Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/Txf80MkXSTTn2ljOJzv0GkMnx34.roa
File: Txf80MkXSTTn2ljOJzv0GkMnx34.roa (raw, json)
Hash identifier: vdUnWU6YgFVT7QhbWkECymH7oRQkuDLxKTTdTtuRWk4=
Subject key identifier: 4F:17:FC:D0:C9:17:49:34:E7:DA:58:CE:27:3B:F4:1A:43:27:C7:7E
Certificate issuer: /CN=541d6a9e7a0236dfceeb5505a8a9644f6242e667
Certificate serial: 01856C65CF25822A744A6166A87013FCD03C
Authority key identifier: 54:1D:6A:9E:7A:02:36:DF:CE:EB:55:05:A8:A9:64:4F:62:42:E6:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB1qnnoCNt_O61UFqKlkT2JC5mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/Txf80MkXSTTn2ljOJzv0GkMnx34.roa
Signing time: Sun 01 Jan 2023 08:14:49 +0000
ROA not before: Sun 01 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3212
IP address blocks: 185.72.60.0/24 maxlen: 24
185.72.60.0/22 maxlen: 22
86.58.0.0/17 maxlen: 17
82.149.0.0/19 maxlen: 19
194.152.0.0/19 maxlen: 19
178.79.64.0/18 maxlen: 18
213.161.0.0/19 maxlen: 19
2001:1688::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:cf:25:82:2a:74:4a:61:66:a8:70:13:fc:d0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541d6a9e7a0236dfceeb5505a8a9644f6242e667
Validity
Not Before: Jan 1 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f17fcd0c9174934e7da58ce273bf41a4327c77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:47:3d:3a:dc:19:e0:6b:6e:b9:f1:87:66:
42:40:f3:8d:5f:21:33:7a:c1:d1:cf:d6:7a:fe:de:
f4:9c:41:a2:6c:88:ac:1c:c3:0f:f6:bc:59:42:3d:
1a:f8:f9:5b:c9:12:ab:7c:f9:60:bb:69:48:09:bb:
04:bd:e9:ca:f4:0c:45:8d:e6:f3:13:c7:3f:82:ef:
fb:d6:7d:fa:b0:09:1c:8d:ad:87:bd:b9:34:71:2e:
e3:db:45:40:df:8e:44:46:3e:cf:a3:90:e2:74:16:
de:2c:97:2b:3d:5e:eb:94:76:70:1a:fc:e5:e9:6b:
b4:31:f6:ae:89:c2:e0:ea:71:11:02:8f:d2:01:29:
72:07:ed:46:5d:82:55:f8:bd:a6:50:ea:8c:13:d1:
d3:33:e6:6b:05:c1:10:40:ce:df:70:ca:43:a0:7c:
40:02:d7:d3:b4:0d:8a:88:3d:9a:ec:a9:a9:90:b2:
36:94:b8:a3:50:28:7f:fd:24:18:a4:2a:4b:a9:5e:
e7:f4:ac:39:d8:fd:5d:0d:f2:3e:e5:1e:5e:88:35:
86:f1:e7:da:1f:d0:3e:b5:af:b9:44:6a:42:c3:b1:
95:e1:71:21:6b:95:d8:33:df:c8:e7:00:9b:40:1a:
2d:06:ef:e9:97:1f:9c:3a:ca:91:c2:21:4e:cf:10:
57:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:17:FC:D0:C9:17:49:34:E7:DA:58:CE:27:3B:F4:1A:43:27:C7:7E
X509v3 Authority Key Identifier:
keyid:54:1D:6A:9E:7A:02:36:DF:CE:EB:55:05:A8:A9:64:4F:62:42:E6:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB1qnnoCNt_O61UFqKlkT2JC5mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/Txf80MkXSTTn2ljOJzv0GkMnx34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/VB1qnnoCNt_O61UFqKlkT2JC5mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.0.0/19
86.58.0.0/17
178.79.64.0/18
185.72.60.0/22
194.152.0.0/19
213.161.0.0/19
IPv6:
2001:1688::/29
Signature Algorithm: sha256WithRSAEncryption
66:7f:6a:99:59:b1:fc:05:7f:72:30:ac:3f:33:00:97:08:9b:
0f:d2:7d:f3:31:0c:c4:e6:6f:dc:d1:b5:83:df:d3:cb:d5:2b:
b6:d6:eb:17:55:96:ab:91:cb:ab:5b:9c:cb:ea:42:65:e2:e2:
a9:d3:5a:74:28:8b:e4:cc:03:52:01:9a:5a:7a:72:c5:a7:ec:
81:19:c3:e4:4e:1a:e6:46:fe:2c:a3:99:c6:02:91:a3:bb:4a:
6a:52:27:d5:47:d2:c4:8b:cb:f7:39:10:d2:21:87:f8:47:ce:
e4:3c:80:d7:87:84:d0:59:89:85:dd:fd:5f:80:9b:c0:aa:25:
22:16:6a:16:c2:63:a3:50:8a:f9:94:c9:37:ac:37:0a:f2:e8:
f5:39:16:71:bd:0d:27:2a:01:b9:24:c0:7c:c9:05:8c:75:b8:
0e:3e:43:2e:39:e2:05:6d:c5:17:f8:52:a5:9d:3b:67:89:50:
fc:58:45:c9:d2:28:68:c1:9e:12:9f:c3:73:a7:6d:9d:db:63:
ad:2c:de:d0:71:74:fb:34:4e:20:bb:c9:75:7c:92:e4:2b:b7:
dc:fc:42:24:7b:21:a9:64:00:b6:91:29:a6:cc:28:00:34:b8:
87:0f:fb:a9:d4:49:69:79:0f:0f:58:89:55:06:b3:c3:0a:1f:
6c:cb:ff:26
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsZc8lgip0SmFmqHAT/NA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWQ2YTllN2EwMjM2ZGZjZWViNTUwNWE4YTk2NDRmNjI0
MmU2NjcwHhcNMjMwMTAxMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjE3ZmNkMGM5MTc0OTM0ZTdkYTU4Y2UyNzNiZjQxYTQzMjdjNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm9HPTrcGeBrbrnxh2ZCQPONXyEz
esHRz9Z6/t70nEGibIisHMMP9rxZQj0a+PlbyRKrfPlgu2lICbsEvenK9AxFjebz
E8c/gu/71n36sAkcja2Hvbk0cS7j20VA345ERj7Po5DidBbeLJcrPV7rlHZwGvzl
6Wu0MfauicLg6nERAo/SASlyB+1GXYJV+L2mUOqME9HTM+ZrBcEQQM7fcMpDoHxA
AtfTtA2KiD2a7KmpkLI2lLijUCh//SQYpCpLqV7n9Kw52P1dDfI+5R5eiDWG8efa
H9A+ta+5RGpCw7GV4XEha5XYM9/I5wCbQBotBu/plx+cOsqRwiFOzxBXJQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFE8X/NDJF0k059pYzic79BpDJ8d+MB8GA1UdIwQY
MBaAFFQdap56AjbfzutVBaipZE9iQuZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkIxcW5ub0NOdF9PNjFVRnFLbGtUMkpDNW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mMWQ5MDItYjQ1ZC00MTJlLWIyNDYt
MzVmMGUxNzZlYTgyLzEvVHhmODBNa1hTVFRuMmxqT0p6djBHa01ueDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mMWQ5MDItYjQ1ZC00MTJlLWIyNDYtMzVmMGUxNzZlYTgy
LzEvVkIxcW5ub0NOdF9PNjFVRnFLbGtUMkpDNW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUpUAAwQH
VjoAAwQGsk9AAwQCuUg8AwQFwpgAAwQF1aEAMA0EAgACMAcDBQMgARaIMA0GCSqG
SIb3DQEBCwUAA4IBAQBmf2qZWbH8BX9yMKw/MwCXCJsP0n3zMQzE5m/c0bWD39PL
1Su21usXVZarkcurW5zL6kJl4uKp01p0KIvkzANSAZpaenLFp+yBGcPkThrmRv4s
o5nGApGju0pqUifVR9LEi8v3ORDSIYf4R87kPIDXh4TQWYmF3f1fgJvAqiUiFmoW
wmOjUIr5lMk3rDcK8uj1ORZxvQ0nKgG5JMB8yQWMdbgOPkMuOeIFbcUX+FKlnTtn
iVD8WEXJ0ihowZ4Sn8Nzp22d22OtLN7QcXT7NE4gu8l1fJLkK7fc/EIkeyGpZAC2
kSmmzCgANLiHD/up1ElpeQ8PWIlVBrPDCh9sy/8m
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:43:02 2025 by rpki-client