Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/TCZ0XfYPqImSh6yZZXoph8Flbvk.roa
File: TCZ0XfYPqImSh6yZZXoph8Flbvk.roa (raw, json)
Hash identifier: 2a3yACxbp8FVytYWmexCJgidVIghe4zejsnnsg+An2E=
Subject key identifier: 4C:26:74:5D:F6:0F:A8:89:92:87:AC:99:65:7A:29:87:C1:65:6E:F9
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 01887A3BFE54FC95A63D554C3F51430AAEA2
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/TCZ0XfYPqImSh6yZZXoph8Flbvk.roa
Signing time: Fri 02 Jun 2023 03:52:11 +0000
ROA not before: Fri 02 Jun 2023 03:52:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.143.11.0/24 maxlen: 24
45.143.9.0/24 maxlen: 24
94.143.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7a:3b:fe:54:fc:95:a6:3d:55:4c:3f:51:43:0a:ae:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jun 2 03:52:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c26745df60fa8899287ac99657a2987c1656ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:5f:9e:8f:a0:0a:17:49:91:1d:70:d4:2f:
64:f5:35:3d:c7:87:42:c1:49:7c:7d:fe:3d:a4:25:
cf:d3:13:7d:ae:e3:9f:1a:cc:f8:c8:d2:f2:ac:c5:
7b:27:e3:82:35:86:5c:5c:16:7f:f0:5f:c8:9c:c7:
36:2a:76:92:50:63:da:33:09:9b:e1:60:38:38:8e:
ef:eb:56:a9:31:00:c4:83:e6:a7:8b:56:d7:51:83:
26:41:6b:39:e3:64:9a:a5:02:a8:34:1a:51:da:97:
72:19:ef:aa:91:3a:ca:c0:30:bd:ee:0e:88:56:df:
87:92:2b:52:38:8b:87:89:fa:22:74:e0:e7:97:43:
f8:45:3a:59:30:a2:f0:b0:41:fd:3e:94:a1:60:20:
f9:a1:48:ca:77:94:a1:ed:3f:72:61:a7:47:a1:bf:
e6:60:6c:3f:1c:2d:9b:7b:48:91:40:a6:6a:13:99:
6b:28:79:96:a5:9d:16:6a:22:9b:73:85:8d:f5:21:
b4:05:d1:9c:18:92:18:23:a7:eb:4c:09:63:62:d4:
6e:e9:15:f1:ea:6b:ee:5e:e5:50:ba:e8:90:7c:5f:
31:96:67:ec:8c:f0:f2:28:2b:aa:5d:82:d4:65:07:
fb:5a:7f:9f:93:95:33:53:ca:eb:1d:ef:f9:d3:dd:
a3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:26:74:5D:F6:0F:A8:89:92:87:AC:99:65:7A:29:87:C1:65:6E:F9
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/TCZ0XfYPqImSh6yZZXoph8Flbvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.9.0/24
45.143.11.0/24
94.143.225.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:3b:08:88:2f:4f:aa:a0:e9:fd:98:3b:f3:32:42:65:f0:5d:
f8:88:20:24:8f:29:a4:76:22:3f:de:43:b5:2b:5a:51:df:ba:
3b:8a:b3:48:72:e7:1c:a7:bc:0a:81:0b:d0:8d:e1:90:e6:a1:
f9:7b:84:2f:6a:88:d9:0d:85:ff:e1:2a:8d:dc:02:36:5b:04:
1e:a2:6b:49:c5:26:dc:9c:3a:0c:b6:3b:aa:7c:29:4c:ef:77:
72:94:fb:bc:cf:cf:1c:ff:50:64:a3:fd:b8:17:23:e1:c7:93:
0e:2f:02:37:2f:d0:f8:b9:c7:c6:36:cc:59:c6:17:28:eb:c7:
99:e8:41:28:41:6e:90:86:a7:0c:71:74:88:f8:dd:26:6a:7a:
3a:f1:64:70:a4:b7:ad:b2:50:aa:af:74:c1:a3:20:67:fb:21:
9e:13:60:99:24:9a:61:9f:d3:17:ef:f5:b7:9d:47:58:89:c3:
8e:6f:17:f8:68:02:ad:cb:21:8c:1e:41:14:96:5d:bb:cf:2a:
ca:95:1e:67:f3:9e:51:41:59:c1:58:ef:eb:a6:92:b7:77:1b:
c8:b6:03:ea:ba:9c:ca:e9:28:a2:3c:c8:fd:79:95:f7:42:26:
cc:a1:4f:4a:56:b8:70:08:2b:36:68:c1:ed:fc:7a:7f:c4:c4:
5b:97:4a:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh6O/5U/JWmPVVMP1FDCq6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwNjAyMDM1MjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI2NzQ1ZGY2MGZhODg5OTI4N2FjOTk2NTdhMjk4N2MxNjU2ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJpfno+gChdJkR1w1C9k9TU9x4dC
wUl8ff49pCXP0xN9ruOfGsz4yNLyrMV7J+OCNYZcXBZ/8F/InMc2KnaSUGPaMwmb
4WA4OI7v61apMQDEg+ani1bXUYMmQWs542SapQKoNBpR2pdyGe+qkTrKwDC97g6I
Vt+HkitSOIuHifoidODnl0P4RTpZMKLwsEH9PpShYCD5oUjKd5Sh7T9yYadHob/m
YGw/HC2be0iRQKZqE5lrKHmWpZ0WaiKbc4WN9SG0BdGcGJIYI6frTAljYtRu6RXx
6mvuXuVQuuiQfF8xlmfsjPDyKCuqXYLUZQf7Wn+fk5UzU8rrHe/5092juQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEwmdF32D6iJkoesmWV6KYfBZW75MB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvVENaMFhmWVBxSW1TaDZ5WlpYb3BoOEZsYnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY8JAwQA
LY8LAwQAXo/hMA0GCSqGSIb3DQEBCwUAA4IBAQA/OwiIL0+qoOn9mDvzMkJl8F34
iCAkjymkdiI/3kO1K1pR37o7irNIcuccp7wKgQvQjeGQ5qH5e4QvaojZDYX/4SqN
3AI2WwQeomtJxSbcnDoMtjuqfClM73dylPu8z88c/1Bko/24FyPhx5MOLwI3L9D4
ucfGNsxZxhco68eZ6EEoQW6QhqcMcXSI+N0mano68WRwpLetslCqr3TBoyBn+yGe
E2CZJJphn9MX7/W3nUdYicOObxf4aAKtyyGMHkEUll27zyrKlR5n855RQVnBWO/r
ppK3dxvItgPqupzK6SiiPMj9eZX3QibMoU9KVrhwCCs2aMHt/Hp/xMRbl0oA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:47 2025 by rpki-client