Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/tTKIWO2D8mh3q2Kj6jIbH5RdH5g.roa
File: tTKIWO2D8mh3q2Kj6jIbH5RdH5g.roa (raw, json)
Hash identifier: HA1EYE7PWw2dz0rkE9632D3+9HS0/IleKnVLukeZOA0=
Subject key identifier: B5:32:88:58:ED:83:F2:68:77:AB:62:A3:EA:32:1B:1F:94:5D:1F:98
Certificate issuer: /CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Certificate serial: 01890206A6CB64CFA6AE280ACE0578F06B83
Authority key identifier: 85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/tTKIWO2D8mh3q2Kj6jIbH5RdH5g.roa
Signing time: Wed 28 Jun 2023 12:42:17 +0000
ROA not before: Wed 28 Jun 2023 12:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 83.143.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:06:a6:cb:64:cf:a6:ae:28:0a:ce:05:78:f0:6b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Validity
Not Before: Jun 28 12:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5328858ed83f26877ab62a3ea321b1f945d1f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:13:9f:bc:bf:89:ac:5c:7c:af:f1:e4:24:0f:
62:67:86:f3:a2:bc:93:8d:a9:7f:84:b0:93:77:f2:
30:af:92:df:71:01:5d:23:e7:c5:6a:fb:18:fe:1b:
be:1f:36:f4:5e:63:8b:58:fa:69:0d:eb:5a:66:32:
24:11:92:0e:50:99:5d:4a:71:ec:81:21:d2:5f:51:
df:a7:b0:72:63:f0:88:1d:cc:cf:5a:3e:3d:45:26:
8c:1e:c5:ad:a7:66:c2:04:ac:32:d9:7d:0a:82:6d:
cd:93:ff:ee:b1:35:69:73:7e:45:18:fc:3d:e3:b9:
8e:ab:c9:8b:b7:ac:31:43:d1:b4:b2:52:ea:a9:7a:
15:48:35:14:3e:77:41:21:c4:9f:b6:65:94:cb:f5:
d0:ca:d0:51:26:89:b8:bc:ea:bf:c9:e3:37:d6:02:
67:fa:22:9e:94:96:01:c4:d0:85:c1:fc:ee:01:73:
8d:f8:eb:0f:46:3a:c6:f6:0d:52:74:c7:9e:43:e2:
60:65:fc:a9:f6:1c:0c:56:71:21:12:a9:5b:47:7d:
40:9b:ae:90:63:20:e3:02:5a:c9:c7:f1:5b:64:4f:
d1:67:22:d3:8a:ab:1c:e7:f7:d8:e7:86:60:d7:45:
b1:68:29:72:34:af:5a:1a:93:99:ee:23:55:98:b1:
53:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:32:88:58:ED:83:F2:68:77:AB:62:A3:EA:32:1B:1F:94:5D:1F:98
X509v3 Authority Key Identifier:
keyid:85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/tTKIWO2D8mh3q2Kj6jIbH5RdH5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.16.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:92:34:4f:b7:de:dd:fc:32:70:6d:64:d4:8c:c0:3b:40:ac:
ca:77:c1:a2:cf:b0:a8:02:0b:22:c6:74:e5:af:c0:68:36:c3:
44:bd:0a:a9:0e:73:98:dd:c2:72:a2:88:6b:6f:57:a8:c5:fb:
c2:a2:c4:49:f3:db:97:fe:4e:7c:87:3f:c2:09:c0:5d:cf:3b:
c6:8b:72:4d:e6:bf:a3:db:84:7d:71:35:55:c4:4d:f6:a6:1c:
e5:50:69:83:4e:8b:0e:09:51:19:d6:95:a6:a4:fa:99:02:db:
3f:00:fe:d9:2e:4d:1e:38:5c:d5:63:2b:fd:f5:da:6e:dc:22:
0f:23:59:6e:e4:3d:df:b7:cb:d2:8c:09:d3:4d:15:92:cc:b9:
e8:ec:6f:11:1c:78:bf:c1:0f:23:6a:8b:2f:52:c8:c4:76:19:
01:38:0d:0e:6d:e3:e9:ca:82:78:0d:21:8e:4e:26:b2:57:43:
a6:81:31:07:00:f4:4a:ec:5d:0a:99:20:d9:20:3b:1c:dd:82:
3f:3d:ba:35:e3:90:c4:41:4e:a7:06:71:da:5b:7a:bc:e2:a6:
a2:b6:da:0f:c0:e9:05:1d:7b:90:70:04:37:59:93:47:b9:5e:
af:c8:ba:d8:1f:36:22:43:7c:47:48:e9:0c:ef:6a:7d:d7:59:
9b:7d:ed:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkCBqbLZM+mrigKzgV48GuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmI4NWFkZDA5ZjQ4NzZlYTZhYWE4OGQ0ZDg4YzgxY2Ni
NmIxMGEwHhcNMjMwNjI4MTI0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTMyODg1OGVkODNmMjY4NzdhYjYyYTNlYTMyMWIxZjk0NWQxZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBOfvL+JrFx8r/HkJA9iZ4bzoryT
jal/hLCTd/Iwr5LfcQFdI+fFavsY/hu+Hzb0XmOLWPppDetaZjIkEZIOUJldSnHs
gSHSX1Hfp7ByY/CIHczPWj49RSaMHsWtp2bCBKwy2X0Kgm3Nk//usTVpc35FGPw9
47mOq8mLt6wxQ9G0slLqqXoVSDUUPndBIcSftmWUy/XQytBRJom4vOq/yeM31gJn
+iKelJYBxNCFwfzuAXON+OsPRjrG9g1SdMeeQ+JgZfyp9hwMVnEhEqlbR31Am66Q
YyDjAlrJx/FbZE/RZyLTiqsc5/fY54Zg10WxaClyNK9aGpOZ7iNVmLFTUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUyiFjtg/Jod6tio+oyGx+UXR+YMB8GA1UdIwQY
MBaAFIX7ha3Qn0h26mqqiNTYjIHMtrEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2It
YzYxNjFjZTM5NWFmLzEvdFRLSVdPMkQ4bWgzcTJLajZqSWJINVJkSDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2ItYzYxNjFjZTM5NWFm
LzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU48QMA0G
CSqGSIb3DQEBCwUAA4IBAQCxkjRPt97d/DJwbWTUjMA7QKzKd8Giz7CoAgsixnTl
r8BoNsNEvQqpDnOY3cJyoohrb1eoxfvCosRJ89uX/k58hz/CCcBdzzvGi3JN5r+j
24R9cTVVxE32phzlUGmDTosOCVEZ1pWmpPqZAts/AP7ZLk0eOFzVYyv99dpu3CIP
I1lu5D3ft8vSjAnTTRWSzLno7G8RHHi/wQ8jaosvUsjEdhkBOA0ObePpyoJ4DSGO
TiayV0OmgTEHAPRK7F0KmSDZIDsc3YI/Pbo145DEQU6nBnHaW3q84qaittoPwOkF
HXuQcAQ3WZNHuV6vyLrYHzYiQ3xHSOkM72p911mbfe17
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:21:11 2025 by rpki-client