Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/TzW0pUi4yeQI0iO6ti3Pdo5W2_E.roa
File: TzW0pUi4yeQI0iO6ti3Pdo5W2_E.roa (raw, json)
Hash identifier: xPfyYvTaE91S1T9nrobNP15wEOgl5aoIifQgYPEwxE0=
Subject key identifier: 4F:35:B4:A5:48:B8:C9:E4:08:D2:23:BA:B6:2D:CF:76:8E:56:DB:F1
Certificate issuer: /CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Certificate serial: 0185A5D16F2C33EE96815DDC9DC834E66966
Authority key identifier: 6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/TzW0pUi4yeQI0iO6ti3Pdo5W2_E.roa
Signing time: Thu 12 Jan 2023 11:50:44 +0000
ROA not before: Thu 12 Jan 2023 11:50:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.99.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:d1:6f:2c:33:ee:96:81:5d:dc:9d:c8:34:e6:69:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Validity
Not Before: Jan 12 11:50:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f35b4a548b8c9e408d223bab62dcf768e56dbf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d0:58:2a:70:c9:72:8d:a1:61:a0:4c:73:37:
1e:8b:66:2c:ba:94:ac:6a:2c:22:b8:b5:e3:a9:8f:
8e:5b:1d:d8:4f:a5:3d:63:3b:e3:34:c2:3c:90:03:
e2:b1:30:a4:b0:5f:8e:ea:67:14:25:68:b9:4b:22:
b0:c7:4a:84:ed:8c:94:d9:5f:c9:a8:b4:75:49:f5:
32:4b:87:d5:1c:ce:3b:c9:94:5a:5c:c1:0d:d1:2b:
52:b8:e1:00:b5:98:7c:21:10:b5:5a:b2:7c:18:4a:
3f:c1:d6:be:b6:5e:39:be:89:5c:bb:ef:3a:27:8a:
97:82:6b:88:94:b2:b3:52:db:90:ff:20:a0:b4:3a:
d8:4f:18:12:a7:f7:01:e9:f6:f5:52:b3:75:e5:ab:
43:bc:da:47:f6:e4:d6:a2:46:4e:00:08:99:bd:67:
75:5f:4d:64:62:17:14:9c:83:ad:16:05:22:3d:25:
60:95:4f:e9:d4:30:04:ba:f8:b7:c6:0a:6e:d7:93:
27:0b:f6:6d:bd:cd:0f:cb:6f:f4:14:ad:4c:33:2e:
96:ef:2e:89:ba:0d:76:ea:c0:1b:89:dc:02:30:43:
33:e4:8a:26:33:04:fc:0b:7f:89:b0:ef:01:fa:17:
13:ba:4a:6a:be:ce:df:40:4e:5a:45:9b:c3:f0:f9:
e1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:35:B4:A5:48:B8:C9:E4:08:D2:23:BA:B6:2D:CF:76:8E:56:DB:F1
X509v3 Authority Key Identifier:
keyid:6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/TzW0pUi4yeQI0iO6ti3Pdo5W2_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/bw16DrXKVJWQpAa8aT3x6NLLrgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.20.0/24
Signature Algorithm: sha256WithRSAEncryption
18:5e:d5:8d:b0:a3:1b:86:3a:8f:34:45:28:01:36:f6:b0:b8:
02:3b:cd:d0:97:53:f0:bc:73:62:0f:18:4f:46:f7:04:d2:e9:
3e:31:54:f3:97:41:32:f0:75:58:75:6b:94:34:d4:8e:76:42:
4d:b8:bd:57:f9:ba:0a:b7:f2:de:a4:47:cd:7b:42:6c:d4:da:
99:9e:30:a2:d6:3c:0e:44:ef:20:6a:59:24:38:62:35:e2:80:
32:0a:8f:82:3d:40:81:6f:70:95:f1:9d:c2:9f:43:0c:b3:b4:
55:8a:ac:f5:40:7b:24:8a:b4:50:b1:d5:bd:8e:8e:77:a8:36:
fd:8f:aa:c5:3e:7c:d1:df:7a:ab:a8:ca:f7:74:c4:e2:63:03:
74:4d:89:cf:25:96:09:f8:92:a7:52:df:91:a5:31:de:78:84:
e6:5b:0e:30:3d:a1:2c:8a:65:ea:70:5c:f1:10:b4:63:be:f6:
d7:a6:46:b5:16:3f:7d:2f:d5:6b:7e:18:2c:2d:52:1d:3c:d0:
7e:d2:90:10:e5:86:41:ec:1e:e5:13:39:bb:43:df:f8:33:a7:
f2:8e:fe:97:b6:22:ba:ce:02:ba:80:b1:32:dc:8c:21:42:cf:
22:96:2c:b0:36:32:18:de:1b:57:c7:1c:d2:2e:3b:fe:21:e9:
20:0f:a0:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWl0W8sM+6WgV3cncg05mlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGQ3YTBlYjVjYTU0OTU5MGE0MDZiYzY5M2RmMWU4ZDJj
YmFlMDQwHhcNMjMwMTEyMTE1MDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM1YjRhNTQ4YjhjOWU0MDhkMjIzYmFiNjJkY2Y3NjhlNTZkYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdBYKnDJco2hYaBMczcei2YsupSs
aiwiuLXjqY+OWx3YT6U9YzvjNMI8kAPisTCksF+O6mcUJWi5SyKwx0qE7YyU2V/J
qLR1SfUyS4fVHM47yZRaXMEN0StSuOEAtZh8IRC1WrJ8GEo/wda+tl45volcu+86
J4qXgmuIlLKzUtuQ/yCgtDrYTxgSp/cB6fb1UrN15atDvNpH9uTWokZOAAiZvWd1
X01kYhcUnIOtFgUiPSVglU/p1DAEuvi3xgpu15MnC/Ztvc0Py2/0FK1MMy6W7y6J
ug126sAbidwCMEMz5IomMwT8C3+JsO8B+hcTukpqvs7fQE5aRZvD8PnhBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE81tKVIuMnkCNIjurYtz3aOVtvxMB8GA1UdIwQY
MBaAFG8Neg61ylSVkKQGvGk98ejSy64EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUt
ZDE3OTA1M2Q4NDM0LzEvVHpXMHBVaTR5ZVFJMGlPNnRpM1BkbzVXMl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUtZDE3OTA1M2Q4NDM0
LzEvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G
CSqGSIb3DQEBCwUAA4IBAQAYXtWNsKMbhjqPNEUoATb2sLgCO83Ql1PwvHNiDxhP
RvcE0uk+MVTzl0Ey8HVYdWuUNNSOdkJNuL1X+boKt/LepEfNe0Js1NqZnjCi1jwO
RO8galkkOGI14oAyCo+CPUCBb3CV8Z3Cn0MMs7RViqz1QHskirRQsdW9jo53qDb9
j6rFPnzR33qrqMr3dMTiYwN0TYnPJZYJ+JKnUt+RpTHeeITmWw4wPaEsimXqcFzx
ELRjvvbXpka1Fj99L9VrfhgsLVIdPNB+0pAQ5YZB7B7lEzm7Q9/4M6fyjv6XtiK6
zgK6gLEy3IwhQs8iliywNjIY3htXxxzSLjv+IekgD6CW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:53 2025 by rpki-client