Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/tCH8SeQtTutazA-G8yJoRN8JM8k.roa
File: tCH8SeQtTutazA-G8yJoRN8JM8k.roa (raw, json)
Hash identifier: unbr9kMWQkZ4+OnBTDcoHa6A526v2nCKQElqeJwoPqk=
Subject key identifier: B4:21:FC:49:E4:2D:4E:EB:5A:CC:0F:86:F3:22:68:44:DF:09:33:C9
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 03A2A9C5
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/tCH8SeQtTutazA-G8yJoRN8JM8k.roa
Signing time: Mon 09 May 2022 13:32:33 +0000
ROA not before: Mon 09 May 2022 13:32:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41378
IP address blocks: 2.58.64.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60991941 (0x3a2a9c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: May 9 13:32:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b421fc49e42d4eeb5acc0f86f3226844df0933c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:a9:59:77:86:e2:41:a4:dd:09:dc:19:47:
0e:9b:50:44:b2:c6:a3:e9:c1:df:41:5e:76:27:4f:
93:88:39:71:e5:a7:d7:c1:83:36:11:de:76:22:3b:
68:48:29:90:74:4c:16:1c:2d:05:67:cc:0f:bf:8a:
e7:46:f2:eb:b4:5e:82:d6:b6:a5:bc:cb:5c:97:ce:
0b:f3:73:d1:19:2c:89:9f:f0:05:3b:a5:1b:90:d8:
4e:6f:77:9f:78:5f:99:bb:13:45:3a:50:d2:2b:4b:
4c:d2:fa:9d:dc:89:ca:3c:ab:dc:45:a2:cc:c2:09:
e3:c5:23:ce:71:49:d2:0a:ef:f5:6e:2a:31:10:70:
60:54:18:87:86:66:2d:15:25:81:6a:1a:97:ea:78:
33:8b:42:3e:ae:8b:ee:ed:53:af:4c:30:29:07:c2:
c6:b1:85:98:c9:a4:34:97:7b:04:d9:7b:72:55:ee:
2a:7f:00:6f:70:22:a2:6f:df:27:e3:b3:c0:ed:c7:
67:d5:b3:84:b2:a1:80:3c:c8:44:f5:61:3d:18:d3:
16:69:25:10:59:ca:80:bb:9c:17:a3:c0:f0:fd:02:
e7:be:ad:05:f2:60:0a:1a:51:54:4e:8e:07:a5:6a:
fc:fe:8a:a0:33:b4:8a:c6:fa:3f:d0:de:8c:35:8e:
11:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:21:FC:49:E4:2D:4E:EB:5A:CC:0F:86:F3:22:68:44:DF:09:33:C9
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/tCH8SeQtTutazA-G8yJoRN8JM8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:75:3e:24:90:61:de:2f:ff:44:7e:90:69:fc:84:21:b5:19:
0b:c7:46:50:e1:33:4e:a3:e7:36:bb:92:f5:eb:66:e3:33:b0:
55:0a:6a:73:8a:a1:8f:af:5d:34:4e:52:d3:da:e0:e2:ba:5f:
b1:b6:bf:2e:08:29:92:c9:03:4e:76:e4:d6:b6:ba:60:b3:3e:
6b:cd:64:b4:f2:66:82:7f:4c:5f:e5:59:d3:09:df:8e:e3:23:
f1:fa:56:be:43:b2:17:4d:ea:1a:86:e8:6a:69:53:28:47:c7:
77:e9:98:31:16:4b:fb:f3:b6:89:c7:54:5e:99:9f:20:12:d0:
7c:1a:6e:fd:c1:1d:1b:28:c2:5c:fb:26:8a:f1:fb:a5:92:12:
1f:5c:a8:3b:44:1a:f3:19:99:44:fe:49:f8:1e:45:68:3a:d6:
d9:cf:75:51:b8:9e:e5:68:5e:58:d8:5a:c0:4e:35:78:d4:cc:
61:b2:ee:ef:ff:65:b7:ef:43:57:fb:a5:e2:aa:42:f9:66:1f:
1f:37:67:c0:2a:fd:6a:83:b7:16:cd:2c:61:ec:e1:ff:74:ff:
8e:33:a4:7c:03:5b:cd:ca:09:d6:c6:38:4b:ed:5a:0e:2c:19:
39:7d:41:6b:a7:84:9a:57:d9:16:55:63:fb:fa:dc:5c:c2:fe:
10:c5:05:99
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6KpxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDc0Y2YzZTJmYTg5MmI1ZmRkM2YzMGRjODI3NWVlMTA2MmUxZDA2MB4XDTIyMDUw
OTEzMzIzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQyMWZjNDllNDJk
NGVlYjVhY2MwZjg2ZjMyMjY4NDRkZjA5MzNjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFaqVl3huJBpN0J3BlHDptQRLLGo+nB30FedidPk4g5ceWn
18GDNhHediI7aEgpkHRMFhwtBWfMD7+K50by67Regta2pbzLXJfOC/Nz0RksiZ/w
BTulG5DYTm93n3hfmbsTRTpQ0itLTNL6ndyJyjyr3EWizMIJ48UjznFJ0grv9W4q
MRBwYFQYh4ZmLRUlgWoal+p4M4tCPq6L7u1Tr0wwKQfCxrGFmMmkNJd7BNl7clXu
Kn8Ab3Aiom/fJ+OzwO3HZ9WzhLKhgDzIRPVhPRjTFmklEFnKgLucF6PA8P0C576t
BfJgChpRVE6OB6Vq/P6KoDO0isb6P9DejDWOEf8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0IfxJ5C1O61rMD4bzImhE3wkzyTAfBgNVHSMEGDAWgBREdM8+L6iStf3T
8w3IJ17hBi4dBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JIVFBQaS1va3JYOTBfTU55Q2RlNFFZdUhRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8x
L3RDSDhTZVF0VHV0YXpBLUc4eUpvUk44Sk04ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8xL1JIVFBQaS1va3JY
OTBfTU55Q2RlNFFZdUhRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQI6QDANBgkqhkiG9w0BAQsFAAOC
AQEAyXU+JJBh3i//RH6QafyEIbUZC8dGUOEzTqPnNruS9etm4zOwVQpqc4qhj69d
NE5S09rg4rpfsba/LggpkskDTnbk1ra6YLM+a81ktPJmgn9MX+VZ0wnfjuMj8fpW
vkOyF03qGoboamlTKEfHd+mYMRZL+/O2icdUXpmfIBLQfBpu/cEdGyjCXPsmivH7
pZISH1yoO0Qa8xmZRP5J+B5FaDrW2c91Ubie5WheWNhawE41eNTMYbLu7/9lt+9D
V/ul4qpC+WYfHzdnwCr9aoO3Fs0sYezh/3T/jjOkfANbzcoJ1sY4S+1aDiwZOX1B
a6eEmlfZFlVj+/rcXML+EMUFmQ==
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:14:04 2025 by rpki-client