Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a0735a-511c-48c9-a61a-0c2ff7937e6f/1/ttJJaBUZDaYcQDBtp6etg0tHOcw.roa
File: ttJJaBUZDaYcQDBtp6etg0tHOcw.roa (raw, json)
Hash identifier: eyDaETbBTLM6QaTgVh4ZT2/g+b+CTdUyos3+nCYyg/Y=
Subject key identifier: B6:D2:49:68:15:19:0D:A6:1C:40:30:6D:A7:A7:AD:83:4B:47:39:CC
Certificate issuer: /CN=20d5b8483b1712b7023541056e73085366d29346
Certificate serial: 01942444C4B081E7E92314DBA5C7E5802AF2
Authority key identifier: 20:D5:B8:48:3B:17:12:B7:02:35:41:05:6E:73:08:53:66:D2:93:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INW4SDsXErcCNUEFbnMIU2bSk0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a0735a-511c-48c9-a61a-0c2ff7937e6f/1/ttJJaBUZDaYcQDBtp6etg0tHOcw.roa
Signing time: Wed 01 Jan 2025 23:47:54 +0000
ROA not before: Wed 01 Jan 2025 23:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51838
IP address blocks: 91.220.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c4:b0:81:e7:e9:23:14:db:a5:c7:e5:80:2a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d5b8483b1712b7023541056e73085366d29346
Validity
Not Before: Jan 1 23:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6d2496815190da61c40306da7a7ad834b4739cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a2:d2:46:2d:fa:3f:13:b9:57:90:a0:bb:83:
07:62:92:76:74:ee:25:8f:cd:71:e9:66:d8:4d:17:
8d:5b:4c:1f:a7:1a:10:8c:02:8f:70:eb:97:3d:fa:
7b:e5:f7:72:4a:e4:2b:fe:ab:c1:3d:9d:b3:9a:7a:
7d:e6:c2:b7:32:34:e8:ac:8c:53:ad:22:5c:7b:6a:
c0:d7:2d:08:22:f5:0d:0a:05:56:d0:0b:17:b0:e2:
fe:56:35:96:90:ea:8b:66:41:64:a2:9d:e3:aa:95:
20:8d:99:50:2e:cf:8d:a7:05:ab:d1:f8:b6:cc:e8:
a9:91:db:14:00:3e:bd:c8:28:60:b9:4a:8b:76:3f:
65:7f:8b:06:c9:b5:ae:a8:49:33:b2:02:b1:b9:f1:
3a:3a:16:0e:ba:89:7f:cf:66:84:9f:f5:65:a8:8e:
31:b9:2c:eb:41:d1:c4:b1:05:56:b6:72:eb:e6:3e:
ff:de:37:8a:fc:71:6a:61:19:46:71:71:d2:74:31:
8a:08:21:94:86:dc:ad:2d:2b:7d:90:84:6a:96:d6:
7f:f5:28:68:aa:e6:87:15:80:f7:81:a2:19:5a:48:
28:e1:da:2c:51:e8:32:c8:c8:97:d0:d8:6d:7f:4a:
62:83:12:24:85:f0:da:10:8a:49:59:ca:9e:04:26:
4e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D2:49:68:15:19:0D:A6:1C:40:30:6D:A7:A7:AD:83:4B:47:39:CC
X509v3 Authority Key Identifier:
keyid:20:D5:B8:48:3B:17:12:B7:02:35:41:05:6E:73:08:53:66:D2:93:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INW4SDsXErcCNUEFbnMIU2bSk0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a0735a-511c-48c9-a61a-0c2ff7937e6f/1/ttJJaBUZDaYcQDBtp6etg0tHOcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a0735a-511c-48c9-a61a-0c2ff7937e6f/1/INW4SDsXErcCNUEFbnMIU2bSk0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.145.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:c0:2a:8a:b4:31:49:96:8c:85:0b:00:71:8b:44:c9:8a:f2:
e4:07:ea:28:18:c5:86:cb:9a:58:d6:ca:a0:05:bb:18:eb:73:
88:86:b5:c8:12:dc:41:fc:a2:35:7b:a4:fb:2d:d5:f6:bb:bf:
f7:6e:5b:f6:b7:20:a5:94:54:f1:8f:42:da:72:08:cc:66:25:
7b:fc:e1:63:1f:7e:4a:de:8d:b7:1a:fe:57:65:81:79:16:7e:
73:82:30:ca:c9:a2:7e:ab:75:e4:13:c2:52:35:c0:69:1d:eb:
a2:a9:10:15:58:da:90:36:16:67:4a:3e:ec:96:8c:fa:97:8c:
a4:2f:29:9e:a5:f6:40:bf:8a:eb:8a:e7:46:aa:36:9f:07:2d:
34:45:3e:af:1e:5e:2e:7b:d4:fd:ba:18:44:c8:f0:92:cb:3b:
27:18:cd:cf:a5:87:b7:ef:95:a3:23:ff:c8:d6:d2:c9:52:be:
2a:dc:1c:11:ef:d0:a5:99:78:d1:07:39:27:11:1b:02:30:60:
4c:e3:9f:c9:b8:d6:16:ef:60:d0:12:6c:36:4f:65:b6:bd:8f:
d1:07:88:e8:4e:be:72:52:b7:e4:2e:be:05:ac:1b:1c:a0:84:
a3:e8:e1:1b:b9:2d:1c:61:1e:d2:28:6a:6b:4b:27:78:17:6e:
0a:66:07:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRMSwgefpIxTbpcflgCryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDViODQ4M2IxNzEyYjcwMjM1NDEwNTZlNzMwODUzNjZk
MjkzNDYwHhcNMjUwMTAxMjM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQyNDk2ODE1MTkwZGE2MWM0MDMwNmRhN2E3YWQ4MzRiNDczOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqLSRi36PxO5V5Cgu4MHYpJ2dO4l
j81x6WbYTReNW0wfpxoQjAKPcOuXPfp75fdySuQr/qvBPZ2zmnp95sK3MjTorIxT
rSJce2rA1y0IIvUNCgVW0AsXsOL+VjWWkOqLZkFkop3jqpUgjZlQLs+NpwWr0fi2
zOipkdsUAD69yChguUqLdj9lf4sGybWuqEkzsgKxufE6OhYOuol/z2aEn/VlqI4x
uSzrQdHEsQVWtnLr5j7/3jeK/HFqYRlGcXHSdDGKCCGUhtytLSt9kIRqltZ/9Sho
quaHFYD3gaIZWkgo4dosUegyyMiX0Nhtf0pigxIkhfDaEIpJWcqeBCZODwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbSSWgVGQ2mHEAwbaenrYNLRznMMB8GA1UdIwQY
MBaAFCDVuEg7FxK3AjVBBW5zCFNm0pNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5XNFNEc1hFcmNDTlVFRmJuTUlVMmJTazBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hMDczNWEtNTExYy00OGM5LWE2MWEt
MGMyZmY3OTM3ZTZmLzEvdHRKSmFCVVpEYVljUURCdHA2ZXRnMHRIT2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hMDczNWEtNTExYy00OGM5LWE2MWEtMGMyZmY3OTM3ZTZm
LzEvSU5XNFNEc1hFcmNDTlVFRmJuTUlVMmJTazBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9yRMA0G
CSqGSIb3DQEBCwUAA4IBAQArwCqKtDFJloyFCwBxi0TJivLkB+ooGMWGy5pY1sqg
BbsY63OIhrXIEtxB/KI1e6T7LdX2u7/3blv2tyCllFTxj0LacgjMZiV7/OFjH35K
3o23Gv5XZYF5Fn5zgjDKyaJ+q3XkE8JSNcBpHeuiqRAVWNqQNhZnSj7sloz6l4yk
LymepfZAv4rriudGqjafBy00RT6vHl4ue9T9uhhEyPCSyzsnGM3PpYe375WjI//I
1tLJUr4q3BwR79ClmXjRBzknERsCMGBM45/JuNYW72DQEmw2T2W2vY/RB4joTr5y
UrfkLr4FrBscoISj6OEbuS0cYR7SKGprSyd4F24KZgfE
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:04:42 2025 by rpki-client