Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/tm430U4MT2PCSKOqthlACUfwpXU.roa
File: tm430U4MT2PCSKOqthlACUfwpXU.roa (raw, json)
Hash identifier: oQ5muHmRQJQhR0gSulEeCf46ida6cl+Es7PcXAkB/VU=
Subject key identifier: B6:6E:37:D1:4E:0C:4F:63:C2:48:A3:AA:B6:19:40:09:47:F0:A5:75
Certificate issuer: /CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Certificate serial: 019426D9D57EC522F7E0911C529B454B0134
Authority key identifier: 18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/tm430U4MT2PCSKOqthlACUfwpXU.roa
Signing time: Thu 02 Jan 2025 11:49:57 +0000
ROA not before: Thu 02 Jan 2025 11:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 185.208.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d5:7e:c5:22:f7:e0:91:1c:52:9b:45:4b:01:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Validity
Not Before: Jan 2 11:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b66e37d14e0c4f63c248a3aab619400947f0a575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:20:94:29:9a:74:9f:e7:6d:6b:ed:c0:d4:14:
fa:4f:c1:4a:81:f2:85:18:74:de:ac:df:3d:6c:46:
92:c5:e2:7d:8b:8d:f7:d6:32:1a:cb:04:0f:00:9d:
b5:cf:83:d9:b3:50:ee:50:db:40:7a:44:f6:0a:cf:
0f:6b:82:02:9a:77:ef:2c:0a:2c:5e:45:73:ba:66:
28:36:d8:2d:a3:5e:be:b0:fe:31:4d:98:4e:78:f5:
a1:34:df:a1:73:fc:4b:8b:f8:56:30:b7:09:bb:ca:
0a:37:c2:a4:2d:a4:21:8f:f0:e2:03:4b:3c:80:b3:
dd:43:3d:b8:88:9c:b0:76:8f:57:fc:4b:ed:ad:d1:
3f:01:6a:f2:f9:c6:90:2d:07:3c:8b:34:16:95:d4:
5d:f8:85:76:85:e1:f2:3a:03:8f:2f:ae:64:ca:97:
98:bb:33:27:f6:56:f9:e9:9f:9e:f3:94:a2:04:96:
1d:b5:6f:64:34:bc:fc:1a:98:82:d8:1a:75:59:c5:
c7:0d:fc:24:64:eb:e3:f1:43:ff:9d:7b:46:57:13:
6b:ee:89:87:4e:b7:a9:6e:dc:8a:62:e3:b2:82:0d:
60:71:bc:44:70:3a:b6:1b:0e:b5:cf:4b:1d:63:e5:
23:ad:38:18:20:73:d4:fc:fc:c8:32:88:96:4a:7d:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6E:37:D1:4E:0C:4F:63:C2:48:A3:AA:B6:19:40:09:47:F0:A5:75
X509v3 Authority Key Identifier:
keyid:18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/tm430U4MT2PCSKOqthlACUfwpXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/GKhKjkdfZgbnoS-SszDWPY-IC-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.10.0/24
Signature Algorithm: sha256WithRSAEncryption
29:d0:a6:e9:76:20:e0:79:2e:a8:e8:90:81:ee:d8:82:8c:b3:
2e:d4:5b:8a:05:f8:a2:5f:d2:77:a6:3e:f4:1c:0c:3c:c1:f0:
69:eb:f4:bd:ab:0c:49:3d:59:a7:de:d8:90:8f:c8:4b:0e:95:
98:ad:4b:0c:62:85:43:7b:48:4a:da:48:27:fc:3e:7b:d8:f8:
5d:2f:55:71:d9:e3:18:24:e4:14:da:97:63:ab:39:89:6e:37:
25:54:22:47:1c:a2:7b:fb:41:80:94:dd:2b:d1:c0:11:3c:e9:
d7:c0:e1:4b:f1:eb:05:b9:d9:18:eb:25:ca:90:16:a7:a6:d4:
88:6e:03:16:00:20:2d:24:b6:dd:33:3b:80:96:48:2f:ff:cf:
2c:f3:0b:fc:50:e5:4e:63:53:ec:42:ba:d5:af:b2:ec:1e:9e:
1f:bd:21:07:fc:6e:da:bd:bf:51:52:a9:5d:a9:b0:59:b5:e5:
e5:f6:13:cb:74:a4:25:de:fa:9a:d1:68:4f:e5:cc:6e:9c:d0:
d9:cc:79:cb:85:6f:cb:fb:bd:a1:e2:7d:36:d4:94:3d:bc:dc:
d0:57:02:0d:df:83:0b:4a:c7:be:56:38:e1:e8:91:d5:38:91:
a6:84:38:4f:34:ce:a2:3b:d4:28:b2:72:96:aa:31:ea:00:e4:
eb:22:a8:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dV+xSL34JEcUptFSwE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YTg0YThlNDc1ZjY2MDZlN2ExMmY5MmIzMzBkNjNkOGY4
ODBiZTAwHhcNMjUwMTAyMTE0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZlMzdkMTRlMGM0ZjYzYzI0OGEzYWFiNjE5NDAwOTQ3ZjBhNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniCUKZp0n+dta+3A1BT6T8FKgfKF
GHTerN89bEaSxeJ9i4331jIaywQPAJ21z4PZs1DuUNtAekT2Cs8Pa4ICmnfvLAos
XkVzumYoNtgto16+sP4xTZhOePWhNN+hc/xLi/hWMLcJu8oKN8KkLaQhj/DiA0s8
gLPdQz24iJywdo9X/EvtrdE/AWry+caQLQc8izQWldRd+IV2heHyOgOPL65kypeY
uzMn9lb56Z+e85SiBJYdtW9kNLz8GpiC2Bp1WcXHDfwkZOvj8UP/nXtGVxNr7omH
TrepbtyKYuOygg1gcbxEcDq2Gw61z0sdY+UjrTgYIHPU/PzIMoiWSn1lfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZuN9FODE9jwkijqrYZQAlH8KV1MB8GA1UdIwQY
MBaAFBioSo5HX2YG56EvkrMw1j2PiAvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEt
ODdmNWI2NDc5ZDFlLzEvdG00MzBVNE1UMlBDU0tPcXRobEFDVWZ3cFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEtODdmNWI2NDc5ZDFl
LzEvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudAKMA0G
CSqGSIb3DQEBCwUAA4IBAQAp0KbpdiDgeS6o6JCB7tiCjLMu1FuKBfiiX9J3pj70
HAw8wfBp6/S9qwxJPVmn3tiQj8hLDpWYrUsMYoVDe0hK2kgn/D572PhdL1Vx2eMY
JOQU2pdjqzmJbjclVCJHHKJ7+0GAlN0r0cARPOnXwOFL8esFudkY6yXKkBanptSI
bgMWACAtJLbdMzuAlkgv/88s8wv8UOVOY1PsQrrVr7LsHp4fvSEH/G7avb9RUqld
qbBZteXl9hPLdKQl3vqa0WhP5cxunNDZzHnLhW/L+72h4n021JQ9vNzQVwIN34ML
Sse+Vjjh6JHVOJGmhDhPNM6iO9QosnKWqjHqAOTrIqjc
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:31:49 2025 by rpki-client