Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/tmHevFh7cecGEbNt-MyjqTOfsVk.roa
File: tmHevFh7cecGEbNt-MyjqTOfsVk.roa (raw, json)
Hash identifier: l/YF1PXj51v5CAdKXZvk/wmvpyDOPczDTvemOXws0fE=
Subject key identifier: B6:61:DE:BC:58:7B:71:E7:06:11:B3:6D:F8:CC:A3:A9:33:9F:B1:59
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018792FBB276E1D177AD86B1F9761FF89D02
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/tmHevFh7cecGEbNt-MyjqTOfsVk.roa
Signing time: Tue 18 Apr 2023 06:09:41 +0000
ROA not before: Tue 18 Apr 2023 06:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.82.32.0/21 maxlen: 24
109.111.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:92:fb:b2:76:e1:d1:77:ad:86:b1:f9:76:1f:f8:9d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Apr 18 06:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b661debc587b71e70611b36df8cca3a9339fb159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:81:d4:4d:c7:5d:34:19:24:17:f4:9f:e8:26:
a4:a4:6a:8c:f7:d5:1c:ad:5d:4e:5e:97:cb:72:ef:
d4:62:e3:11:9a:88:1b:9a:af:10:58:e6:fc:c0:bb:
fc:f8:26:dd:be:e7:4c:27:92:75:9c:18:84:2e:33:
e6:fe:4d:a5:3d:45:49:83:46:6a:f1:79:f2:6e:8c:
67:c0:14:2d:44:fc:7f:bc:4d:8e:4a:98:c9:ae:d5:
96:7f:63:ba:f6:96:62:24:6a:1b:3f:9c:3d:2b:26:
38:31:e0:98:30:1b:89:a9:b5:a8:94:46:3f:3f:a1:
07:ae:5b:36:05:2a:72:ea:48:a4:54:e3:66:35:f2:
ab:2d:69:e3:65:7d:5f:5c:9f:da:8d:b2:12:4b:28:
f9:f5:ee:50:cf:b8:f5:08:f0:be:19:03:62:93:8c:
48:37:09:ce:19:c9:e2:41:1d:b1:2c:4c:1b:12:12:
55:a2:3f:3d:7b:c9:ee:a8:34:b8:11:38:7e:22:7e:
f1:2b:9b:38:b4:8b:e1:f6:bf:48:c7:9a:ae:a2:f4:
fd:b2:d9:43:be:69:17:cf:9b:2c:7a:60:5d:f0:db:
d9:80:7d:f2:90:cd:fa:fc:35:39:ca:46:9e:4e:f9:
fa:a3:7e:1d:8a:04:a3:af:eb:b2:82:8f:16:ed:c5:
b0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:61:DE:BC:58:7B:71:E7:06:11:B3:6D:F8:CC:A3:A9:33:9F:B1:59
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/tmHevFh7cecGEbNt-MyjqTOfsVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.32.0/21
109.111.52.0/22
Signature Algorithm: sha256WithRSAEncryption
04:83:1e:24:36:a0:98:fe:3a:06:8c:6e:ad:e6:c3:83:99:53:
d8:36:93:de:e7:20:a1:c5:da:d2:a2:ca:b5:c0:6f:c3:97:dc:
c7:2d:f6:1c:b4:e4:43:14:61:30:8d:93:ed:97:64:d5:62:5a:
21:72:df:e1:72:51:e6:77:18:79:7f:4d:d0:cf:bd:56:a8:39:
d3:67:80:d9:82:3c:fc:9a:23:19:83:8f:1f:a0:88:b3:94:2a:
c5:2b:b2:5a:99:34:4c:5d:eb:be:ce:b5:15:1b:a9:c1:f4:40:
af:4c:ba:ff:c6:54:05:b6:10:c9:d2:ec:fe:59:20:fa:b0:4b:
1b:2d:32:9b:cd:71:44:8b:66:43:06:f3:c6:43:a4:ad:ee:8c:
4c:97:3b:17:17:80:d9:5e:df:5d:e6:47:c2:23:80:34:b9:a5:
e8:7f:3a:d8:f5:b3:8c:cb:f3:17:a0:7e:a9:92:d6:41:3d:cd:
3b:12:99:3d:02:61:6e:96:93:8b:bd:f7:1f:29:36:ac:e1:b0:
67:44:4b:3d:e5:cc:25:1a:9e:01:a9:5e:08:9f:fe:18:14:8c:
65:04:87:33:df:01:55:73:f7:7c:b8:b5:75:24:62:61:d1:20:
fe:18:bd:28:f2:9a:98:d9:69:21:aa:cd:3d:71:95:7a:32:60:
f2:48:2c:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeS+7J24dF3rYax+XYf+J0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwNDE4MDYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjYxZGViYzU4N2I3MWU3MDYxMWIzNmRmOGNjYTNhOTMzOWZiMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioHUTcddNBkkF/Sf6CakpGqM99Uc
rV1OXpfLcu/UYuMRmogbmq8QWOb8wLv8+CbdvudMJ5J1nBiELjPm/k2lPUVJg0Zq
8XnyboxnwBQtRPx/vE2OSpjJrtWWf2O69pZiJGobP5w9KyY4MeCYMBuJqbWolEY/
P6EHrls2BSpy6kikVONmNfKrLWnjZX1fXJ/ajbISSyj59e5Qz7j1CPC+GQNik4xI
NwnOGcniQR2xLEwbEhJVoj89e8nuqDS4ETh+In7xK5s4tIvh9r9Ix5quovT9stlD
vmkXz5ssemBd8NvZgH3ykM36/DU5ykaeTvn6o34digSjr+uygo8W7cWwLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLZh3rxYe3HnBhGzbfjMo6kzn7FZMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvdG1IZXZGaDdjZWNHRWJOdC1NeWpxVE9mc1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX1IgAwQC
bW80MA0GCSqGSIb3DQEBCwUAA4IBAQAEgx4kNqCY/joGjG6t5sODmVPYNpPe5yCh
xdrSosq1wG/Dl9zHLfYctORDFGEwjZPtl2TVYlohct/hclHmdxh5f03Qz71WqDnT
Z4DZgjz8miMZg48foIizlCrFK7JamTRMXeu+zrUVG6nB9ECvTLr/xlQFthDJ0uz+
WSD6sEsbLTKbzXFEi2ZDBvPGQ6St7oxMlzsXF4DZXt9d5kfCI4A0uaXofzrY9bOM
y/MXoH6pktZBPc07Epk9AmFulpOLvfcfKTas4bBnREs95cwlGp4BqV4In/4YFIxl
BIcz3wFVc/d8uLV1JGJh0SD+GL0o8pqY2Wkhqs09cZV6MmDySCyX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:00 2025 by rpki-client