Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/tHKUNas2WAYl_aBdRz4lMBpU2tM.roa
File: tHKUNas2WAYl_aBdRz4lMBpU2tM.roa (raw, json)
Hash identifier: vU0oay0kJ7KqgL/7imf9G5pooyd7kRfzrUz/cQipG8I=
Subject key identifier: B4:72:94:35:AB:36:58:06:25:FD:A0:5D:47:3E:25:30:1A:54:DA:D3
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019386B68A917A1A668B9DA0DE71F0526CBA
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/tHKUNas2WAYl_aBdRz4lMBpU2tM.roa
Signing time: Mon 02 Dec 2024 09:32:09 +0000
ROA not before: Mon 02 Dec 2024 09:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 84.55.14.0/24 maxlen: 24
84.55.15.0/24 maxlen: 24
84.55.16.0/24 maxlen: 24
84.55.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:b6:8a:91:7a:1a:66:8b:9d:a0:de:71:f0:52:6c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Dec 2 09:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4729435ab36580625fda05d473e25301a54dad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:6f:e5:cc:64:f5:2d:b3:4b:11:9b:42:08:
90:de:cb:da:f5:a1:65:40:1e:15:27:37:fd:c3:6b:
3c:d4:42:f1:c3:60:c3:50:1e:02:3e:6b:ad:65:4e:
ed:f8:3c:1b:18:db:2a:49:03:d9:36:85:d9:5f:0f:
16:8e:c0:75:b7:9f:94:09:73:31:94:f1:8a:9e:a0:
ae:b6:63:b6:5a:1d:13:2b:65:19:a5:30:4e:74:68:
6b:a3:00:25:93:57:8c:a1:a6:3a:ea:9d:98:3a:ed:
3a:bf:e0:5d:ab:73:35:40:41:d1:fb:70:76:c6:af:
fc:fb:ab:e3:23:58:a7:58:c6:d4:19:c7:d2:d5:6a:
a1:29:91:96:f9:4c:57:d6:c8:8f:9d:48:b9:6c:4e:
4b:8b:55:2f:8b:2c:20:43:fa:38:36:e5:13:92:52:
1b:3a:9a:59:35:31:c7:f4:1a:19:ae:12:a6:ac:ec:
2d:72:56:4b:2b:76:3b:fb:aa:5d:7a:fb:7b:b3:2b:
2d:45:a9:e0:4e:2a:c6:a5:55:f7:65:87:61:f7:62:
9f:70:53:a9:ea:02:f9:f8:06:da:05:19:6d:9a:7f:
8d:e8:01:4d:5e:dc:54:52:55:6f:8a:78:0e:90:54:
36:c3:e1:f5:fb:bb:cf:19:79:3c:90:ba:ab:6f:0b:
7c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:72:94:35:AB:36:58:06:25:FD:A0:5D:47:3E:25:30:1A:54:DA:D3
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/tHKUNas2WAYl_aBdRz4lMBpU2tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.14.0-84.55.16.255
84.55.21.0/24
Signature Algorithm: sha256WithRSAEncryption
79:92:dd:65:6a:f8:04:e7:20:40:9d:69:be:0e:4d:af:d4:81:
d6:62:c9:35:c5:c1:8b:d7:b8:be:81:ef:14:ce:8f:df:15:da:
89:d9:99:b0:50:55:e2:37:36:12:f4:aa:8c:d0:2d:f2:7b:b7:
b0:3f:0f:3c:f0:be:90:51:c6:78:1e:58:20:d8:2b:21:a1:f5:
1f:fe:1a:f5:4f:d5:ca:0e:a0:8d:b6:2f:7f:85:de:35:b8:31:
f9:da:04:09:c1:92:a6:f3:16:48:aa:cc:e1:6e:ab:ad:50:08:
0b:4d:99:3a:0f:a3:ea:2b:80:c1:c5:9f:17:81:1d:65:17:94:
e6:7e:17:49:c4:b8:cc:e6:cd:d1:29:6e:18:ac:b3:54:67:77:
63:b1:f6:c4:35:be:1d:5f:cf:44:b0:78:b8:05:40:39:c0:1e:
30:b1:f0:5a:77:d6:38:70:d6:c0:8d:19:35:34:72:0c:58:d4:
0f:75:a2:6f:1b:81:43:7a:bd:09:63:b3:08:79:72:8f:2c:21:
11:83:17:b1:86:7e:14:a9:3d:3a:1c:a1:93:61:db:dd:c7:52:
52:a7:ad:9e:0d:2b:50:38:d1:71:f1:27:1e:bb:14:ff:79:00:
78:8e:cc:e9:2a:f5:40:5c:ac:9f:41:7c:9a:61:7c:b2:fd:e1:
f1:53:d8:7b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZOGtoqRehpmi52g3nHwUmy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQxMjAyMDkzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcyOTQzNWFiMzY1ODA2MjVmZGEwNWQ0NzNlMjUzMDFhNTRkYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/pv5cxk9S2zSxGbQgiQ3sva9aFl
QB4VJzf9w2s81ELxw2DDUB4CPmutZU7t+DwbGNsqSQPZNoXZXw8WjsB1t5+UCXMx
lPGKnqCutmO2Wh0TK2UZpTBOdGhrowAlk1eMoaY66p2YOu06v+Bdq3M1QEHR+3B2
xq/8+6vjI1inWMbUGcfS1WqhKZGW+UxX1siPnUi5bE5Li1UviywgQ/o4NuUTklIb
OppZNTHH9BoZrhKmrOwtclZLK3Y7+6pdevt7systRangTirGpVX3ZYdh92KfcFOp
6gL5+AbaBRltmn+N6AFNXtxUUlVvingOkFQ2w+H1+7vPGXk8kLqrbwt8gwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLRylDWrNlgGJf2gXUc+JTAaVNrTMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvdEhLVU5hczJXQVlsX2FCZFJ6NGxNQnBVMnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFUNw4D
BABUNxADBABUNxUwDQYJKoZIhvcNAQELBQADggEBAHmS3WVq+ATnIECdab4OTa/U
gdZiyTXFwYvXuL6B7xTOj98V2onZmbBQVeI3NhL0qozQLfJ7t7A/DzzwvpBRxnge
WCDYKyGh9R/+GvVP1coOoI22L3+F3jW4MfnaBAnBkqbzFkiqzOFuq61QCAtNmToP
o+orgMHFnxeBHWUXlOZ+F0nEuMzmzdEpbhiss1Rnd2Ox9sQ1vh1fz0SweLgFQDnA
HjCx8Fp31jhw1sCNGTU0cgxY1A91om8bgUN6vQljswh5co8sIRGDF7GGfhSpPToc
oZNh293HUlKnrZ4NK1A40XHxJx67FP95AHiOzOkq9UBcrJ9BfJphfLL94fFT2Hs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:55:39 2025 by rpki-client