Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/rthTWvBWTldvCBC_jsm-IEkTBFQ.roa
File: rthTWvBWTldvCBC_jsm-IEkTBFQ.roa (raw, json)
Hash identifier: GkYmfEttYtLOHlLhDgqjd5V7UynvO3JpXV9H0/Hyyb4=
Subject key identifier: AE:D8:53:5A:F0:56:4E:57:6F:08:10:BF:8E:C9:BE:20:49:13:04:54
Certificate issuer: /CN=044d65e74254b25fe00eb8ea06bb58fbe68ac19b
Certificate serial: 01942445417DE316AA45F10E46CFF2C1A36D
Authority key identifier: 04:4D:65:E7:42:54:B2:5F:E0:0E:B8:EA:06:BB:58:FB:E6:8A:C1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BE1l50JUsl_gDrjqBrtY--aKwZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/rthTWvBWTldvCBC_jsm-IEkTBFQ.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42306
IP address blocks: 176.123.12.0/22 maxlen: 22
185.137.144.0/22 maxlen: 22
2a07:4c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:41:7d:e3:16:aa:45:f1:0e:46:cf:f2:c1:a3:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044d65e74254b25fe00eb8ea06bb58fbe68ac19b
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aed8535af0564e576f0810bf8ec9be2049130454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e5:8f:10:48:1f:e3:9a:66:a3:d8:1c:25:2f:
fd:7f:6f:51:f0:9f:98:a8:3f:87:53:61:9c:e3:99:
02:c4:12:3b:db:b8:66:02:9b:89:50:7f:bc:7a:68:
aa:5f:99:57:5f:79:ed:3a:19:5c:5b:4b:9d:4d:a9:
d1:f5:02:e5:62:1d:c3:e6:1c:b9:d1:09:c9:71:90:
34:01:b5:32:a6:20:11:02:04:16:c3:20:5a:29:1b:
12:2b:88:4f:73:07:0d:a5:db:08:52:21:84:f3:a2:
b6:e4:b2:8b:56:b3:51:25:9d:c8:14:17:b6:0d:8e:
57:a8:e8:04:58:0d:55:ca:ca:9e:09:27:68:ff:75:
a3:37:58:ed:cc:a2:2c:25:c8:78:31:a4:38:28:59:
82:e5:3a:1c:8a:80:da:bd:9c:07:cf:e0:75:91:c8:
6c:47:a0:84:ac:23:2c:bb:c7:7a:2c:14:1c:42:93:
ab:15:08:44:f7:26:b1:14:ae:8e:84:48:c3:f4:86:
c6:c6:3a:cf:5e:fa:47:8b:c1:6c:46:35:b9:7e:2c:
f2:47:d8:de:55:c3:30:e9:58:86:b1:be:23:81:8d:
c0:b5:23:ec:d4:ec:44:a7:de:8c:8a:69:dd:80:58:
57:f6:bb:0b:0d:0a:47:e6:2c:3f:48:2c:bf:b6:60:
b3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D8:53:5A:F0:56:4E:57:6F:08:10:BF:8E:C9:BE:20:49:13:04:54
X509v3 Authority Key Identifier:
keyid:04:4D:65:E7:42:54:B2:5F:E0:0E:B8:EA:06:BB:58:FB:E6:8A:C1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BE1l50JUsl_gDrjqBrtY--aKwZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/rthTWvBWTldvCBC_jsm-IEkTBFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/BE1l50JUsl_gDrjqBrtY--aKwZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.12.0/22
185.137.144.0/22
IPv6:
2a07:4c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:54:00:a6:fc:9b:f5:ca:cd:5d:d3:38:77:66:32:be:d0:d2:
ad:30:5e:98:8a:6c:7a:19:4f:41:0e:a7:c5:1f:3a:1a:4f:aa:
37:ea:fe:dc:ae:20:0f:95:65:d1:d6:16:92:93:49:fa:24:75:
f7:c1:bc:54:27:a6:ca:ba:ca:c6:c5:ec:c1:96:b8:44:6c:af:
d4:b4:e4:77:11:14:c8:61:d3:2e:2c:64:82:66:c2:69:53:72:
a2:95:84:38:f8:ca:1e:4d:e5:b8:bf:04:d0:0f:e9:3e:d0:07:
38:51:18:6c:1f:c3:39:a4:b2:ad:99:d3:31:31:7b:4d:8b:3f:
a5:f4:d7:39:f0:b5:84:7e:96:21:57:b9:2a:8f:7d:21:84:8b:
9c:e8:7e:84:37:d2:35:2c:58:c8:87:86:cc:eb:da:22:c6:62:
92:f1:f2:16:64:17:29:ca:e7:11:38:fd:e0:da:6c:50:e2:f6:
14:31:1f:13:21:3c:11:ea:04:c0:0e:83:55:ec:75:00:b5:9a:
8e:c5:d6:81:62:61:3d:a3:55:99:37:0b:01:da:13:86:b2:a4:
9d:2c:9d:ee:be:fd:6a:9a:3c:df:f6:f8:e7:38:dc:18:28:d7:
2c:b3:32:19:c8:d4:a9:e0:7f:3b:26:35:8b:4c:17:f5:b6:25:
be:9e:57:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRUF94xaqRfEORs/ywaNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGQ2NWU3NDI1NGIyNWZlMDBlYjhlYTA2YmI1OGZiZTY4
YWMxOWIwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ4NTM1YWYwNTY0ZTU3NmYwODEwYmY4ZWM5YmUyMDQ5MTMwNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuWPEEgf45pmo9gcJS/9f29R8J+Y
qD+HU2Gc45kCxBI727hmApuJUH+8emiqX5lXX3ntOhlcW0udTanR9QLlYh3D5hy5
0QnJcZA0AbUypiARAgQWwyBaKRsSK4hPcwcNpdsIUiGE86K25LKLVrNRJZ3IFBe2
DY5XqOgEWA1VysqeCSdo/3WjN1jtzKIsJch4MaQ4KFmC5TocioDavZwHz+B1kchs
R6CErCMsu8d6LBQcQpOrFQhE9yaxFK6OhEjD9IbGxjrPXvpHi8FsRjW5fizyR9je
VcMw6ViGsb4jgY3AtSPs1OxEp96MimndgFhX9rsLDQpH5iw/SCy/tmCzcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK7YU1rwVk5XbwgQv47JviBJEwRUMB8GA1UdIwQY
MBaAFARNZedCVLJf4A646ga7WPvmisGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkUxbDUwSlVzbF9nRHJqcUJydFktLWFLd1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kMzljNmMtNDVlMS00MTI2LWE0ZTIt
NDA0MzhhOTk5NDE0LzEvcnRoVFd2QldUbGR2Q0JDX2pzbS1JRWtUQkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kMzljNmMtNDVlMS00MTI2LWE0ZTItNDA0MzhhOTk5NDE0
LzEvQkUxbDUwSlVzbF9nRHJqcUJydFktLWFLd1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCsHsMAwQC
uYmQMA0EAgACMAcDBQMqBwTAMA0GCSqGSIb3DQEBCwUAA4IBAQB1VACm/Jv1ys1d
0zh3ZjK+0NKtMF6Yimx6GU9BDqfFHzoaT6o36v7criAPlWXR1haSk0n6JHX3wbxU
J6bKusrGxezBlrhEbK/UtOR3ERTIYdMuLGSCZsJpU3KilYQ4+MoeTeW4vwTQD+k+
0Ac4URhsH8M5pLKtmdMxMXtNiz+l9Nc58LWEfpYhV7kqj30hhIuc6H6EN9I1LFjI
h4bM69oixmKS8fIWZBcpyucROP3g2mxQ4vYUMR8TITwR6gTADoNV7HUAtZqOxdaB
YmE9o1WZNwsB2hOGsqSdLJ3uvv1qmjzf9vjnONwYKNcsszIZyNSp4H87JjWLTBf1
tiW+nldR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net