Route Origin Authorization
$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/2/3138352e39372e3134342e302f32332d3234203d3e2030.roa
File: 3138352e39372e3134342e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: 9kEMRxbM7zhhT9lj+BPI5Ft+BJt9MmRW982iN4EhWek=
Subject key identifier: 5A:DD:D0:59:64:D8:C1:74:31:CF:0D:3A:EA:92:E6:3A:EF:B2:10:13
Certificate issuer: /CN=07a8af2b5fe831ff589eb38ae3c025ce871f23e7
Certificate serial: 60F9AE76EAAAFB2156D3A00FE9F2CED115B160BA
Authority key identifier: 07:A8:AF:2B:5F:E8:31:FF:58:9E:B3:8A:E3:C0:25:CE:87:1F:23:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6ivK1_oMf9YnrOK48AlzocfI-c.cer
Subject info access: rsync://rpki1.terratransit.de/repo/TerraTransit/2/3138352e39372e3134342e302f32332d3234203d3e2030.roa
Signing time: Fri 03 Mar 2023 15:43:17 +0000
ROA not before: Fri 03 Mar 2023 15:38:17 +0000
ROA not after: Fri 01 Mar 2024 15:43:17 +0000
asID: 0
IP address blocks: 185.97.144.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:f9:ae:76:ea:aa:fb:21:56:d3:a0:0f:e9:f2:ce:d1:15:b1:60:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a8af2b5fe831ff589eb38ae3c025ce871f23e7
Validity
Not Before: Mar 3 15:38:17 2023 GMT
Not After : Mar 1 15:43:17 2024 GMT
Subject: CN=5ADDD05964D8C17431CF0D3AEA92E63AEFB21013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:96:4a:e3:ba:80:e4:00:d0:04:00:33:5c:c6:
6d:87:90:9d:b5:02:ab:de:f7:3c:52:1d:e8:dd:b3:
06:83:39:1f:48:f5:dc:a7:d7:b7:0d:c6:cb:ce:d1:
03:99:8f:83:54:c4:8a:2b:61:3b:d7:a7:97:12:04:
13:38:67:b8:3e:de:6e:f6:d0:04:45:fc:92:34:28:
50:1c:ef:af:cd:b6:3e:0d:5f:f3:1a:de:be:ca:68:
47:41:33:a2:3c:ed:23:ab:ed:53:a6:e5:89:06:6d:
ec:6e:ae:41:80:e5:79:23:f2:75:16:2a:1e:a3:68:
45:72:af:aa:ec:d4:8c:46:0c:b5:ae:73:78:4d:73:
f5:7a:db:07:ac:77:4a:9a:7f:6c:92:b5:83:35:22:
8e:a9:ac:73:5e:48:63:12:56:60:f2:ec:9a:6f:df:
2a:13:17:a0:57:9b:84:4d:ef:c3:7b:a1:72:c4:29:
21:ce:05:88:ff:3c:ed:28:e3:07:75:4a:3a:dc:69:
66:97:44:07:49:26:31:ff:81:ef:c3:23:d4:23:af:
e8:94:77:34:46:8e:54:76:af:e2:5f:66:66:92:b5:
95:b2:06:29:b4:86:5a:69:e1:f4:de:6e:3d:00:9e:
b3:34:0a:cf:ba:f9:70:54:a2:f5:3e:e1:d8:ad:5f:
44:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:DD:D0:59:64:D8:C1:74:31:CF:0D:3A:EA:92:E6:3A:EF:B2:10:13
X509v3 Authority Key Identifier:
keyid:07:A8:AF:2B:5F:E8:31:FF:58:9E:B3:8A:E3:C0:25:CE:87:1F:23:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki1.terratransit.de/repo/TerraTransit/2/07A8AF2B5FE831FF589EB38AE3C025CE871F23E7.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6ivK1_oMf9YnrOK48AlzocfI-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/2/3138352e39372e3134342e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.144.0/23
Signature Algorithm: sha256WithRSAEncryption
63:11:90:d0:e4:95:28:45:29:8a:8a:79:87:f1:f9:49:58:29:
b3:44:60:bf:85:1e:f0:98:9a:79:16:97:ad:61:6b:af:2c:ff:
63:81:db:38:e4:f1:42:1f:07:d4:01:63:17:d3:60:80:1e:e1:
fb:5d:e7:48:8f:d8:11:18:32:f3:4d:2a:65:b2:83:e0:5e:2e:
a6:dd:f8:7a:1f:dd:6b:9d:04:b5:d7:3f:3d:7c:28:82:94:22:
82:31:8f:09:41:a8:da:ae:c0:b6:3f:51:3d:97:19:1e:6c:c6:
b5:81:f3:e0:15:d1:9d:9c:be:0c:88:5f:af:75:6c:56:06:35:
cb:0d:92:8e:6a:83:10:41:5a:b8:45:50:ce:02:14:f5:90:c8:
8f:6b:51:db:81:e1:55:f3:ec:23:83:47:3b:dc:b2:e7:e5:19:
4b:dd:46:0b:31:e2:f4:93:e3:76:14:1c:2b:e0:7a:59:dc:e7:
38:be:b3:16:0a:6d:8f:57:73:83:da:7b:e7:f1:6a:d4:7c:b5:
8b:4a:a5:fe:aa:34:f3:eb:a3:c9:6e:93:ad:12:ee:48:b2:00:
4a:05:5f:36:34:9d:4f:14:fd:fe:3c:48:bf:ba:da:f5:ca:40:
8a:ba:16:c3:fd:cf:d1:ae:54:9a:ad:e5:a9:96:52:9b:e3:89:
9c:1c:8d:28
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgIUYPmuduqq+yFW06AP6fLO0RWxYLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDdhOGFmMmI1ZmU4MzFmZjU4OWViMzhhZTNjMDI1Y2U4
NzFmMjNlNzAeFw0yMzAzMDMxNTM4MTdaFw0yNDAzMDExNTQzMTdaMDMxMTAvBgNV
BAMTKDVBREREMDU5NjREOEMxNzQzMUNGMEQzQUVBOTJFNjNBRUZCMjEwMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnlkrjuoDkANAEADNcxm2HkJ21
Aqve9zxSHejdswaDOR9I9dyn17cNxsvO0QOZj4NUxIorYTvXp5cSBBM4Z7g+3m72
0ARF/JI0KFAc76/Ntj4NX/Ma3r7KaEdBM6I87SOr7VOm5YkGbexurkGA5Xkj8nUW
Kh6jaEVyr6rs1IxGDLWuc3hNc/V62wesd0qaf2yStYM1Io6prHNeSGMSVmDy7Jpv
3yoTF6BXm4RN78N7oXLEKSHOBYj/PO0o4wd1SjrcaWaXRAdJJjH/ge/DI9Qjr+iU
dzRGjlR2r+JfZmaStZWyBim0hlpp4fTebj0AnrM0Cs+6+XBUovU+4ditX0QBAgMB
AAGjggHpMIIB5TAdBgNVHQ4EFgQUWt3QWWTYwXQxzw066pLmOu+yEBMwHwYDVR0j
BBgwFoAUB6ivK1/oMf9YnrOK48AlzocfI+cwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzIvMDdBOEFGMkI1RkU4MzFGRjU4OUVCMzhBRTNDMDI1Q0U4
NzFGMjNFNy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0I2aXZLMV9vTWY5WW5y
T0s0OEFsem9jZkktYy5jZXIwgYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4Zk
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
Mi8zMTM4MzUyZTM5MzcyZTMxMzQzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMw
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQBuWGQMA0GCSqGSIb3DQEBCwUAA4IBAQBjEZDQ5JUoRSmKinmH
8flJWCmzRGC/hR7wmJp5FpetYWuvLP9jgds45PFCHwfUAWMX02CAHuH7XedIj9gR
GDLzTSplsoPgXi6m3fh6H91rnQS11z89fCiClCKCMY8JQajarsC2P1E9lxkebMa1
gfPgFdGdnL4MiF+vdWxWBjXLDZKOaoMQQVq4RVDOAhT1kMiPa1HbgeFV8+wjg0c7
3LLn5RlL3UYLMeL0k+N2FBwr4HpZ3Oc4vrMWCm2PV3OD2nvn8WrUfLWLSqX+qjTz
66PJbpOtEu5IsgBKBV82NJ1PFP3+PEi/utr1ykCKuhbD/c/RrlSareWpllKb44mc
HI0o
-----END CERTIFICATE-----
Generated at Wed May 14 02:52:21 2025 by rpki-client