Route Origin Authorization
$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/4/3138352e3231322e36382e302f32342d3234203d3e2030.roa
File: 3138352e3231322e36382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: 5XMky9ym6iTR2pyibkaVQnHNbw4sJ18Opg45H4e9su4=
Subject key identifier: AE:68:CC:5D:51:1C:83:B8:6D:5F:78:BE:EA:56:65:0F:60:51:D4:D4
Certificate issuer: /CN=a6b65d4709f6cfd999a287789392baa6d3a5dcea
Certificate serial: 20DFBF9C781A4A12358CACA8704344E464A3C136
Authority key identifier: A6:B6:5D:47:09:F6:CF:D9:99:A2:87:78:93:92:BA:A6:D3:A5:DC:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/prZdRwn2z9mZood4k5K6ptOl3Oo.cer
Subject info access: rsync://rpki1.terratransit.de/repo/TerraTransit/4/3138352e3231322e36382e302f32342d3234203d3e2030.roa
Signing time: Fri 03 Mar 2023 15:35:55 +0000
ROA not before: Fri 03 Mar 2023 15:30:55 +0000
ROA not after: Fri 01 Mar 2024 15:35:55 +0000
asID: 0
IP address blocks: 185.212.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:df:bf:9c:78:1a:4a:12:35:8c:ac:a8:70:43:44:e4:64:a3:c1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6b65d4709f6cfd999a287789392baa6d3a5dcea
Validity
Not Before: Mar 3 15:30:55 2023 GMT
Not After : Mar 1 15:35:55 2024 GMT
Subject: CN=AE68CC5D511C83B86D5F78BEEA56650F6051D4D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2a:3e:af:5e:f9:75:3a:8f:a9:87:01:d3:76:
4c:6e:18:15:67:7c:63:ba:20:20:d0:8e:cf:98:8e:
89:82:7b:9f:65:f8:d1:d4:a0:f0:7a:0d:a0:bd:76:
21:bc:19:b8:03:a1:db:6e:98:34:66:12:70:f8:9c:
15:83:27:8f:84:27:55:35:c7:57:22:59:d7:af:89:
7d:72:90:2b:61:81:da:94:21:41:dd:2a:c8:6c:18:
6c:10:cb:7f:77:6d:e2:23:ca:db:17:68:3c:39:10:
84:b3:37:3d:32:5a:fd:ce:2d:9b:23:5d:b9:11:7e:
a0:83:d4:68:93:7d:21:a6:d7:dd:cb:f4:36:cc:68:
eb:a9:1d:4e:5a:bc:4f:d7:e0:60:2d:62:47:3f:4a:
bf:c6:8a:04:bc:32:26:a3:03:53:d7:a5:04:7c:21:
37:78:5a:e5:e4:a1:92:aa:46:83:ad:83:57:fb:13:
ac:3b:f7:90:6e:a5:68:7a:e7:6f:1a:43:01:87:c7:
e7:77:74:91:62:9e:f9:9c:5a:97:89:d4:19:ca:c6:
99:cf:c8:a6:6f:9f:2a:79:1f:5c:e6:aa:da:31:b7:
99:0e:df:77:37:53:17:90:9e:fe:0c:83:78:ca:14:
95:26:40:87:92:93:3a:84:0e:fb:1d:f9:d5:44:ec:
7f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:68:CC:5D:51:1C:83:B8:6D:5F:78:BE:EA:56:65:0F:60:51:D4:D4
X509v3 Authority Key Identifier:
keyid:A6:B6:5D:47:09:F6:CF:D9:99:A2:87:78:93:92:BA:A6:D3:A5:DC:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki1.terratransit.de/repo/TerraTransit/4/A6B65D4709F6CFD999A287789392BAA6D3A5DCEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/prZdRwn2z9mZood4k5K6ptOl3Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/4/3138352e3231322e36382e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.68.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d1:c0:64:81:75:76:fa:f8:da:55:c2:a5:f4:ce:7c:d0:aa:
2c:5e:10:73:8f:c3:bf:46:79:6d:d7:dd:d5:a4:00:da:5a:4a:
d1:6b:77:95:7f:f0:48:f0:7e:b1:d4:14:44:56:24:f4:55:b3:
a7:66:15:5b:f4:ef:4c:12:0a:f1:4e:6e:5d:be:b4:f5:93:c6:
ba:aa:aa:55:b9:21:45:08:15:20:23:8a:31:73:8d:e8:60:87:
b4:63:8f:ad:89:86:60:43:50:c7:76:51:8c:74:38:51:5f:6b:
e3:aa:4b:04:ff:a5:47:65:83:8f:78:ee:e4:a4:01:0a:fd:14:
06:50:5a:cb:f9:a0:72:38:c2:44:c5:3d:7d:19:81:36:2b:cb:
3d:de:3e:a0:02:2c:0f:dc:15:2f:02:cc:c1:52:b5:b3:4e:d6:
ad:81:5a:a7:05:33:23:40:a5:05:2b:b2:1d:75:10:3d:3d:14:
c9:e2:22:95:17:ec:79:06:60:92:f0:3e:8a:29:da:be:be:48:
85:99:3f:c7:87:3f:10:97:ab:bd:ae:f7:3f:1f:cb:e7:98:18:
28:63:a3:b4:13:58:2a:01:97:5c:50:58:d7:bd:d2:a8:48:ed:
11:ae:1f:1f:47:5a:44:c9:c9:4c:9d:cd:d7:39:97:74:a1:2e:
da:e9:82:0f
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgIUIN+/nHgaShI1jKyocENE5GSjwTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZiNjVkNDcwOWY2Y2ZkOTk5YTI4Nzc4OTM5MmJhYTZk
M2E1ZGNlYTAeFw0yMzAzMDMxNTMwNTVaFw0yNDAzMDExNTM1NTVaMDMxMTAvBgNV
BAMTKEFFNjhDQzVENTExQzgzQjg2RDVGNzhCRUVBNTY2NTBGNjA1MUQ0RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Kj6vXvl1Oo+phwHTdkxuGBVn
fGO6ICDQjs+YjomCe59l+NHUoPB6DaC9diG8GbgDodtumDRmEnD4nBWDJ4+EJ1U1
x1ciWdeviX1ykCthgdqUIUHdKshsGGwQy393beIjytsXaDw5EISzNz0yWv3OLZsj
XbkRfqCD1GiTfSGm193L9DbMaOupHU5avE/X4GAtYkc/Sr/GigS8MiajA1PXpQR8
ITd4WuXkoZKqRoOtg1f7E6w795BupWh6528aQwGHx+d3dJFinvmcWpeJ1BnKxpnP
yKZvnyp5H1zmqtoxt5kO33c3UxeQnv4Mg3jKFJUmQIeSkzqEDvsd+dVE7H9BAgMB
AAGjggHpMIIB5TAdBgNVHQ4EFgQUrmjMXVEcg7htX3i+6lZlD2BR1NQwHwYDVR0j
BBgwFoAUprZdRwn2z9mZood4k5K6ptOl3OowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzQvQTZCNjVENDcwOUY2Q0ZEOTk5QTI4Nzc4OTM5MkJBQTZE
M0E1RENFQS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ByWmRSd24yejltWm9v
ZDRrNUs2cHRPbDNPby5jZXIwgYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4Zk
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
NC8zMTM4MzUyZTMyMzEzMjJlMzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMw
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQAudREMA0GCSqGSIb3DQEBCwUAA4IBAQA70cBkgXV2+vjaVcKl
9M580KosXhBzj8O/Rnlt193VpADaWkrRa3eVf/BI8H6x1BREViT0VbOnZhVb9O9M
EgrxTm5dvrT1k8a6qqpVuSFFCBUgI4oxc43oYIe0Y4+tiYZgQ1DHdlGMdDhRX2vj
qksE/6VHZYOPeO7kpAEK/RQGUFrL+aByOMJExT19GYE2K8s93j6gAiwP3BUvAszB
UrWzTtatgVqnBTMjQKUFK7IddRA9PRTJ4iKVF+x5BmCS8D6KKdq+vkiFmT/Hhz8Q
l6u9rvc/H8vnmBgoY6O0E1gqAZdcUFjXvdKoSO0Rrh8fR1pEyclMnc3XOZd0oS7a
6YIP
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:50 2023 by rpki-client on console.sobornost.net