Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/tthGc4et5Go4e_W6xJA4oGDglA8.roa
File: tthGc4et5Go4e_W6xJA4oGDglA8.roa (raw, json)
Hash identifier: ZecmQkQhHCrG1uu9rDAGf1vpZKoS8+eGsVg02iVX3KY=
Subject key identifier: B6:D8:46:73:87:AD:E4:6A:38:7B:F5:BA:C4:90:38:A0:60:E0:94:0F
Certificate issuer: /CN=5ab4349405298585f1efcb658537618f25d4335e
Certificate serial: 018729DB998F48B66F13036BC31DD43024B4
Authority key identifier: 5A:B4:34:94:05:29:85:85:F1:EF:CB:65:85:37:61:8F:25:D4:33:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrQ0lAUphYXx78tlhTdhjyXUM14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/tthGc4et5Go4e_W6xJA4oGDglA8.roa
Signing time: Tue 28 Mar 2023 20:14:30 +0000
ROA not before: Tue 28 Mar 2023 20:14:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 89.107.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:db:99:8f:48:b6:6f:13:03:6b:c3:1d:d4:30:24:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab4349405298585f1efcb658537618f25d4335e
Validity
Not Before: Mar 28 20:14:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6d8467387ade46a387bf5bac49038a060e0940f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c8:cf:76:59:a5:bc:08:12:8e:7e:ae:12:be:
b4:77:d2:ac:0a:cc:73:61:bb:07:1e:e3:34:63:45:
fd:12:fa:bf:7d:2f:37:c8:30:c0:bc:9e:ec:ec:77:
3d:aa:b9:6d:b7:8e:0b:e5:f7:77:f7:c2:73:cb:10:
38:e9:cb:e1:0b:26:c6:37:6a:a6:a6:19:4e:af:8a:
c2:f4:0a:60:2a:1f:d0:a4:03:64:f1:7b:31:8d:7b:
c6:21:c2:eb:8a:37:c2:40:0b:c6:0f:3a:58:ad:3a:
b0:e4:aa:89:50:2b:58:28:8b:53:8f:f2:23:cc:3f:
15:fb:b5:e5:e7:fb:20:5f:90:71:a4:92:50:0a:00:
5d:d8:89:90:51:89:bc:1a:bc:de:fe:dc:30:84:94:
5d:51:c3:e6:59:d8:8a:4e:61:ff:6c:64:4b:e2:99:
ca:f6:f4:3a:b7:27:f0:f4:66:8b:47:36:ab:eb:32:
d7:7a:23:8c:f4:29:d1:b9:28:d0:d7:97:c6:dd:12:
61:26:e0:20:b8:37:f4:df:d5:b2:9b:2e:47:cb:9c:
0b:fd:42:95:37:cf:2b:cc:47:0d:4c:e3:58:0b:8b:
a7:2a:cb:7e:67:b2:a6:24:b6:1d:e5:d4:77:c6:8f:
2e:41:83:30:01:aa:f6:78:b8:13:e6:b7:fa:81:4c:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D8:46:73:87:AD:E4:6A:38:7B:F5:BA:C4:90:38:A0:60:E0:94:0F
X509v3 Authority Key Identifier:
keyid:5A:B4:34:94:05:29:85:85:F1:EF:CB:65:85:37:61:8F:25:D4:33:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrQ0lAUphYXx78tlhTdhjyXUM14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/tthGc4et5Go4e_W6xJA4oGDglA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6127a6-206e-4606-9960-b394088444d8/1/WrQ0lAUphYXx78tlhTdhjyXUM14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.8.0/24
Signature Algorithm: sha256WithRSAEncryption
27:13:e5:27:5d:b9:ce:2d:6c:ae:b0:78:ec:89:6b:7b:08:93:
41:7f:92:aa:6b:ba:a3:e6:21:b2:a7:a7:9d:bf:e1:e3:57:2a:
08:8f:31:a2:cc:7d:41:16:fc:ac:56:62:da:35:6d:af:ff:e3:
3c:7c:88:e1:d3:77:3c:dd:1b:69:45:37:9d:7d:e2:92:b1:65:
0f:9b:28:d0:5e:fc:0f:bb:09:84:b7:41:61:3c:95:5d:7f:46:
69:cb:d1:a6:35:7c:e8:94:61:71:72:c8:f8:e2:24:04:4f:b1:
f5:31:d3:49:19:61:e8:67:51:37:57:c8:71:a2:10:42:c0:55:
f9:9f:03:67:18:7a:b3:cc:41:0a:c5:b0:cc:11:d4:b0:91:76:
57:25:88:64:c5:07:c7:c3:6b:51:31:ed:80:03:3f:cb:3c:4c:
d1:d8:36:ac:59:cb:b2:1b:8d:2e:9a:be:94:5a:ae:6b:0c:12:
8c:88:ce:3b:f0:1c:34:19:37:33:fe:ed:34:a0:19:e2:4f:25:
c4:24:e2:86:15:06:d4:ec:74:cd:00:29:b0:1e:34:f6:57:f5:
76:1d:33:aa:ca:0c:b2:b8:76:d9:0b:35:c4:b6:10:6e:2f:22:
20:3b:b5:a7:4d:f8:eb:53:6b:42:d7:a0:f8:a3:43:81:54:6d:
b6:c4:86:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcp25mPSLZvEwNrwx3UMCS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjQzNDk0MDUyOTg1ODVmMWVmY2I2NTg1Mzc2MThmMjVk
NDMzNWUwHhcNMjMwMzI4MjAxNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQ4NDY3Mzg3YWRlNDZhMzg3YmY1YmFjNDkwMzhhMDYwZTA5NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcjPdlmlvAgSjn6uEr60d9KsCsxz
YbsHHuM0Y0X9Evq/fS83yDDAvJ7s7Hc9qrltt44L5fd398JzyxA46cvhCybGN2qm
phlOr4rC9ApgKh/QpANk8XsxjXvGIcLrijfCQAvGDzpYrTqw5KqJUCtYKItTj/Ij
zD8V+7Xl5/sgX5BxpJJQCgBd2ImQUYm8Grze/twwhJRdUcPmWdiKTmH/bGRL4pnK
9vQ6tyfw9GaLRzar6zLXeiOM9CnRuSjQ15fG3RJhJuAguDf039Wymy5Hy5wL/UKV
N88rzEcNTONYC4unKst+Z7KmJLYd5dR3xo8uQYMwAar2eLgT5rf6gUxFTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbYRnOHreRqOHv1usSQOKBg4JQPMB8GA1UdIwQY
MBaAFFq0NJQFKYWF8e/LZYU3YY8l1DNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JRMGxBVXBoWVh4Nzh0bGhUZGhqeVhVTTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82MTI3YTYtMjA2ZS00NjA2LTk5NjAt
YjM5NDA4ODQ0NGQ4LzEvdHRoR2M0ZXQ1R280ZV9XNnhKQTRvR0RnbEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82MTI3YTYtMjA2ZS00NjA2LTk5NjAtYjM5NDA4ODQ0NGQ4
LzEvV3JRMGxBVXBoWVh4Nzh0bGhUZGhqeVhVTTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWsIMA0G
CSqGSIb3DQEBCwUAA4IBAQAnE+UnXbnOLWyusHjsiWt7CJNBf5Kqa7qj5iGyp6ed
v+HjVyoIjzGizH1BFvysVmLaNW2v/+M8fIjh03c83RtpRTedfeKSsWUPmyjQXvwP
uwmEt0FhPJVdf0Zpy9GmNXzolGFxcsj44iQET7H1MdNJGWHoZ1E3V8hxohBCwFX5
nwNnGHqzzEEKxbDMEdSwkXZXJYhkxQfHw2tRMe2AAz/LPEzR2DasWcuyG40umr6U
Wq5rDBKMiM478Bw0GTcz/u00oBniTyXEJOKGFQbU7HTNACmwHjT2V/V2HTOqygyy
uHbZCzXEthBuLyIgO7WnTfjrU2tC16D4o0OBVG22xIaJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:09 2025 by rpki-client