:a3:cb:a4:e7:12:b9:89:
fe:f4:15:75:f6:59:37:d3:19:af:0b:6e:74:00:ae:9d:f2:0c:
7c:d6:46:fe:38:46:2c:35:e7:b9:87:a6:a1:4d:1c:0f:c9:8e:
f4:e4:4b:e6:5d:0a:81:e1:67:7e:a6:f7:5d:0b:61:c4:04:ce:
34:d0:14:4d:82:1e:04:24:f1:a8:00:01:1c:e1:3a:8b:67:72:
fb:a3:14:66:52:cb:de:69:cc:81:bd:1c:2f:da:54:78:13:3a:
ee:e9:b3:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1aeWhf4+BIX8L+UwqxMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjdkMDA5NGFkYzk4ZDliMDMyNzIwZTgxZTNkYjVhYTc1
ODFjNzQwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ5ZTA0NzljMzA0M2FhYTFkZTIxYTI3N2MyZWE5MWU2NGVkMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWDX36zx21jhz6vPB7QJg+YjzTYn
y1Kdzbv0vrAxzzgx7ogY6a4VIe4HpQ5wz9GHk1RuIBL7d2ZOHza/uRtdvOqTpiBg
L14hHX/8NG+Oh2muZpvSh6mksjgZJG5P6ZNsd1Gxz363I6PZUaq2ToAJgaPfKa4I
1qVI6lxnq5Y2/kX37tqTowvu5RdY6nGaX4CKi90g2e5Ny3VxYdK/g95MMjUD0TjH
1WiY7Amz08FgYv/PFgh/1V8jFyfkVLzlZ7Myu6QN+V9ZQiRYunmL07f8yBG/MVi6
mASWXvgX3Q5ARQ3POy5jP4zISX/ILGE07IrXM1S/5xmTNTbndFEEw+rIDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZJ4EecMEOqod4honfC6pHmTtEoMB8GA1UdIwQY
MBaAFLH30AlK3JjZsDJyDoHj21qnWBx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMt
YTU0Yjg2OWRjZDI3LzEvdGtuZ1I1d3dRNnFoM2lHaWQ4THFrZVpPMFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMtYTU0Yjg2OWRjZDI3
LzEvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud5IMA0G
CSqGSIb3DQEBCwUAA4IBAQBzLzddb13xj67m57NMQ+UCQzDudp7+gCPToWFUb5Pu
rza+D0KMS4v5S267oLR4GE4zFq7a0OAuWKpJZRzD4FujpXb936AaEPfCJ+qdfZPO
XsWSYsEyUQcyoIN62UokqegR21PXWYbPciYrEs/NvXUTxGrs7OVgmsJO+2ZsWUq3
Dv4j9LQJpcqmoZKUFnIgdZN4p5GLJn0EHODl/KPLpOcSuYn+9BV19lk30xmvC250
AK6d8gx81kb+OEYsNee5h6ahTRwPyY705EvmXQqB4Wd+pvddC2HEBM400BRNgh4E
JPGoAAEc4TqLZ3L7oxRmUsveacyBvRwv2lR4Ezru6bMR
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:25 2025 by rpki-client