Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/twIisTPbM6AdEjV6f4KTk-20F_c.roa
File: twIisTPbM6AdEjV6f4KTk-20F_c.roa (raw, json)
Hash identifier: 0Wp4JkBq2L75yuidZ+H/0PWTS6z+FuA9e4XMS9HcJmM=
Subject key identifier: B7:02:22:B1:33:DB:33:A0:1D:12:35:7A:7F:82:93:93:ED:B4:17:F7
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA36B69E0E1268FD14E25D90DBD604
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/twIisTPbM6AdEjV6f4KTk-20F_c.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44277
IP address blocks: 85.204.23.0/24 maxlen: 24
86.106.99.0/24 maxlen: 24
89.35.115.0/24 maxlen: 24
89.43.61.0/24 maxlen: 24
93.118.39.0/24 maxlen: 24
188.214.226.0/24 maxlen: 24
188.240.198.0/23 maxlen: 23
188.241.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:36:b6:9e:0e:12:68:fd:14:e2:5d:90:db:d6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b70222b133db33a01d12357a7f829393edb417f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:75:15:0a:a2:68:84:8a:04:6a:fd:5b:d2:9a:
72:dd:06:57:9f:e9:d7:b8:83:e6:57:53:92:41:12:
91:c4:49:ab:44:ea:4f:a1:f6:bb:b4:60:f1:42:5e:
b2:e7:ec:04:42:55:a4:65:7a:33:6f:f6:1c:ff:c1:
6b:50:e1:4c:28:42:34:45:57:da:30:8f:9e:3d:ee:
1d:c0:7a:56:59:68:63:75:70:3a:0c:54:b6:5c:d6:
31:c3:0d:00:3b:3c:a6:43:89:2e:60:df:9a:bf:52:
73:67:ef:8c:95:b7:87:2b:60:33:fd:da:f4:47:62:
3d:f1:c8:3b:ac:0d:b5:cd:40:30:75:7f:63:14:0a:
57:16:71:11:36:2b:5e:f9:de:92:2b:b9:ac:f3:2b:
bc:8f:c2:2a:e5:3d:ce:37:a2:aa:e0:43:e0:de:a7:
94:6c:84:2a:a8:70:bc:4a:a1:b7:6d:18:0b:6a:a1:
e0:4c:67:95:b3:a7:12:f0:5e:4a:47:c8:89:fd:cf:
28:4b:1d:ac:5f:7a:a0:73:b1:dc:ca:87:5e:a1:fb:
54:55:1b:d6:52:44:1f:13:10:b4:a8:a6:bd:23:74:
13:9d:d5:7a:4c:d7:cb:97:9c:ab:6b:f5:f3:d2:33:
5a:8c:2f:4e:b6:e5:f4:23:ca:27:eb:e8:2e:2a:1f:
cb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:02:22:B1:33:DB:33:A0:1D:12:35:7A:7F:82:93:93:ED:B4:17:F7
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/twIisTPbM6AdEjV6f4KTk-20F_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.23.0/24
86.106.99.0/24
89.35.115.0/24
89.43.61.0/24
93.118.39.0/24
188.214.226.0/24
188.240.198.0/23
188.241.108.0/24
Signature Algorithm: sha256WithRSAEncryption
22:56:aa:5f:87:b3:64:f4:d2:c2:8f:31:f6:d5:7c:83:00:a1:
3a:8c:bf:65:3c:5a:bc:d7:4e:04:89:3d:84:8a:28:d8:c9:04:
e5:e8:9c:88:26:a6:e8:40:06:1f:d6:36:92:4e:4a:c2:9b:bb:
2d:8b:6e:0c:10:80:b7:a3:0f:18:7c:44:06:37:c1:82:56:70:
62:64:f9:e0:4c:ee:2b:80:52:ea:39:cd:4c:5e:62:50:17:0d:
00:4e:f9:9a:d9:f2:18:b3:bf:7e:33:4c:36:e6:ec:84:60:0d:
be:27:35:d0:c0:9d:3f:e5:db:49:e4:e3:84:83:72:ad:12:78:
c1:7e:39:d8:99:06:44:7c:bf:be:fd:5a:a3:69:df:23:34:a8:
29:2f:4c:48:0b:99:ed:e5:70:09:6f:e9:e0:4f:8d:00:92:0e:
af:df:70:30:d6:0e:92:05:72:04:d9:5e:4e:0b:47:1a:fc:e2:
33:5b:6d:37:9f:03:7d:7c:1b:fb:36:09:41:8a:b6:c7:61:d0:
0b:80:c7:47:17:ce:8f:86:c1:9d:6c:10:6c:1e:4d:82:95:75:
7c:44:a7:08:1c:8c:b2:bd:48:ab:6e:e1:bf:09:3d:3a:20:8a:
7d:92:83:2a:54:ed:66:b6:53:5f:15:27:e6:4a:2e:e2:52:ea:
75:e7:a3:fa
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQf+ja2ng4SaP0U4l2Q29YEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAyMjJiMTMzZGIzM2EwMWQxMjM1N2E3ZjgyOTM5M2VkYjQxN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3UVCqJohIoEav1b0ppy3QZXn+nX
uIPmV1OSQRKRxEmrROpPofa7tGDxQl6y5+wEQlWkZXozb/Yc/8FrUOFMKEI0RVfa
MI+ePe4dwHpWWWhjdXA6DFS2XNYxww0AOzymQ4kuYN+av1JzZ++MlbeHK2Az/dr0
R2I98cg7rA21zUAwdX9jFApXFnERNite+d6SK7ms8yu8j8Iq5T3ON6Kq4EPg3qeU
bIQqqHC8SqG3bRgLaqHgTGeVs6cS8F5KR8iJ/c8oSx2sX3qgc7HcyodeoftUVRvW
UkQfExC0qKa9I3QTndV6TNfLl5yra/Xz0jNajC9OtuX0I8on6+guKh/LJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLcCIrEz2zOgHRI1en+Ck5PttBf3MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvdHdJaXNUUGJNNkFkRWpWNmY0S1RrLTIwRl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVcwXAwQA
VmpjAwQAWSNzAwQAWSs9AwQAXXYnAwQAvNbiAwQBvPDGAwQAvPFsMA0GCSqGSIb3
DQEBCwUAA4IBAQAiVqpfh7Nk9NLCjzH21XyDAKE6jL9lPFq8104EiT2EiijYyQTl
6JyIJqboQAYf1jaSTkrCm7sti24MEIC3ow8YfEQGN8GCVnBiZPngTO4rgFLqOc1M
XmJQFw0ATvma2fIYs79+M0w25uyEYA2+JzXQwJ0/5dtJ5OOEg3KtEnjBfjnYmQZE
fL++/Vqjad8jNKgpL0xIC5nt5XAJb+ngT40Akg6v33Aw1g6SBXIE2V5OC0ca/OIz
W203nwN9fBv7NglBirbHYdALgMdHF86PhsGdbBBsHk2ClXV8RKcIHIyyvUirbuG/
CT06IIp9koMqVO1mtlNfFSfmSi7iUup156P6
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:25 2025 by rpki-client