Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/TjtgoaArWXIQWELqrqb3xw0fhW8.roa
File: TjtgoaArWXIQWELqrqb3xw0fhW8.roa (raw, json)
Hash identifier: U//dwICV6ljEsBioxVlDi+LuHGPP1lPYVY8ZQAvZ64M=
Subject key identifier: 4E:3B:60:A1:A0:2B:59:72:10:58:42:EA:AE:A6:F7:C7:0D:1F:85:6F
Certificate issuer: /CN=0dcda5d060ba9366bb4325828b57033bef18e3c0
Certificate serial: 019422FB7B89CA6C00241CDB334AB64B383E
Authority key identifier: 0D:CD:A5:D0:60:BA:93:66:BB:43:25:82:8B:57:03:3B:EF:18:E3:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dc2l0GC6k2a7QyWCi1cDO-8Y48A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/TjtgoaArWXIQWELqrqb3xw0fhW8.roa
Signing time: Wed 01 Jan 2025 17:48:13 +0000
ROA not before: Wed 01 Jan 2025 17:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207443
IP address blocks: 185.89.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7b:89:ca:6c:00:24:1c:db:33:4a:b6:4b:38:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dcda5d060ba9366bb4325828b57033bef18e3c0
Validity
Not Before: Jan 1 17:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e3b60a1a02b5972105842eaaea6f7c70d1f856f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d6:ad:61:83:34:77:9a:95:c7:30:bc:cc:3a:
53:7c:ec:57:01:3b:c2:64:f4:9a:2c:0a:45:cd:e6:
29:c3:4e:4c:e0:90:13:56:f9:58:0d:60:34:76:a7:
04:11:8d:cb:c6:c4:62:50:4f:66:6e:f5:8c:18:f3:
a2:6e:5a:09:4b:47:db:0b:e1:65:8a:39:97:71:18:
68:4f:66:8e:5a:f7:90:4a:56:8d:3e:07:43:90:48:
e5:36:69:86:5c:07:05:da:9b:78:f3:4f:e3:45:f4:
d1:67:ed:cb:1b:8c:c5:5a:a3:dd:5f:93:db:aa:e0:
24:99:3e:78:ec:ab:01:e8:36:56:d1:40:16:62:d7:
0a:99:0e:39:c6:05:46:10:1a:b9:75:9e:49:38:13:
31:a9:7b:26:26:1a:f7:67:1d:2c:42:3b:f4:4d:41:
34:0e:2f:6f:a0:0e:08:1e:aa:35:c2:d2:40:a5:23:
6c:49:5e:fd:ec:12:87:22:ad:d2:4d:d0:a1:ef:7e:
6f:9e:0a:3e:15:8e:a8:6a:4c:f3:43:01:cc:b6:c6:
be:71:58:79:1a:43:f3:83:59:48:f9:6d:6b:bd:a3:
a3:e3:46:2f:44:7b:6f:f0:c2:d5:ef:a1:5d:a5:f5:
53:78:b8:07:66:f7:09:47:c9:38:06:1b:e2:21:ee:
6e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3B:60:A1:A0:2B:59:72:10:58:42:EA:AE:A6:F7:C7:0D:1F:85:6F
X509v3 Authority Key Identifier:
keyid:0D:CD:A5:D0:60:BA:93:66:BB:43:25:82:8B:57:03:3B:EF:18:E3:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dc2l0GC6k2a7QyWCi1cDO-8Y48A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/TjtgoaArWXIQWELqrqb3xw0fhW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/Dc2l0GC6k2a7QyWCi1cDO-8Y48A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.97.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c2:7a:30:ce:62:0e:4e:30:d6:4a:9b:62:e5:c8:d0:b6:67:
e0:10:f7:3e:9a:67:bd:d5:f1:06:4b:5f:6c:54:f4:63:a7:12:
c9:af:8d:d6:ae:03:5f:10:cb:9f:8e:1d:a6:75:8c:f7:fa:d8:
6c:9a:4b:28:ef:f2:26:94:97:9e:b9:b0:86:48:f8:03:5c:2d:
67:c6:92:d5:02:d5:d1:ff:e4:a4:98:99:c6:d9:09:02:91:4c:
df:4c:21:40:7d:56:03:27:9a:f5:83:86:ea:ec:9d:c7:12:de:
22:40:e5:25:9d:75:9a:04:34:a4:e6:47:1a:a8:13:46:6a:f7:
85:bb:1d:01:42:59:cc:c6:e5:a6:e5:bd:fc:d0:b4:1b:b6:34:
23:0d:a0:04:62:0f:00:28:1f:49:ff:f8:fc:3c:cd:d3:5e:43:
4e:ab:18:10:d7:72:e7:33:eb:e5:e7:b1:16:5b:a7:21:e8:5f:
3f:7b:02:39:e8:a8:a4:ad:0f:36:d5:61:13:4a:36:50:67:e7:
1f:c2:c3:65:4f:05:fb:3a:ce:29:c0:1c:b6:92:7d:71:87:aa:
42:99:55:23:16:40:17:18:b1:c0:a4:fe:18:12:4e:e4:31:7f:
d9:73:4b:14:e9:56:e3:06:1c:5d:90:12:24:a5:4d:5b:10:3e:
08:ad:11:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+3uJymwAJBzbM0q2Szg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkY2RhNWQwNjBiYTkzNjZiYjQzMjU4MjhiNTcwMzNiZWYx
OGUzYzAwHhcNMjUwMTAxMTc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTNiNjBhMWEwMmI1OTcyMTA1ODQyZWFhZWE2ZjdjNzBkMWY4NTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09atYYM0d5qVxzC8zDpTfOxXATvC
ZPSaLApFzeYpw05M4JATVvlYDWA0dqcEEY3LxsRiUE9mbvWMGPOibloJS0fbC+Fl
ijmXcRhoT2aOWveQSlaNPgdDkEjlNmmGXAcF2pt480/jRfTRZ+3LG4zFWqPdX5Pb
quAkmT547KsB6DZW0UAWYtcKmQ45xgVGEBq5dZ5JOBMxqXsmJhr3Zx0sQjv0TUE0
Di9voA4IHqo1wtJApSNsSV797BKHIq3STdCh735vngo+FY6oakzzQwHMtsa+cVh5
GkPzg1lI+W1rvaOj40YvRHtv8MLV76FdpfVTeLgHZvcJR8k4BhviIe5ueQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE47YKGgK1lyEFhC6q6m98cNH4VvMB8GA1UdIwQY
MBaAFA3NpdBgupNmu0MlgotXAzvvGOPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGMybDBHQzZrMmE3UXlXQ2kxY0RPLThZNDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lMTYwMDEtNjUyNS00MDRiLTliNDkt
YTU3YjFiMzkyMjA1LzEvVGp0Z29hQXJXWElRV0VMcXJxYjN4dzBmaFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lMTYwMDEtNjUyNS00MDRiLTliNDktYTU3YjFiMzkyMjA1
LzEvRGMybDBHQzZrMmE3UXlXQ2kxY0RPLThZNDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVlhMA0G
CSqGSIb3DQEBCwUAA4IBAQApwnowzmIOTjDWSpti5cjQtmfgEPc+mme91fEGS19s
VPRjpxLJr43WrgNfEMufjh2mdYz3+thsmkso7/ImlJeeubCGSPgDXC1nxpLVAtXR
/+SkmJnG2QkCkUzfTCFAfVYDJ5r1g4bq7J3HEt4iQOUlnXWaBDSk5kcaqBNGaveF
ux0BQlnMxuWm5b380LQbtjQjDaAEYg8AKB9J//j8PM3TXkNOqxgQ13LnM+vl57EW
W6ch6F8/ewI56KikrQ821WETSjZQZ+cfwsNlTwX7Os4pwBy2kn1xh6pCmVUjFkAX
GLHApP4YEk7kMX/Zc0sU6VbjBhxdkBIkpU1bED4IrRGD
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:53 2025 by rpki-client