Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TthQgL5O5BBPoelhIRHgNHFBD7c.roa
File: TthQgL5O5BBPoelhIRHgNHFBD7c.roa (raw, json)
Hash identifier: 9jzcr1TF52Wg4IZgEXk5jhzSXKxzVJw+6SSi3TZg/S8=
Subject key identifier: 4E:D8:50:80:BE:4E:E4:10:4F:A1:E9:61:21:11:E0:34:71:41:0F:B7
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018570D5254F196A71D12CC40CAB630C3377
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TthQgL5O5BBPoelhIRHgNHFBD7c.roa
Signing time: Mon 02 Jan 2023 04:54:54 +0000
ROA not before: Mon 02 Jan 2023 04:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 91.123.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:25:4f:19:6a:71:d1:2c:c4:0c:ab:63:0c:33:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 2 04:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ed85080be4ee4104fa1e9612111e03471410fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:76:55:4c:08:e8:3f:6f:60:47:74:d4:c9:
2c:a3:25:14:27:5e:19:af:f9:40:91:ee:73:e5:51:
93:27:e6:52:7c:d8:42:ed:fc:75:ce:f5:e7:87:fd:
6f:26:01:87:6a:cc:51:c5:82:ae:be:97:4d:a5:fe:
e2:2f:c3:98:5e:bb:68:0e:ae:f7:e8:ad:8f:68:7d:
7a:11:68:e8:c0:5c:ec:ba:82:bf:2a:4f:61:8a:a7:
00:9e:86:54:83:24:a4:67:49:de:47:63:86:f4:32:
d4:f0:bd:7c:8f:ab:d4:d4:d3:d4:45:06:06:c9:d8:
20:1e:c1:30:6d:c2:fb:01:de:42:93:9c:f0:56:59:
dd:48:7e:9e:a0:08:43:97:78:39:49:fc:64:24:eb:
ae:31:4a:d6:14:dd:70:34:b4:99:80:8c:bb:00:c9:
d6:78:a9:78:14:7c:58:65:64:81:45:36:6d:d1:12:
2e:8b:1e:8c:d1:cb:fc:54:a0:1a:b3:e0:c9:76:d8:
45:97:a9:a2:c6:f2:a3:20:b7:59:00:7a:80:c2:42:
59:81:de:12:b6:66:e4:f5:fa:9f:ec:83:ad:f7:92:
6e:a2:38:56:63:a0:51:63:b2:01:30:11:2f:21:7d:
d5:a8:4a:d0:73:cf:e0:4b:d4:7b:0f:ef:67:ae:ce:
67:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D8:50:80:BE:4E:E4:10:4F:A1:E9:61:21:11:E0:34:71:41:0F:B7
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TthQgL5O5BBPoelhIRHgNHFBD7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.0.0/21
Signature Algorithm: sha256WithRSAEncryption
88:45:e0:af:d0:a8:ac:2f:20:11:75:7f:9e:d5:cb:5c:40:a4:
09:50:88:f3:94:0a:d8:1d:a7:ea:90:72:48:0e:e8:ba:0d:ce:
c5:4f:94:cb:bd:4c:fd:7d:ba:5e:4c:0a:52:f1:87:43:00:3a:
ff:41:df:6d:1e:6a:b6:13:1b:e6:33:07:9a:a4:80:f6:bf:e2:
9a:e0:f2:7c:e8:30:e9:c5:e4:67:94:11:9a:c4:ad:75:c3:05:
02:13:ac:96:14:09:6c:33:55:2d:fd:fc:cf:5d:9a:93:d6:4a:
89:ca:10:a0:66:48:0a:aa:59:b5:73:0b:0f:8a:e9:3f:95:79:
3a:a5:66:1c:67:f0:79:80:71:8c:31:27:5c:ec:72:4a:51:38:
12:cd:cf:13:10:5e:99:c5:d4:66:fb:71:8e:8d:9b:b4:54:35:
64:d3:bb:58:f6:c4:a6:c7:3a:95:82:a8:06:da:62:fc:7c:bd:
b6:7c:fc:46:ec:b8:7d:53:46:ed:1d:8e:7a:53:59:45:a7:02:
8e:92:bd:cf:12:c9:0e:1d:c8:52:fc:6c:24:70:49:dd:3d:bc:
f3:e5:f6:a4:a0:74:f1:02:86:1d:2a:5d:f1:99:dc:fb:86:8e:
2c:e3:7e:5f:ae:24:ca:01:91:f6:a6:39:8c:70:40:50:b0:f9:
04:fd:b7:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1SVPGWpx0SzEDKtjDDN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjMwMTAyMDQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ4NTA4MGJlNGVlNDEwNGZhMWU5NjEyMTExZTAzNDcxNDEwZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNp2VUwI6D9vYEd01MksoyUUJ14Z
r/lAke5z5VGTJ+ZSfNhC7fx1zvXnh/1vJgGHasxRxYKuvpdNpf7iL8OYXrtoDq73
6K2PaH16EWjowFzsuoK/Kk9hiqcAnoZUgySkZ0neR2OG9DLU8L18j6vU1NPURQYG
ydggHsEwbcL7Ad5Ck5zwVlndSH6eoAhDl3g5SfxkJOuuMUrWFN1wNLSZgIy7AMnW
eKl4FHxYZWSBRTZt0RIuix6M0cv8VKAas+DJdthFl6mixvKjILdZAHqAwkJZgd4S
tmbk9fqf7IOt95JuojhWY6BRY7IBMBEvIX3VqErQc8/gS9R7D+9nrs5n+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE7YUIC+TuQQT6HpYSER4DRxQQ+3MB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvVHRoUWdMNU81QkJQb2VsaElSSGdOSEZCRDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW3sAMA0G
CSqGSIb3DQEBCwUAA4IBAQCIReCv0KisLyARdX+e1ctcQKQJUIjzlArYHafqkHJI
Dui6Dc7FT5TLvUz9fbpeTApS8YdDADr/Qd9tHmq2ExvmMweapID2v+Ka4PJ86DDp
xeRnlBGaxK11wwUCE6yWFAlsM1Ut/fzPXZqT1kqJyhCgZkgKqlm1cwsPiuk/lXk6
pWYcZ/B5gHGMMSdc7HJKUTgSzc8TEF6ZxdRm+3GOjZu0VDVk07tY9sSmxzqVgqgG
2mL8fL22fPxG7Lh9U0btHY56U1lFpwKOkr3PEskOHchS/GwkcEndPbzz5fakoHTx
AoYdKl3xmdz7ho4s435friTKAZH2pjmMcEBQsPkE/be2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:16 2025 by rpki-client