Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/TlDCQOh10UlQ796GS1cAAc1JE1M.roa
File: TlDCQOh10UlQ796GS1cAAc1JE1M.roa (raw, json)
Hash identifier: pcd2lbTTd2y5ARZY73OsqPA+0niqtCAf82HtT92KDWw=
Subject key identifier: 4E:50:C2:40:E8:75:D1:49:50:EF:DE:86:4B:57:00:01:CD:49:13:53
Certificate issuer: /CN=5dd23c7ac6e682fbc53be1a0e9318f6ccae7193d
Certificate serial: 0194214418D87CFF88482BD29E585F311A44
Authority key identifier: 5D:D2:3C:7A:C6:E6:82:FB:C5:3B:E1:A0:E9:31:8F:6C:CA:E7:19:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdI8esbmgvvFO-Gg6TGPbMrnGT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/TlDCQOh10UlQ796GS1cAAc1JE1M.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216313
IP address blocks: 185.129.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:18:d8:7c:ff:88:48:2b:d2:9e:58:5f:31:1a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd23c7ac6e682fbc53be1a0e9318f6ccae7193d
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e50c240e875d14950efde864b570001cd491353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:55:b1:94:d4:2c:ef:26:90:a2:65:8a:1c:72:
73:c7:1e:b5:3e:07:72:aa:87:68:9a:01:55:09:fa:
2b:e5:3c:3b:db:f7:12:9d:39:e3:c4:90:79:f1:14:
fb:67:32:4c:04:59:8d:86:ae:6b:bd:4a:7d:a8:ac:
d3:2d:45:02:69:9b:93:29:0c:e4:b4:54:ee:a0:3c:
fb:a5:e5:33:a7:8c:ee:43:77:5d:52:34:ad:ad:5c:
b6:b6:d3:82:b0:2d:47:c9:a9:17:58:31:d7:63:e8:
8c:f7:17:a7:c3:57:ce:2b:04:13:28:bd:86:1a:97:
0f:e4:db:e8:9d:7c:fb:78:c9:79:c9:65:fd:d7:d5:
5a:a3:ef:f4:d7:38:25:86:d6:37:ef:ca:20:6f:8d:
48:31:8c:09:51:9d:53:c5:be:d1:8b:a9:72:76:b2:
f1:88:56:28:03:fc:e4:f3:53:44:1b:2d:91:d5:1a:
f6:48:fb:f2:4d:58:e5:f6:14:d1:73:f7:39:10:70:
16:d1:62:3c:8b:a1:48:c6:b5:b6:49:1b:eb:5f:71:
af:c0:51:c8:5d:f8:61:d4:7a:bd:e0:9c:d6:89:f2:
48:b4:27:c4:cf:2a:da:ad:38:33:31:4d:a3:58:ee:
63:f1:0a:09:e2:c1:1e:20:e3:87:c1:b3:3a:e7:f3:
61:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:50:C2:40:E8:75:D1:49:50:EF:DE:86:4B:57:00:01:CD:49:13:53
X509v3 Authority Key Identifier:
keyid:5D:D2:3C:7A:C6:E6:82:FB:C5:3B:E1:A0:E9:31:8F:6C:CA:E7:19:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdI8esbmgvvFO-Gg6TGPbMrnGT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/TlDCQOh10UlQ796GS1cAAc1JE1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/XdI8esbmgvvFO-Gg6TGPbMrnGT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.60.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6a:f1:22:c4:05:f4:bf:59:47:9f:90:8e:b9:92:ea:56:d1:
78:0a:b1:8f:4d:18:1a:3f:15:12:73:00:1a:79:20:a0:f6:f3:
f1:68:23:5c:ae:6c:7d:15:c6:24:06:e5:e1:fa:aa:a9:92:43:
ec:32:84:84:4c:aa:92:9a:c4:6f:72:cf:3b:ad:18:91:c8:15:
5c:9f:55:05:04:c1:ad:aa:b9:56:a0:30:fa:a2:00:d5:5e:4c:
8a:95:29:a0:bd:f6:76:cc:5b:bf:13:2c:41:f5:27:55:3a:95:
61:0e:cf:e7:ec:13:13:81:62:d6:a3:68:cd:cb:18:a2:33:1b:
06:04:be:1f:8d:93:0e:4e:a8:f7:0c:f9:cb:2a:51:93:0e:93:
49:66:e8:1e:a3:fe:c8:89:c0:89:11:7c:e2:78:6d:66:55:10:
07:1b:b8:04:44:ed:29:e6:4f:f0:58:4a:69:b7:6a:c8:fa:89:
e5:0a:89:d9:ef:c7:91:88:95:d0:85:62:94:a2:d0:a3:57:9e:
61:03:dd:dd:de:d5:65:a1:39:dd:12:c5:71:61:6f:14:32:0a:
39:93:6b:6a:c7:61:77:51:fb:5c:30:27:f3:c6:5f:ca:89:17:
49:e1:f6:c9:3d:c4:bb:f2:08:8a:05:8f:fb:a7:c1:7d:89:bc:
ca:13:21:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBjYfP+ISCvSnlhfMRpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDIzYzdhYzZlNjgyZmJjNTNiZTFhMGU5MzE4ZjZjY2Fl
NzE5M2QwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUwYzI0MGU4NzVkMTQ5NTBlZmRlODY0YjU3MDAwMWNkNDkxMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1WxlNQs7yaQomWKHHJzxx61Pgdy
qodomgFVCfor5Tw72/cSnTnjxJB58RT7ZzJMBFmNhq5rvUp9qKzTLUUCaZuTKQzk
tFTuoDz7peUzp4zuQ3ddUjStrVy2ttOCsC1HyakXWDHXY+iM9xenw1fOKwQTKL2G
GpcP5NvonXz7eMl5yWX919Vao+/01zglhtY378ogb41IMYwJUZ1Txb7Ri6lydrLx
iFYoA/zk81NEGy2R1Rr2SPvyTVjl9hTRc/c5EHAW0WI8i6FIxrW2SRvrX3GvwFHI
Xfhh1Hq94JzWifJItCfEzyrarTgzMU2jWO5j8QoJ4sEeIOOHwbM65/NhCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5QwkDoddFJUO/ehktXAAHNSRNTMB8GA1UdIwQY
MBaAFF3SPHrG5oL7xTvhoOkxj2zK5xk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRJOGVzYm1ndnZGTy1HZzZUR1BiTXJuR1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hNDJlOWMtZDkyZC00YjIwLWE1ZWIt
ZWJlMjMzMmNhZjFjLzEvVGxEQ1FPaDEwVWxRNzk2R1MxY0FBYzFKRTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9hNDJlOWMtZDkyZC00YjIwLWE1ZWItZWJlMjMzMmNhZjFj
LzEvWGRJOGVzYm1ndnZGTy1HZzZUR1BiTXJuR1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYE8MA0G
CSqGSIb3DQEBCwUAA4IBAQB/avEixAX0v1lHn5COuZLqVtF4CrGPTRgaPxUScwAa
eSCg9vPxaCNcrmx9FcYkBuXh+qqpkkPsMoSETKqSmsRvcs87rRiRyBVcn1UFBMGt
qrlWoDD6ogDVXkyKlSmgvfZ2zFu/EyxB9SdVOpVhDs/n7BMTgWLWo2jNyxiiMxsG
BL4fjZMOTqj3DPnLKlGTDpNJZugeo/7IicCJEXzieG1mVRAHG7gERO0p5k/wWEpp
t2rI+onlConZ78eRiJXQhWKUotCjV55hA93d3tVloTndEsVxYW8UMgo5k2tqx2F3
UftcMCfzxl/KiRdJ4fbJPcS78giKBY/7p8F9ibzKEyH7
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:35:26 2025 by rpki-client