Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/TBFTSFjosQHXvjbfOoxCzfjXfpo.roa
File: TBFTSFjosQHXvjbfOoxCzfjXfpo.roa (raw, json)
Hash identifier: 1mOudpiL2BGlBB7ENtxDXgPFFCmkZn44PPdAAiUzRG8=
Subject key identifier: 4C:11:53:48:58:E8:B1:01:D7:BE:36:DF:3A:8C:42:CD:F8:D7:7E:9A
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 019423D6D77247B1BBE637475B1B1D87C917
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/TBFTSFjosQHXvjbfOoxCzfjXfpo.roa
Signing time: Wed 01 Jan 2025 21:47:49 +0000
ROA not before: Wed 01 Jan 2025 21:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 80.71.228.0/24 maxlen: 24
80.71.230.0/24 maxlen: 24
81.29.144.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d7:72:47:b1:bb:e6:37:47:5b:1b:1d:87:c9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c11534858e8b101d7be36df3a8c42cdf8d77e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6b:35:e0:d2:87:2d:19:bc:05:e8:d7:8b:22:
67:81:2d:99:e5:79:66:cb:47:15:03:6a:85:f2:d1:
be:35:c2:e6:cc:db:6a:fe:f5:aa:b0:71:3a:1f:75:
44:30:52:6a:b2:7f:12:ea:6a:37:b8:1a:8f:25:f7:
21:d6:17:8d:0a:96:75:a0:f5:6e:4e:a4:43:55:7c:
d8:08:9c:10:9d:40:5a:46:c2:c9:1a:e2:60:81:c9:
2d:e1:ca:e0:30:34:66:91:00:2d:59:7f:84:9e:a2:
1a:e6:e1:0c:42:e0:8e:b3:dc:8d:7c:fe:04:e2:e1:
32:08:1d:25:2f:f9:4b:ca:71:a7:cc:fc:89:70:d9:
29:61:15:3a:cb:e0:1a:49:54:f7:25:be:64:92:d0:
33:84:47:f1:96:11:37:92:c6:6b:68:74:ac:e4:85:
bc:ac:b9:3b:48:42:e2:20:88:d7:64:f2:a5:6e:7b:
a1:66:9d:22:29:b3:ae:7b:53:d1:e3:31:08:94:75:
23:dc:2d:49:ef:c0:88:05:d1:3e:cc:2d:9f:b9:62:
9d:21:aa:6d:2a:22:72:c4:c6:22:50:2f:2f:d0:fc:
99:3a:89:79:e1:3b:9c:5e:58:bf:71:7d:e9:04:8d:
04:90:33:db:83:6b:1d:be:0c:a9:94:ba:c1:dd:f5:
df:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:11:53:48:58:E8:B1:01:D7:BE:36:DF:3A:8C:42:CD:F8:D7:7E:9A
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/TBFTSFjosQHXvjbfOoxCzfjXfpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.228.0/24
80.71.230.0/24
81.29.144.0/24
81.29.147.0/24
Signature Algorithm: sha256WithRSAEncryption
38:78:a4:7b:ed:4a:e5:13:f1:08:90:6a:53:6d:46:e5:82:a5:
a6:19:40:0f:b6:78:89:25:87:6e:e0:d6:5f:3f:91:ab:57:d2:
f7:c1:62:24:6c:99:88:73:6c:56:6c:ea:e7:8e:65:eb:73:ce:
fa:d8:4e:ba:ed:35:ef:5d:ad:a9:b7:08:8b:e1:18:17:21:40:
a7:8d:65:00:f1:6f:f4:32:86:9d:2b:f9:6f:29:22:36:b2:e6:
ed:e1:ce:eb:f2:9f:bd:fd:bf:9e:14:a7:54:93:e2:b1:00:03:
46:70:b4:51:dd:2b:f8:9b:d2:9e:35:99:d7:be:98:e1:d5:11:
9d:c3:ea:6e:f3:1e:f9:c5:c1:c2:d4:f2:65:43:e3:f7:a4:7d:
8a:9b:24:da:75:4c:00:00:2c:43:f6:cf:fa:ce:77:90:8e:82:
d9:90:cc:34:7a:1c:af:14:c2:48:77:fb:74:c9:b6:b4:2e:f4:
19:80:7f:77:f1:8c:c4:7e:6e:71:6e:c9:1f:9f:d0:de:92:09:
ad:42:2a:ef:ea:8c:0b:8b:ba:2b:b0:7a:6e:ab:73:55:21:16:
2b:26:6b:f0:72:f5:65:66:e3:26:c9:c3:2f:0a:57:d5:ac:13:
33:2a:63:8e:cb:77:4d:e9:ef:33:4d:24:a0:19:4c:d6:8e:6a:
5e:89:44:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1tdyR7G75jdHWxsdh8kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMTAxMjE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzExNTM0ODU4ZThiMTAxZDdiZTM2ZGYzYThjNDJjZGY4ZDc3ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAums14NKHLRm8BejXiyJngS2Z5Xlm
y0cVA2qF8tG+NcLmzNtq/vWqsHE6H3VEMFJqsn8S6mo3uBqPJfch1heNCpZ1oPVu
TqRDVXzYCJwQnUBaRsLJGuJggckt4crgMDRmkQAtWX+EnqIa5uEMQuCOs9yNfP4E
4uEyCB0lL/lLynGnzPyJcNkpYRU6y+AaSVT3Jb5kktAzhEfxlhE3ksZraHSs5IW8
rLk7SELiIIjXZPKlbnuhZp0iKbOue1PR4zEIlHUj3C1J78CIBdE+zC2fuWKdIapt
KiJyxMYiUC8v0PyZOol54TucXli/cX3pBI0EkDPbg2sdvgyplLrB3fXf1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEwRU0hY6LEB17423zqMQs34136aMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvVEJGVFNGam9zUUhYdmpiZk9veEN6ZmpYZnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEfkAwQA
UEfmAwQAUR2QAwQAUR2TMA0GCSqGSIb3DQEBCwUAA4IBAQA4eKR77UrlE/EIkGpT
bUblgqWmGUAPtniJJYdu4NZfP5GrV9L3wWIkbJmIc2xWbOrnjmXrc8762E667TXv
Xa2ptwiL4RgXIUCnjWUA8W/0MoadK/lvKSI2subt4c7r8p+9/b+eFKdUk+KxAANG
cLRR3Sv4m9KeNZnXvpjh1RGdw+pu8x75xcHC1PJlQ+P3pH2KmyTadUwAACxD9s/6
zneQjoLZkMw0ehyvFMJId/t0yba0LvQZgH938YzEfm5xbskfn9DekgmtQirv6owL
i7orsHpuq3NVIRYrJmvwcvVlZuMmycMvClfVrBMzKmOOy3dN6e8zTSSgGUzWjmpe
iUTZ
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:21:58 2025 by rpki-client on console.sobornost.net