Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TwUaDTXD4chtqsXVFJARRboThSA.roa
File: TwUaDTXD4chtqsXVFJARRboThSA.roa (raw, json)
Hash identifier: oxTi7uGyyOMHE7acBMUv3r52cqV1zjV9gAxDzCSfvXU=
Subject key identifier: 4F:05:1A:0D:35:C3:E1:C8:6D:AA:C5:D5:14:90:11:45:BA:13:85:20
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0193B1DC90C5081D13111D7137A4791CA81B
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TwUaDTXD4chtqsXVFJARRboThSA.roa
Signing time: Tue 10 Dec 2024 18:37:22 +0000
ROA not before: Tue 10 Dec 2024 18:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
62.164.240.0/20 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
84.247.59.0/24 maxlen: 24
86.104.8.0/24 maxlen: 24
88.135.96.0/20 maxlen: 24
89.34.171.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.48.0/20 maxlen: 24
121.127.56.0/21 maxlen: 24
168.75.224.0/20 maxlen: 24
176.222.48.0/22 maxlen: 24
192.200.192.0/19 maxlen: 24
194.149.76.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
212.32.96.0/20 maxlen: 24
212.32.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:dc:90:c5:08:1d:13:11:1d:71:37:a4:79:1c:a8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Dec 10 18:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f051a0d35c3e1c86daac5d514901145ba138520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cd:d7:c9:2f:69:ef:a6:4d:2b:26:a9:13:c2:
c3:e3:67:b2:a1:af:e7:d6:5a:d0:c7:ba:b6:17:c4:
61:90:b8:e8:e0:ca:e5:cd:86:d5:7d:b6:76:05:a2:
33:ca:9e:ee:65:65:4d:75:09:f2:ac:6d:aa:3e:8a:
53:6a:e0:fe:ed:d3:a6:eb:56:fa:4d:e1:61:9f:bd:
87:e7:94:91:aa:e0:42:90:29:86:70:09:32:39:eb:
2a:3c:ca:da:eb:8f:0c:9a:53:19:81:eb:bc:8a:02:
a8:f3:f5:a9:ca:f6:31:87:17:46:6e:0a:05:b1:96:
41:ba:aa:aa:b8:83:5d:b5:7d:1a:2b:0e:2b:e9:25:
09:6d:47:44:a8:17:1c:ab:a9:1c:d2:5e:f7:c7:5b:
15:ed:8c:ae:d6:68:bc:82:54:26:a2:04:75:ff:1f:
a2:16:87:39:11:0e:9a:e0:cd:81:4a:23:bd:86:c0:
87:b8:bc:f5:44:f1:36:43:a6:9b:d4:48:a8:ec:72:
67:dd:3a:6a:f5:59:3e:2c:b9:41:db:d3:ad:43:1b:
95:74:af:b7:fa:00:88:1a:8b:c4:1e:36:f9:16:e7:
27:f3:5e:98:b0:ca:70:34:a2:2e:fb:14:45:ec:2d:
44:ca:ee:27:51:0e:d7:78:62:fe:d4:90:89:39:15:
ba:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:05:1A:0D:35:C3:E1:C8:6D:AA:C5:D5:14:90:11:45:BA:13:85:20
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TwUaDTXD4chtqsXVFJARRboThSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/19
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
84.247.59.0/24
86.104.8.0/24
88.135.96.0/20
89.34.171.0/24
89.42.40.0/24
93.119.184.0/21
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.48.0/20
168.75.224.0/20
176.222.48.0/22
192.200.192.0/19
194.149.76.0/22
195.133.202.0/23
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
212.32.96.0/19
Signature Algorithm: sha256WithRSAEncryption
14:02:0c:99:94:bc:0f:24:9c:22:de:05:3e:38:87:17:ec:98:
74:d0:14:5f:8d:70:a8:ae:a2:e2:4c:2d:d3:e2:6a:75:47:ab:
71:55:ae:82:5c:35:1f:9d:32:5e:88:24:4f:8d:2f:9d:b5:a7:
c8:db:b0:79:c9:b7:2b:fe:cd:e9:df:bd:35:ca:e6:32:2e:0c:
57:15:62:70:fb:8b:10:b0:c1:aa:68:4c:7c:d6:93:59:28:37:
24:2f:7c:75:5e:43:fd:e1:84:e2:8b:94:86:2e:8b:b3:e4:68:
e9:c3:b5:c9:a7:24:89:3d:8a:9a:de:9e:d6:7c:cc:2c:ce:4e:
e1:6f:9e:f7:2a:84:22:50:f2:d0:7d:13:b0:71:cb:41:13:81:
c1:96:b0:cc:12:c1:01:40:6b:4e:2c:26:08:9a:61:94:06:63:
fc:b6:92:1a:5c:3c:04:6a:71:0e:cb:16:3c:09:fd:ff:01:bc:
5f:ac:e8:05:5c:8c:f0:7c:83:6f:ba:e3:f4:7b:c7:56:bb:d8:
d1:08:b5:67:3a:c6:f6:45:e5:5c:64:dd:29:31:da:d6:56:71:
cc:13:c6:dd:b3:ea:76:45:ef:68:db:75:4f:70:06:d7:7f:b3:
e2:22:91:d6:b7:ac:2e:4b:25:a9:40:70:fc:31:29:2b:cf:ce:
d0:0d:4f:64
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZOx3JDFCB0TER1xN6R5HKgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQxMjEwMTgzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA1MWEwZDM1YzNlMWM4NmRhYWM1ZDUxNDkwMTE0NWJhMTM4NTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM3XyS9p76ZNKyapE8LD42eyoa/n
1lrQx7q2F8RhkLjo4MrlzYbVfbZ2BaIzyp7uZWVNdQnyrG2qPopTauD+7dOm61b6
TeFhn72H55SRquBCkCmGcAkyOesqPMra648MmlMZgeu8igKo8/WpyvYxhxdGbgoF
sZZBuqqquINdtX0aKw4r6SUJbUdEqBccq6kc0l73x1sV7Yyu1mi8glQmogR1/x+i
Foc5EQ6a4M2BSiO9hsCHuLz1RPE2Q6ab1Eio7HJn3Tpq9Vk+LLlB29OtQxuVdK+3
+gCIGovEHjb5Fucn816YsMpwNKIu+xRF7C1Eyu4nUQ7XeGL+1JCJORW66QIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFE8FGg01w+HIbarF1RSQEUW6E4UgMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvVHdVYURUWEQ0Y2h0cXNYVkZKQVJSYm9UaFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAU+
pOADBARCCWADBAJCdQgwDAMEBk3fwAMEAU3fyAMEAU+LQAMEA1OOyAMEAFT3OwME
AFZoCAMEBFiHYAMEAFkiqwMEAFkqKAMEA113uAMEAV4abgMEAF5lZwMEA1+yCAME
A3QyEAMEBHl/MAMEBKhL4AMEArDeMAMEBcDIwAMEAsKVTAMEAcOFygMEBMYOEAME
AsaRcAMEAs2G9AMEBdQgYDANBgkqhkiG9w0BAQsFAAOCAQEAFAIMmZS8DyScIt4F
PjiHF+yYdNAUX41wqK6i4kwt0+JqdUercVWuglw1H50yXogkT40vnbWnyNuwecm3
K/7N6d+9NcrmMi4MVxVicPuLELDBqmhMfNaTWSg3JC98dV5D/eGE4ouUhi6Ls+Ro
6cO1yackiT2Kmt6e1nzMLM5O4W+e9yqEIlDy0H0TsHHLQROBwZawzBLBAUBrTiwm
CJphlAZj/LaSGlw8BGpxDssWPAn9/wG8X6zoBVyM8HyDb7rj9HvHVrvY0Qi1ZzrG
9kXlXGTdKTHa1lZxzBPG3bPqdkXvaNt1T3AG13+z4iKR1resLkslqUBw/DEpK8/O
0A1PZA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:32 2025 by rpki-client