Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/TTErcRvAJPN9uHc6GdIO7vDrJCs.roa
File: TTErcRvAJPN9uHc6GdIO7vDrJCs.roa (raw, json)
Hash identifier: fe22e1/pIZ4MoRbQJdlXWDc1m6lq1JlHNVoWybui1N4=
Subject key identifier: 4D:31:2B:71:1B:C0:24:F3:7D:B8:77:3A:19:D2:0E:EE:F0:EB:24:2B
Certificate issuer: /CN=ff40503cb21a922897971726f6b7eecc253f1193
Certificate serial: 04DDF3E6
Authority key identifier: FF:40:50:3C:B2:1A:92:28:97:97:17:26:F6:B7:EE:CC:25:3F:11:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0BQPLIakiiXlxcm9rfuzCU_EZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/TTErcRvAJPN9uHc6GdIO7vDrJCs.roa
Signing time: Sat 01 Jan 2022 12:01:53 +0000
ROA not before: Sat 01 Jan 2022 12:01:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3221
IP address blocks: 171.22.244.0/22 maxlen: 22
193.40.0.0/16 maxlen: 16
2001:bb8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81654758 (0x4ddf3e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff40503cb21a922897971726f6b7eecc253f1193
Validity
Not Before: Jan 1 12:01:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d312b711bc024f37db8773a19d20eeef0eb242b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:24:bd:11:81:32:e5:71:cf:3d:77:5e:a2:57:
b4:4e:6c:da:d7:da:e7:67:7a:1f:5d:46:8d:84:5f:
22:f1:31:53:6a:a3:92:f6:d9:11:cc:13:13:32:40:
d9:8e:0d:65:e0:a8:c2:b7:7d:bf:0a:fb:f8:3b:1d:
9e:14:77:42:0c:12:70:59:b8:1d:47:2f:2b:9b:cc:
79:07:42:6a:88:98:e1:3b:41:73:ad:dd:5e:84:f9:
89:85:a5:ee:3b:2b:40:09:fa:5a:11:ad:fb:cf:2c:
33:1f:58:b7:1f:c6:01:df:d3:2d:b4:86:a1:6a:71:
a4:a6:86:98:7d:c0:d5:d1:9c:19:4c:48:c7:48:c6:
c2:a5:69:d5:9b:1c:62:c4:f3:16:fe:0d:b4:42:cf:
d8:f5:e1:4e:5c:8b:3a:03:f0:d9:68:7b:30:66:57:
03:92:1e:24:9c:cf:b6:7a:94:16:45:bc:5a:ef:60:
c9:20:93:cf:03:ad:a4:cf:5f:45:7c:cd:3c:90:a0:
f7:12:08:5c:cb:3b:59:f1:f6:e9:c2:58:f9:61:71:
40:86:53:ab:43:2a:98:d7:41:6f:20:cc:10:04:72:
0a:fa:18:a1:43:9b:a1:22:53:c3:d5:d5:6c:96:f1:
b1:ee:9c:4a:18:74:1e:e9:7c:0a:49:36:07:2c:5f:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:31:2B:71:1B:C0:24:F3:7D:B8:77:3A:19:D2:0E:EE:F0:EB:24:2B
X509v3 Authority Key Identifier:
keyid:FF:40:50:3C:B2:1A:92:28:97:97:17:26:F6:B7:EE:CC:25:3F:11:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0BQPLIakiiXlxcm9rfuzCU_EZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/TTErcRvAJPN9uHc6GdIO7vDrJCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/_0BQPLIakiiXlxcm9rfuzCU_EZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.244.0/22
193.40.0.0/16
IPv6:
2001:bb8::/32
Signature Algorithm: sha256WithRSAEncryption
10:ef:b6:ce:90:9b:18:22:24:f4:b5:40:0f:00:e4:bd:9c:53:
80:f2:44:86:33:39:69:e4:a6:52:03:c6:ec:e8:99:ae:f0:4c:
a7:c3:28:4b:23:9b:5f:53:c5:94:fa:a1:54:94:d3:09:f5:cc:
13:89:97:99:2d:62:49:8f:a9:d0:cd:9e:88:2c:e6:b9:3a:9e:
b0:60:86:96:2c:8b:a6:58:01:d4:b7:a7:91:8f:4b:e0:26:6f:
fa:0b:71:90:4b:b5:5a:b4:14:66:67:2d:11:a6:1d:a8:a5:2c:
a2:52:49:ec:d9:c0:fe:2c:1c:56:1c:be:10:ea:8a:af:63:d9:
29:0d:a4:27:66:75:35:e8:d5:22:b9:ef:e5:11:f3:07:e5:bb:
57:c6:b2:49:c1:6f:15:a5:16:68:82:d6:7d:5f:50:d0:30:0f:
60:d9:bf:b4:6f:18:c2:a2:47:c2:c0:4c:69:d8:2d:60:89:25:
0b:99:a3:77:93:ad:72:d7:6a:88:85:2d:75:16:64:7d:a1:c5:
2c:d1:b4:1e:27:46:cc:78:d2:a9:22:7f:32:60:2f:16:67:b5:
42:86:e1:f4:c6:6b:13:f4:bb:ed:eb:f3:50:47:6e:d1:d6:df:
c1:b2:e7:9d:dd:1d:9c:33:fc:5f:ab:48:1c:bc:95:f4:95:ac:
63:62:81:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBN3z5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjQwNTAzY2IyMWE5MjI4OTc5NzE3MjZmNmI3ZWVjYzI1M2YxMTkzMB4XDTIyMDEw
MTEyMDE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQzMTJiNzExYmMw
MjRmMzdkYjg3NzNhMTlkMjBlZWVmMGViMjQyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMkvRGBMuVxzz13XqJXtE5s2tfa52d6H11GjYRfIvExU2qj
kvbZEcwTEzJA2Y4NZeCowrd9vwr7+DsdnhR3QgwScFm4HUcvK5vMeQdCaoiY4TtB
c63dXoT5iYWl7jsrQAn6WhGt+88sMx9Ytx/GAd/TLbSGoWpxpKaGmH3A1dGcGUxI
x0jGwqVp1ZscYsTzFv4NtELP2PXhTlyLOgPw2Wh7MGZXA5IeJJzPtnqUFkW8Wu9g
ySCTzwOtpM9fRXzNPJCg9xIIXMs7WfH26cJY+WFxQIZTq0MqmNdBbyDMEARyCvoY
oUOboSJTw9XVbJbxse6cShh0Hul8Ckk2ByxfnTUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRNMStxG8Ak8324dzoZ0g7u8OskKzAfBgNVHSMEGDAWgBT/QFA8shqSKJeX
Fyb2t+7MJT8RkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wQlFQTElha2lpWGx4Y205cmZ1ekNVX0VaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvNTI5NDE0LWQ3YTUtNDllYi05YmQ2LWNiZjFiYmIwZmQxOC8x
L1RURXJjUnZBSlBOOXVIYzZHZElPN3ZEckpDcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
NTI5NDE0LWQ3YTUtNDllYi05YmQ2LWNiZjFiYmIwZmQxOC8xL18wQlFQTElha2lp
WGx4Y205cmZ1ekNVX0VaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMEAqsW9AMDAMEoMA0EAgACMAcDBQAg
AQu4MA0GCSqGSIb3DQEBCwUAA4IBAQAQ77bOkJsYIiT0tUAPAOS9nFOA8kSGMzlp
5KZSA8bs6Jmu8EynwyhLI5tfU8WU+qFUlNMJ9cwTiZeZLWJJj6nQzZ6ILOa5Op6w
YIaWLIumWAHUt6eRj0vgJm/6C3GQS7VatBRmZy0Rph2opSyiUkns2cD+LBxWHL4Q
6oqvY9kpDaQnZnU16NUiue/lEfMH5btXxrJJwW8VpRZogtZ9X1DQMA9g2b+0bxjC
okfCwExp2C1giSULmaN3k61y12qIhS11FmR9ocUs0bQeJ0bMeNKpIn8yYC8WZ7VC
huH0xmsT9Lvt6/NQR27R1t/Bsued3R2cM/xfq0gcvJX0laxjYoGw
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:01:42 2025 by rpki-client