Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/93cba4-8196-40db-b315-cacd5054914c/1/tWyPMHZz-cy57DTI_sehyTfnbEU.roa
File: tWyPMHZz-cy57DTI_sehyTfnbEU.roa (raw, json)
Hash identifier: IDJOm/hPNBABmVw04kvxAopTpvgv17EorMTjyXVUPRs=
Subject key identifier: B5:6C:8F:30:76:73:F9:CC:B9:EC:34:C8:FE:C7:A1:C9:37:E7:6C:45
Certificate issuer: /CN=f304cb4405fe20d67af07d9d42e020eed332d36a
Certificate serial: 03DB6B08
Authority key identifier: F3:04:CB:44:05:FE:20:D6:7A:F0:7D:9D:42:E0:20:EE:D3:32:D3:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8wTLRAX-INZ68H2dQuAg7tMy02o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/93cba4-8196-40db-b315-cacd5054914c/1/tWyPMHZz-cy57DTI_sehyTfnbEU.roa
Signing time: Sat 01 Jan 2022 11:55:06 +0000
ROA not before: Sat 01 Jan 2022 11:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13307
IP address blocks: 195.95.202.0/23 maxlen: 24
91.90.16.0/21 maxlen: 24
194.88.206.0/23 maxlen: 24
194.143.144.0/23 maxlen: 24
91.203.88.0/22 maxlen: 24
195.140.168.0/22 maxlen: 24
195.234.68.0/22 maxlen: 24
195.20.96.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64711432 (0x3db6b08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f304cb4405fe20d67af07d9d42e020eed332d36a
Validity
Not Before: Jan 1 11:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b56c8f307673f9ccb9ec34c8fec7a1c937e76c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:a8:83:62:5a:d4:f9:57:d4:93:2a:8a:16:
25:83:dd:85:65:cd:18:3a:f5:e7:47:5b:e7:4f:92:
79:89:ff:2e:89:ac:d1:2b:a0:57:ed:e6:24:9b:41:
f0:b7:ed:9b:12:46:39:e0:56:e3:10:c5:1d:f6:f9:
c2:e6:68:96:0b:13:60:93:fd:68:c0:da:27:cd:75:
c7:c1:4b:6c:07:1f:66:d2:f3:f8:59:c5:ed:38:c3:
7e:22:1f:29:ea:8e:0c:39:6c:f9:70:5b:ed:d8:70:
99:14:4f:06:b8:60:0f:dc:36:51:8f:ef:4b:2a:03:
39:99:75:18:86:13:9e:d2:29:95:f7:8e:e7:c2:91:
f2:92:15:35:60:47:9d:a3:f7:4a:de:22:48:6a:c4:
6c:44:21:8c:83:7c:d5:b9:cc:a7:47:e6:d1:17:b3:
08:e9:2b:96:98:69:80:75:41:05:76:0c:e6:63:00:
1e:cb:02:2b:01:70:52:01:ab:9f:19:6e:29:ae:a9:
62:ab:26:2e:b0:43:f0:c5:9f:48:7e:be:d9:d8:46:
79:81:c4:87:fc:05:0d:ae:b7:a3:d6:8b:fd:6c:15:
ea:f9:65:6b:28:fb:20:e6:42:d2:1f:f8:18:3b:90:
d0:86:8a:b4:58:94:4b:58:7d:94:42:34:87:bd:ff:
12:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6C:8F:30:76:73:F9:CC:B9:EC:34:C8:FE:C7:A1:C9:37:E7:6C:45
X509v3 Authority Key Identifier:
keyid:F3:04:CB:44:05:FE:20:D6:7A:F0:7D:9D:42:E0:20:EE:D3:32:D3:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8wTLRAX-INZ68H2dQuAg7tMy02o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/93cba4-8196-40db-b315-cacd5054914c/1/tWyPMHZz-cy57DTI_sehyTfnbEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/93cba4-8196-40db-b315-cacd5054914c/1/8wTLRAX-INZ68H2dQuAg7tMy02o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.16.0/21
91.203.88.0/22
194.88.206.0/23
194.143.144.0/23
195.20.96.0/23
195.95.202.0/23
195.140.168.0/22
195.234.68.0/22
Signature Algorithm: sha256WithRSAEncryption
17:f5:c0:59:be:8c:69:f1:56:94:62:2b:c1:e9:30:60:40:74:
4f:28:7b:10:db:8d:4a:5e:9f:98:d0:98:d3:f9:ea:a5:33:14:
23:79:28:55:e6:ad:bc:02:65:47:bf:e0:11:40:82:d4:eb:6e:
53:23:6d:06:65:50:38:c9:f2:fb:6d:9b:53:9f:f4:75:2e:a5:
7c:19:fe:38:8c:06:f8:34:d8:55:f2:82:a4:73:bd:35:77:41:
20:c2:99:4d:22:99:d4:21:d4:b9:30:85:79:69:d6:e4:f0:5f:
0f:b3:d8:9f:11:91:1d:e6:1f:f2:5f:ab:6c:1a:5b:1f:f4:e3:
4f:e6:7f:49:b7:bc:ab:8d:50:f8:ef:ea:09:56:4f:43:ed:b2:
b4:b3:b2:86:da:a3:80:11:1f:f2:1e:16:52:ee:1d:f0:e8:83:
61:b4:e7:9f:ee:1d:3c:e8:a3:60:a9:84:6e:78:9d:f7:24:2e:
7d:84:ff:b2:48:5b:80:38:ed:c7:4e:ca:04:4f:3a:56:e6:42:
76:76:9c:b7:62:e1:dd:b7:e5:a7:e2:04:98:ae:b6:4c:79:04:
c5:8b:4a:dd:a5:86:82:ae:85:df:58:8f:c8:cd:0b:f0:b1:cb:
e0:60:61:a8:ac:9a:96:98:03:34:4d:18:23:7b:35:d2:a9:22:
f8:07:67:0d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEA9trCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MzA0Y2I0NDA1ZmUyMGQ2N2FmMDdkOWQ0MmUwMjBlZWQzMzJkMzZhMB4XDTIyMDEw
MTExNTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU2YzhmMzA3Njcz
ZjljY2I5ZWMzNGM4ZmVjN2ExYzkzN2U3NmM0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbIqINiWtT5V9STKooWJYPdhWXNGDr150db50+SeYn/Loms
0SugV+3mJJtB8LftmxJGOeBW4xDFHfb5wuZolgsTYJP9aMDaJ811x8FLbAcfZtLz
+FnF7TjDfiIfKeqODDls+XBb7dhwmRRPBrhgD9w2UY/vSyoDOZl1GIYTntIplfeO
58KR8pIVNWBHnaP3St4iSGrEbEQhjIN81bnMp0fm0RezCOkrlphpgHVBBXYM5mMA
HssCKwFwUgGrnxluKa6pYqsmLrBD8MWfSH6+2dhGeYHEh/wFDa63o9aL/WwV6vll
ayj7IOZC0h/4GDuQ0IaKtFiUS1h9lEI0h73/EiECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBS1bI8wdnP5zLnsNMj+x6HJN+dsRTAfBgNVHSMEGDAWgBTzBMtEBf4g1nrw
fZ1C4CDu0zLTajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzh3VExSQVgtSU5aNjhIMmRRdUFnN3RNeTAyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvOTNjYmE0LTgxOTYtNDBkYi1iMzE1LWNhY2Q1MDU0OTE0Yy8x
L3RXeVBNSFp6LWN5NTdEVElfc2VoeVRmbmJFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
OTNjYmE0LTgxOTYtNDBkYi1iMzE1LWNhY2Q1MDU0OTE0Yy8xLzh3VExSQVgtSU5a
NjhIMmRRdUFnN3RNeTAyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEA1taEAMEAlvLWAMEAcJYzgMEAcKP
kAMEAcMUYAMEAcNfygMEAsOMqAMEAsPqRDANBgkqhkiG9w0BAQsFAAOCAQEAF/XA
Wb6MafFWlGIrwekwYEB0Tyh7ENuNSl6fmNCY0/nqpTMUI3koVeatvAJlR7/gEUCC
1OtuUyNtBmVQOMny+22bU5/0dS6lfBn+OIwG+DTYVfKCpHO9NXdBIMKZTSKZ1CHU
uTCFeWnW5PBfD7PYnxGRHeYf8l+rbBpbH/TjT+Z/Sbe8q41Q+O/qCVZPQ+2ytLOy
htqjgBEf8h4WUu4d8OiDYbTnn+4dPOijYKmEbnid9yQufYT/skhbgDjtx07KBE86
VuZCdnact2Lh3bflp+IEmK62THkExYtK3aWGgq6F31iPyM0L8LHL4GBhqKyalpgD
NE0YI3s10qki+AdnDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org