Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/TtbwLggbs_01HwPe84xM9Avnjcg.roa
File: TtbwLggbs_01HwPe84xM9Avnjcg.roa (raw, json)
Hash identifier: IkriLlMbsw5nFnx0YkabKrXcoprWrlNmQtceu+QC2xA=
Subject key identifier: 4E:D6:F0:2E:08:1B:B3:FD:35:1F:03:DE:F3:8C:4C:F4:0B:E7:8D:C8
Certificate issuer: /CN=2b04cf00ba4ee8cdd9ff44ae883e66bb3d1bafa0
Certificate serial: 01856FD51EB84CA35F78455572EE1B0D1A04
Authority key identifier: 2B:04:CF:00:BA:4E:E8:CD:D9:FF:44:AE:88:3E:66:BB:3D:1B:AF:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwTPALpO6M3Z_0SuiD5muz0br6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/TtbwLggbs_01HwPe84xM9Avnjcg.roa
Signing time: Mon 02 Jan 2023 00:15:16 +0000
ROA not before: Mon 02 Jan 2023 00:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31543
IP address blocks: 185.199.80.0/22 maxlen: 24
2a0a:9940::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1e:b8:4c:a3:5f:78:45:55:72:ee:1b:0d:1a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b04cf00ba4ee8cdd9ff44ae883e66bb3d1bafa0
Validity
Not Before: Jan 2 00:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ed6f02e081bb3fd351f03def38c4cf40be78dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4b:ad:1d:4e:a0:dd:66:dc:8e:e0:86:21:e8:
d5:31:ca:b7:d8:f5:71:e3:e7:fe:33:f1:0b:4c:07:
66:9e:b5:bb:e3:14:06:86:00:3c:1b:95:21:86:fa:
7d:5f:29:26:20:1c:6e:6a:d4:25:8e:3e:e2:1b:bd:
1a:22:4b:3b:6d:73:b6:70:15:e6:5b:40:e6:b9:79:
35:8b:d2:bd:e9:45:25:24:ef:45:7e:f1:b8:2f:7f:
5a:25:d2:e9:61:e9:2e:c7:3b:46:a1:e4:80:a8:0f:
45:44:44:cf:f7:b2:90:9a:8b:3a:12:37:87:8e:66:
1c:35:f0:db:ac:3d:39:f8:db:c4:8a:9a:2b:fc:0f:
da:34:6f:14:cd:8e:83:8b:db:fa:c1:39:ca:78:fe:
65:6d:6a:ab:31:4b:63:39:4f:52:d5:4f:a8:bd:8f:
28:47:97:b6:ea:9d:e3:aa:1d:57:65:93:9c:e4:77:
bc:51:c8:9f:10:fa:69:0d:df:8e:5d:87:4f:ab:7d:
28:e5:4f:d1:5f:52:6b:6d:c6:c1:3e:af:77:ef:62:
b5:fd:03:e3:09:7c:45:aa:26:42:a7:6b:c3:9f:9c:
5b:0c:19:5a:17:57:05:e5:0c:86:44:16:c8:97:4c:
b3:49:d9:bb:3b:08:f8:57:0d:0e:4e:ea:8f:b8:6c:
97:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D6:F0:2E:08:1B:B3:FD:35:1F:03:DE:F3:8C:4C:F4:0B:E7:8D:C8
X509v3 Authority Key Identifier:
keyid:2B:04:CF:00:BA:4E:E8:CD:D9:FF:44:AE:88:3E:66:BB:3D:1B:AF:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwTPALpO6M3Z_0SuiD5muz0br6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/TtbwLggbs_01HwPe84xM9Avnjcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/KwTPALpO6M3Z_0SuiD5muz0br6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.80.0/22
IPv6:
2a0a:9940::/29
Signature Algorithm: sha256WithRSAEncryption
0b:0f:89:99:ff:50:04:13:63:bc:c5:6c:52:a1:82:b2:7c:1e:
7d:8f:33:9f:6a:fa:df:db:b6:7a:f9:86:6f:db:d3:22:da:07:
a2:00:d8:8b:ae:7f:af:b1:7b:c0:8b:ff:0b:eb:f2:4d:f0:30:
ae:6a:27:ed:0c:2e:75:e8:92:48:c4:92:3e:fd:dd:0a:90:74:
88:d9:d8:3f:52:25:1d:01:85:f0:96:21:4b:93:54:31:be:c1:
02:d2:ab:95:be:86:d5:07:2a:51:60:00:80:33:e5:9b:82:4c:
f1:52:2d:3e:68:6b:cf:62:1e:9b:f6:f7:b4:fa:2f:de:89:fd:
73:8e:33:64:6c:72:64:99:0b:eb:19:40:13:72:cf:49:36:a4:
81:20:2b:0d:79:88:39:1f:c3:85:9b:88:7c:72:a7:2f:db:62:
3f:f7:ee:22:db:77:a7:4a:32:ec:2b:82:d1:c6:61:ba:aa:ca:
4b:35:61:8d:38:87:57:4b:82:0e:55:c7:85:f7:02:0f:c7:9f:
85:cb:69:8c:3c:b1:5b:02:10:8d:53:e6:59:1f:c9:0c:fe:bc:
d4:db:e9:e1:5f:42:13:e3:4b:08:17:8c:f6:56:f7:44:9c:4f:
48:50:2b:5f:b0:29:ad:1c:07:aa:fb:a7:07:40:80:bd:fc:27:
e5:f2:50:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1R64TKNfeEVVcu4bDRoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDRjZjAwYmE0ZWU4Y2RkOWZmNDRhZTg4M2U2NmJiM2Qx
YmFmYTAwHhcNMjMwMTAyMDAxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ2ZjAyZTA4MWJiM2ZkMzUxZjAzZGVmMzhjNGNmNDBiZTc4ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0utHU6g3WbcjuCGIejVMcq32PVx
4+f+M/ELTAdmnrW74xQGhgA8G5Uhhvp9XykmIBxuatQljj7iG70aIks7bXO2cBXm
W0DmuXk1i9K96UUlJO9FfvG4L39aJdLpYekuxztGoeSAqA9FRETP97KQmos6EjeH
jmYcNfDbrD05+NvEipor/A/aNG8UzY6Di9v6wTnKeP5lbWqrMUtjOU9S1U+ovY8o
R5e26p3jqh1XZZOc5He8UcifEPppDd+OXYdPq30o5U/RX1JrbcbBPq9372K1/QPj
CXxFqiZCp2vDn5xbDBlaF1cF5QyGRBbIl0yzSdm7Owj4Vw0OTuqPuGyX5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE7W8C4IG7P9NR8D3vOMTPQL543IMB8GA1UdIwQY
MBaAFCsEzwC6TujN2f9Erog+Zrs9G6+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dUUEFMcE82TTNaXzBTdWlENW11ejBicjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xN2JmN2QtYzY5ZS00YmU1LThhNDUt
ZmQ4ZWFkMjdjZmJhLzEvVHRid0xnZ2JzXzAxSHdQZTg0eE05QXZuamNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xN2JmN2QtYzY5ZS00YmU1LThhNDUtZmQ4ZWFkMjdjZmJh
LzEvS3dUUEFMcE82TTNaXzBTdWlENW11ejBicjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucdQMA0E
AgACMAcDBQMqCplAMA0GCSqGSIb3DQEBCwUAA4IBAQALD4mZ/1AEE2O8xWxSoYKy
fB59jzOfavrf27Z6+YZv29Mi2geiANiLrn+vsXvAi/8L6/JN8DCuaiftDC516JJI
xJI+/d0KkHSI2dg/UiUdAYXwliFLk1QxvsEC0quVvobVBypRYACAM+WbgkzxUi0+
aGvPYh6b9ve0+i/eif1zjjNkbHJkmQvrGUATcs9JNqSBICsNeYg5H8OFm4h8cqcv
22I/9+4i23enSjLsK4LRxmG6qspLNWGNOIdXS4IOVceF9wIPx5+Fy2mMPLFbAhCN
U+ZZH8kM/rzU2+nhX0IT40sIF4z2VvdEnE9IUCtfsCmtHAeq+6cHQIC9/Cfl8lA9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:32 2024 by rpki-client on console-fra.rpki-client.org