Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/TsRkzMoLNrulyXPV2cgHGCc7SqI.roa
File: TsRkzMoLNrulyXPV2cgHGCc7SqI.roa (raw, json)
Hash identifier: xnWQJ3aaCq/mMma2bql618iTBD7Kv74UBqmUtuODXL8=
Subject key identifier: 4E:C4:64:CC:CA:0B:36:BB:A5:C9:73:D5:D9:C8:07:18:27:3B:4A:A2
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 018570398628F23EB13D8AB0340A319FFEE0
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/TsRkzMoLNrulyXPV2cgHGCc7SqI.roa
Signing time: Mon 02 Jan 2023 02:04:56 +0000
ROA not before: Mon 02 Jan 2023 02:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51747
IP address blocks: 176.74.192.0/21 maxlen: 21
5.133.192.0/19 maxlen: 20
151.252.24.0/21 maxlen: 21
185.12.248.0/22 maxlen: 22
185.12.148.0/22 maxlen: 22
151.248.0.0/21 maxlen: 21
80.248.224.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:86:28:f2:3e:b1:3d:8a:b0:34:0a:31:9f:fe:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 02:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ec464ccca0b36bba5c973d5d9c80718273b4aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d7:cf:7f:2c:53:80:5e:7d:1e:1b:71:2e:c7:
ab:83:b6:74:40:ec:1f:09:2f:97:08:c6:46:8e:80:
0d:4d:71:e3:66:29:a1:12:0e:3d:a0:78:e8:21:3a:
08:6c:ec:c0:8e:31:f7:58:a7:ed:35:22:b5:8a:fd:
55:6f:f4:a2:90:33:23:b0:02:40:d4:b3:fa:72:95:
fc:53:f0:b7:7a:42:df:f8:2f:d1:6d:47:18:fd:67:
50:4a:ad:a1:8a:24:51:0b:00:95:12:4e:d9:4f:2f:
ac:39:ca:ef:50:30:5d:c4:d2:8b:f2:3b:2b:0f:78:
6a:53:af:44:bf:e5:f2:6f:8d:e8:0f:12:c3:a5:78:
57:a4:8d:5c:5f:3e:70:45:2a:da:10:d7:5d:c8:5a:
0a:99:fc:79:29:8a:ee:4e:bb:ee:a1:74:f3:dd:01:
e1:8e:c1:33:3e:af:64:b9:7a:47:fd:1d:28:46:dd:
80:4f:6b:68:cb:d0:16:d9:58:a9:d7:40:e7:e8:dd:
85:c3:b8:f1:74:d1:4e:49:2a:0f:e0:8c:c6:2b:16:
b9:3b:5f:45:37:53:e3:73:5e:d7:f7:fa:06:a3:db:
d5:a5:13:65:d3:6f:a1:86:1d:ad:f4:85:40:fb:7f:
10:c1:b4:32:e3:6e:e7:0a:b0:e2:0e:92:5b:f2:34:
68:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C4:64:CC:CA:0B:36:BB:A5:C9:73:D5:D9:C8:07:18:27:3B:4A:A2
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/TsRkzMoLNrulyXPV2cgHGCc7SqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
80.248.224.0/20
151.248.0.0/21
151.252.24.0/21
176.74.192.0/21
185.12.148.0/22
185.12.248.0/22
Signature Algorithm: sha256WithRSAEncryption
84:33:b5:70:5d:d7:e7:5b:4a:3d:d5:09:10:2d:03:d1:0d:6d:
3d:f1:67:8b:67:af:2d:62:8b:22:ec:59:d7:9a:76:37:a8:ff:
20:4d:f2:70:7d:9c:0d:90:09:e3:8a:21:f6:2f:07:d1:50:be:
b7:95:59:68:8b:4c:3f:0a:78:22:50:cf:81:09:2b:79:af:08:
05:a3:6f:68:ce:f4:fd:c4:88:90:ce:2c:03:74:c8:12:88:16:
fb:c9:1c:cf:72:24:9c:68:27:bb:7f:c4:42:35:73:82:f0:ca:
b8:ff:d2:66:df:8b:2b:6b:f1:47:45:27:5e:39:4b:41:26:a6:
6d:60:36:81:53:de:a6:b0:b6:3d:34:ed:8b:84:74:6a:f4:79:
18:74:2b:b6:24:17:ff:19:05:48:f7:49:6a:ab:46:c6:36:21:
7f:92:7b:9e:85:0d:85:00:61:a0:b0:1d:7c:08:1b:d5:d1:64:
8a:0b:24:a5:e7:1b:29:ab:6f:dc:55:b5:98:55:4f:90:46:ee:
59:0b:11:10:7c:1a:be:b4:93:e2:c2:77:bc:74:7a:00:d9:13:
14:41:9b:2f:47:45:6f:6b:8f:24:a6:22:63:45:2d:f4:1d:28:
18:9a:3b:c3:b4:02:38:f2:66:64:30:55:d8:23:62:10:a2:ed:
cd:ba:7d:2a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwOYYo8j6xPYqwNAoxn/7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjMwMTAyMDIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM0NjRjY2NhMGIzNmJiYTVjOTczZDVkOWM4MDcxODI3M2I0YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdfPfyxTgF59HhtxLserg7Z0QOwf
CS+XCMZGjoANTXHjZimhEg49oHjoIToIbOzAjjH3WKftNSK1iv1Vb/SikDMjsAJA
1LP6cpX8U/C3ekLf+C/RbUcY/WdQSq2hiiRRCwCVEk7ZTy+sOcrvUDBdxNKL8jsr
D3hqU69Ev+Xyb43oDxLDpXhXpI1cXz5wRSraENddyFoKmfx5KYruTrvuoXTz3QHh
jsEzPq9kuXpH/R0oRt2AT2toy9AW2Vip10Dn6N2Fw7jxdNFOSSoP4IzGKxa5O19F
N1Pjc17X9/oGo9vVpRNl02+hhh2t9IVA+38QwbQy427nCrDiDpJb8jRoawIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE7EZMzKCza7pclz1dnIBxgnO0qiMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvVHNSa3pNb0xOcnVseVhQVjJjZ0hHQ2M3U3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFBYXAAwQE
UPjgAwQDl/gAAwQDl/wYAwQDsErAAwQCuQyUAwQCuQz4MA0GCSqGSIb3DQEBCwUA
A4IBAQCEM7VwXdfnW0o91QkQLQPRDW098WeLZ68tYosi7FnXmnY3qP8gTfJwfZwN
kAnjiiH2LwfRUL63lVloi0w/CngiUM+BCSt5rwgFo29ozvT9xIiQziwDdMgSiBb7
yRzPciScaCe7f8RCNXOC8Mq4/9Jm34sra/FHRSdeOUtBJqZtYDaBU96msLY9NO2L
hHRq9HkYdCu2JBf/GQVI90lqq0bGNiF/knuehQ2FAGGgsB18CBvV0WSKCySl5xsp
q2/cVbWYVU+QRu5ZCxEQfBq+tJPiwne8dHoA2RMUQZsvR0Vva48kpiJjRS30HSgY
mjvDtAI48mZkMFXYI2IQou3Nun0q
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:54 2025 by rpki-client