Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1f1c52-26a3-4370-a453-ec94770042d7/1/TiuxfJazYjGn1kKsJ5mf1Sx5CPw.roa
File: TiuxfJazYjGn1kKsJ5mf1Sx5CPw.roa (raw, json)
Hash identifier: AZylAq8Yc8ooWisnLyDygk8d5m/3V7OHstu+e+gHnbo=
Subject key identifier: 4E:2B:B1:7C:96:B3:62:31:A7:D6:42:AC:27:99:9F:D5:2C:79:08:FC
Certificate issuer: /CN=b4413b5e41e0141c49dbf3f9f117a7f467aaa2b9
Certificate serial: 01856D6F8A3B30398933AABCDE8298E9473D
Authority key identifier: B4:41:3B:5E:41:E0:14:1C:49:DB:F3:F9:F1:17:A7:F4:67:AA:A2:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEE7XkHgFBxJ2_P58Ren9Geqork.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1f1c52-26a3-4370-a453-ec94770042d7/1/TiuxfJazYjGn1kKsJ5mf1Sx5CPw.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30736
IP address blocks: 82.103.128.0/18 maxlen: 18
82.103.144.0/24 maxlen: 24
2a00:9080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:8a:3b:30:39:89:33:aa:bc:de:82:98:e9:47:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4413b5e41e0141c49dbf3f9f117a7f467aaa2b9
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e2bb17c96b36231a7d642ac27999fd52c7908fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:88:75:bc:8d:19:d8:cc:f6:88:00:8d:be:c4:
0a:b3:4d:a9:4c:22:93:94:65:37:a4:ab:14:17:ac:
52:d6:4b:cf:a4:7a:d3:ba:8c:da:a2:dc:29:da:0f:
29:2d:a3:bf:3d:f0:d9:4d:88:b5:a2:de:a8:1c:8c:
c8:8c:98:04:31:71:7f:e2:1c:42:64:ab:82:c6:d8:
d8:c3:96:ea:00:41:42:7a:37:b3:b0:7e:a0:6a:86:
dc:2d:78:eb:47:18:3b:1f:6a:c7:19:e9:51:79:ec:
e6:4f:bd:c7:d6:f4:95:63:1b:b7:3c:7a:c7:d1:b1:
bf:ae:62:db:98:a6:d4:dd:e9:e4:32:e5:d3:37:a9:
ab:27:f2:31:43:e3:00:6b:e4:26:44:ca:14:d5:c1:
0a:75:45:20:f4:36:e5:8d:9a:24:76:46:5e:94:d0:
c3:06:3b:e7:54:9d:1f:26:7b:45:94:4d:fe:21:12:
45:0d:c8:13:46:4a:9c:64:08:bb:aa:1f:12:ce:8f:
41:a2:8b:5c:23:8d:39:76:19:00:c8:0b:0e:43:b8:
a0:0a:bb:32:a7:eb:a5:13:dd:57:04:cf:ab:1f:91:
e5:4c:af:36:6f:77:e0:d4:cc:cc:1b:99:d6:b6:c2:
0b:6b:19:c9:82:d7:13:87:32:5e:ef:6e:ca:d5:a3:
c8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2B:B1:7C:96:B3:62:31:A7:D6:42:AC:27:99:9F:D5:2C:79:08:FC
X509v3 Authority Key Identifier:
keyid:B4:41:3B:5E:41:E0:14:1C:49:DB:F3:F9:F1:17:A7:F4:67:AA:A2:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEE7XkHgFBxJ2_P58Ren9Geqork.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1f1c52-26a3-4370-a453-ec94770042d7/1/TiuxfJazYjGn1kKsJ5mf1Sx5CPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1f1c52-26a3-4370-a453-ec94770042d7/1/tEE7XkHgFBxJ2_P58Ren9Geqork.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.103.128.0/18
IPv6:
2a00:9080::/32
Signature Algorithm: sha256WithRSAEncryption
42:48:64:f4:fa:9b:62:83:a9:d2:1a:74:e8:99:5c:e9:80:c8:
30:89:c9:f9:bb:d4:16:da:9c:99:3e:fb:e9:08:33:95:c4:f2:
35:ed:85:5d:2b:03:ad:96:21:00:89:27:32:eb:a0:62:d1:65:
26:d8:1f:9d:99:93:45:b2:d4:a1:9a:1b:1e:d7:b1:0e:9f:16:
63:e9:bd:60:99:b0:e8:2d:c5:54:e8:55:9a:58:0b:ca:98:5f:
f4:d0:ec:04:76:bb:44:05:2c:80:7e:aa:32:33:6b:37:9c:5c:
2b:86:41:97:eb:a4:80:3a:80:bd:0a:12:5c:f2:8e:4a:59:ed:
4f:96:e8:25:f4:46:9a:7a:b6:2f:70:73:c9:c1:96:bd:86:ad:
e7:ae:fd:da:bc:a5:23:4b:b7:c0:95:93:f7:f0:c9:60:34:54:
39:c1:34:d6:e1:f0:4c:7e:b6:93:79:1f:3c:4a:e5:7c:d5:4a:
aa:1a:db:9b:e5:57:0b:c4:2f:bd:bf:af:7b:48:7b:90:bd:fe:
39:58:6a:4c:ea:a5:d0:32:47:7f:5f:9d:5c:0c:f1:e9:75:f8:
8a:ea:39:fe:ce:65:e9:52:24:b5:79:6f:6f:c7:16:17:45:af:
8a:11:39:8c:7d:e0:b2:ae:2a:14:ae:b6:c3:82:b0:94:5b:8a:
46:86:3d:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtb4o7MDmJM6q83oKY6Uc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDEzYjVlNDFlMDE0MWM0OWRiZjNmOWYxMTdhN2Y0Njdh
YWEyYjkwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTJiYjE3Yzk2YjM2MjMxYTdkNjQyYWMyNzk5OWZkNTJjNzkwOGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYh1vI0Z2Mz2iACNvsQKs02pTCKT
lGU3pKsUF6xS1kvPpHrTuozaotwp2g8pLaO/PfDZTYi1ot6oHIzIjJgEMXF/4hxC
ZKuCxtjYw5bqAEFCejezsH6gaobcLXjrRxg7H2rHGelReezmT73H1vSVYxu3PHrH
0bG/rmLbmKbU3enkMuXTN6mrJ/IxQ+MAa+QmRMoU1cEKdUUg9DbljZokdkZelNDD
BjvnVJ0fJntFlE3+IRJFDcgTRkqcZAi7qh8Szo9BootcI405dhkAyAsOQ7igCrsy
p+ulE91XBM+rH5HlTK82b3fg1MzMG5nWtsILaxnJgtcThzJe727K1aPI8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE4rsXyWs2Ixp9ZCrCeZn9UseQj8MB8GA1UdIwQY
MBaAFLRBO15B4BQcSdvz+fEXp/RnqqK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVFN1hrSGdGQnhKMl9QNThSZW45R2Vxb3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xZjFjNTItMjZhMy00MzcwLWE0NTMt
ZWM5NDc3MDA0MmQ3LzEvVGl1eGZKYXpZakduMWtLc0o1bWYxU3g1Q1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xZjFjNTItMjZhMy00MzcwLWE0NTMtZWM5NDc3MDA0MmQ3
LzEvdEVFN1hrSGdGQnhKMl9QNThSZW45R2Vxb3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGUmeAMA0E
AgACMAcDBQAqAJCAMA0GCSqGSIb3DQEBCwUAA4IBAQBCSGT0+ptig6nSGnTomVzp
gMgwicn5u9QW2pyZPvvpCDOVxPI17YVdKwOtliEAiScy66Bi0WUm2B+dmZNFstSh
mhse17EOnxZj6b1gmbDoLcVU6FWaWAvKmF/00OwEdrtEBSyAfqoyM2s3nFwrhkGX
66SAOoC9ChJc8o5KWe1Plugl9EaaerYvcHPJwZa9hq3nrv3avKUjS7fAlZP38Mlg
NFQ5wTTW4fBMfraTeR88SuV81UqqGtub5VcLxC+9v697SHuQvf45WGpM6qXQMkd/
X51cDPHpdfiK6jn+zmXpUiS1eW9vxxYXRa+KETmMfeCyrioUrrbDgrCUW4pGhj0Z
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:06:37 2025 by rpki-client