Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/TTn8sD8XVXKDyT7akuDl-7NaiVA.roa
File: TTn8sD8XVXKDyT7akuDl-7NaiVA.roa (raw, json)
Hash identifier: G+wfHyyl2e/lbOKV3OV3aaADlcnryO/8kE2PLZtYozg=
Subject key identifier: 4D:39:FC:B0:3F:17:55:72:83:C9:3E:DA:92:E0:E5:FB:B3:5A:89:50
Certificate issuer: /CN=8a7b85c316586b199d26bfc48fe2598939cb6fde
Certificate serial: 01948E9D13CAE81E7CB3FBFE697443369D55
Authority key identifier: 8A:7B:85:C3:16:58:6B:19:9D:26:BF:C4:8F:E2:59:89:39:CB:6F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inuFwxZYaxmdJr_Ej-JZiTnLb94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/TTn8sD8XVXKDyT7akuDl-7NaiVA.roa
Signing time: Wed 22 Jan 2025 15:24:06 +0000
ROA not before: Wed 22 Jan 2025 15:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22612
IP address blocks: 185.61.152.0/22 maxlen: 24
2a02:77e0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:9d:13:ca:e8:1e:7c:b3:fb:fe:69:74:43:36:9d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7b85c316586b199d26bfc48fe2598939cb6fde
Validity
Not Before: Jan 22 15:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d39fcb03f17557283c93eda92e0e5fbb35a8950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:e0:a8:3a:71:92:53:3a:9b:48:48:f9:8e:
44:01:e4:b1:40:7e:f9:76:6b:7f:1b:af:f6:dd:18:
5d:e4:bb:68:44:3b:f5:94:e0:64:8c:1b:90:9a:19:
cc:c7:0b:7e:c7:01:09:d9:8f:71:27:51:75:1e:ba:
25:37:cf:dc:1b:75:ec:48:b9:23:ba:1e:71:a6:fa:
6a:30:cb:9f:e7:53:5f:19:78:36:4e:2a:63:e5:85:
5d:9a:3b:96:d2:af:e7:f5:eb:57:88:34:e2:1f:97:
40:bf:a5:66:7f:d5:88:bc:6d:b2:fa:08:2c:08:aa:
b9:5e:03:ef:d5:ab:51:41:d6:2b:84:ba:15:80:75:
26:46:05:5b:33:f2:3c:e4:8c:c2:02:76:68:7a:36:
62:70:80:02:cf:44:8a:43:97:38:10:34:ba:85:e2:
47:39:05:42:31:6b:51:8c:57:33:db:95:5b:94:c6:
8e:b2:1e:a1:fe:f5:37:23:9c:66:55:41:55:d8:a1:
66:86:b3:cb:8f:f6:99:75:ee:44:0e:16:33:14:ec:
b6:b5:e0:4c:f0:7b:b5:84:f5:b9:4a:bf:91:c6:04:
f6:52:e8:79:76:7a:12:27:9b:b3:d8:51:52:35:eb:
26:8d:0d:3d:6e:3f:bf:46:4c:95:e0:32:3f:8c:75:
1f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:39:FC:B0:3F:17:55:72:83:C9:3E:DA:92:E0:E5:FB:B3:5A:89:50
X509v3 Authority Key Identifier:
keyid:8A:7B:85:C3:16:58:6B:19:9D:26:BF:C4:8F:E2:59:89:39:CB:6F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inuFwxZYaxmdJr_Ej-JZiTnLb94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/TTn8sD8XVXKDyT7akuDl-7NaiVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/inuFwxZYaxmdJr_Ej-JZiTnLb94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.152.0/22
IPv6:
2a02:77e0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:af:4e:f6:3a:ec:66:7b:e8:61:7f:ec:27:ed:e5:fb:91:2f:
fe:df:40:ab:5c:eb:f8:87:d6:35:98:50:11:14:38:db:7a:36:
6d:30:c3:15:41:36:16:e8:a0:88:2f:1e:12:0e:75:01:53:cc:
c2:5e:8a:75:f7:79:9a:79:c1:e4:db:82:ba:20:25:df:8b:bf:
1a:02:a7:72:9e:3b:f7:db:a3:61:5b:5a:8d:77:63:eb:ec:92:
5b:cc:15:df:fb:f3:6d:6f:34:1e:3f:41:d4:ec:a7:b3:30:c3:
73:19:e2:ee:5c:8c:83:b9:7d:a7:08:2f:cd:ae:6f:b6:bf:b7:
c3:79:20:99:5a:6e:2b:b9:ea:de:8e:6a:b2:58:e6:2c:da:cc:
fc:b7:25:54:7e:e1:4f:4c:c1:d9:17:00:e9:a1:4b:2b:86:0c:
1a:8f:43:06:fb:8a:d8:a5:bc:b2:99:78:65:5a:43:9b:26:93:
f3:e5:b2:07:18:79:85:b9:05:a5:9f:7b:12:41:4f:ac:57:a2:
23:e4:91:39:b0:83:f6:73:51:37:32:15:89:9c:d7:ee:cb:e1:
9f:11:7f:5a:39:ae:2b:b4:24:0d:67:6d:d7:48:36:b3:3e:85:
e6:44:83:d4:15:30:f8:91:78:f0:f8:f7:89:97:2e:1d:12:a8:
c6:9b:ed:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSOnRPK6B58s/v+aXRDNp1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2I4NWMzMTY1ODZiMTk5ZDI2YmZjNDhmZTI1OTg5Mzlj
YjZmZGUwHhcNMjUwMTIyMTUyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM5ZmNiMDNmMTc1NTcyODNjOTNlZGE5MmUwZTVmYmIzNWE4OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEDgqDpxklM6m0hI+Y5EAeSxQH75
dmt/G6/23Rhd5LtoRDv1lOBkjBuQmhnMxwt+xwEJ2Y9xJ1F1HrolN8/cG3XsSLkj
uh5xpvpqMMuf51NfGXg2Tipj5YVdmjuW0q/n9etXiDTiH5dAv6Vmf9WIvG2y+ggs
CKq5XgPv1atRQdYrhLoVgHUmRgVbM/I85IzCAnZoejZicIACz0SKQ5c4EDS6heJH
OQVCMWtRjFcz25VblMaOsh6h/vU3I5xmVUFV2KFmhrPLj/aZde5EDhYzFOy2teBM
8Hu1hPW5Sr+RxgT2Uuh5dnoSJ5uz2FFSNesmjQ09bj+/RkyV4DI/jHUfvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE05/LA/F1Vyg8k+2pLg5fuzWolQMB8GA1UdIwQY
MBaAFIp7hcMWWGsZnSa/xI/iWYk5y2/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW51Rnd4WllheG1kSnJfRWotSlppVG5MYjk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8wZGIzNDgtOGNhOC00MGRlLTgyY2Qt
MjlmMjBkYzhlYWY0LzEvVFRuOHNEOFhWWEtEeVQ3YWt1RGwtN05haVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8wZGIzNDgtOGNhOC00MGRlLTgyY2QtMjlmMjBkYzhlYWY0
LzEvaW51Rnd4WllheG1kSnJfRWotSlppVG5MYjk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2YMA0E
AgACMAcDBQAqAnfgMA0GCSqGSIb3DQEBCwUAA4IBAQAMr072Ouxme+hhf+wn7eX7
kS/+30CrXOv4h9Y1mFARFDjbejZtMMMVQTYW6KCILx4SDnUBU8zCXop193maecHk
24K6ICXfi78aAqdynjv326NhW1qNd2Pr7JJbzBXf+/NtbzQeP0HU7KezMMNzGeLu
XIyDuX2nCC/Nrm+2v7fDeSCZWm4ruerejmqyWOYs2sz8tyVUfuFPTMHZFwDpoUsr
hgwaj0MG+4rYpbyymXhlWkObJpPz5bIHGHmFuQWln3sSQU+sV6Ij5JE5sIP2c1E3
MhWJnNfuy+GfEX9aOa4rtCQNZ23XSDazPoXmRIPUFTD4kXjw+PeJly4dEqjGm+1r
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:36:29 2025 by rpki-client