Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/TQ72Zs-nrn5wRXgtmczzKGa7LDg.roa
File: TQ72Zs-nrn5wRXgtmczzKGa7LDg.roa (raw, json)
Hash identifier: 8QmDgzcBsdEUXRRNsy3j0oJaCyfh3zDNSbYl1QRQYJQ=
Subject key identifier: 4D:0E:F6:66:CF:A7:AE:7E:70:45:78:2D:99:CC:F3:28:66:BB:2C:38
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 0187C29F7001D7C8465A400E6EDAC09CF572
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/TQ72Zs-nrn5wRXgtmczzKGa7LDg.roa
Signing time: Thu 27 Apr 2023 12:10:41 +0000
ROA not before: Thu 27 Apr 2023 12:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.225.236.0/24 maxlen: 24
45.132.98.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:9f:70:01:d7:c8:46:5a:40:0e:6e:da:c0:9c:f5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Apr 27 12:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d0ef666cfa7ae7e7045782d99ccf32866bb2c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f5:b8:f2:de:49:33:0a:6f:d7:11:bb:02:fd:
d0:1d:c8:b1:61:49:f0:fe:c1:de:55:04:1e:d8:49:
96:1e:da:3f:a3:43:18:d0:2f:ab:79:9e:1b:2b:e9:
c1:60:de:c4:25:12:33:15:fa:4d:5b:1b:d4:a1:24:
33:ce:20:76:f8:82:bf:60:4d:5a:c7:61:dc:81:98:
1d:c1:19:e5:e7:bf:c7:86:4d:af:87:86:72:0d:ca:
2f:36:b8:c1:db:b8:ec:41:ad:1a:c6:2e:0b:49:dd:
e6:2b:cd:3b:c2:33:45:ea:0d:63:da:0d:7c:4e:1a:
52:20:46:b5:e0:af:98:07:8e:fa:f8:29:ce:ad:24:
13:30:e0:b8:a4:87:0b:41:30:6c:53:ca:0b:48:d3:
f3:a3:83:1d:67:cb:84:76:10:0f:de:e5:02:e9:4f:
8a:70:88:5f:ec:c3:6f:f6:8a:c5:50:9c:b5:c8:ee:
00:7b:0b:89:df:88:e6:54:8e:98:30:a8:53:95:e0:
45:6b:92:4a:49:94:96:eb:56:77:4e:17:8e:e7:75:
16:75:3e:94:42:4a:d0:d2:a8:a1:be:68:04:b1:1b:
9f:e6:59:f8:ed:e6:df:98:8f:02:6f:5e:51:08:d7:
60:89:86:d0:fc:2c:94:09:79:aa:e4:88:9c:b3:81:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0E:F6:66:CF:A7:AE:7E:70:45:78:2D:99:CC:F3:28:66:BB:2C:38
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/TQ72Zs-nrn5wRXgtmczzKGa7LDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/23
213.225.236.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:4a:43:74:53:5e:f2:ad:9f:af:35:ea:3e:a7:52:9a:49:27:
6c:f0:63:02:ef:0e:80:aa:4a:98:78:d8:75:39:c0:9d:cc:cf:
ab:7c:75:c7:18:30:13:a6:d6:fc:49:ac:76:6a:a5:25:e9:2d:
45:cc:53:34:ba:0a:0d:ec:dc:b4:73:70:c5:88:87:28:5d:79:
5f:6c:7a:d9:e7:8c:05:d6:d6:00:41:9f:af:89:fe:36:71:2f:
ec:34:96:6f:9e:7c:bf:c3:e3:1f:6e:61:ae:9e:24:9c:9b:b4:
08:6f:de:c2:03:b4:c5:c0:e6:ae:b0:64:f8:5f:8b:2f:eb:35:
f8:98:0b:a7:e6:2a:ad:fd:74:3e:a8:dc:88:6f:9b:7b:6c:21:
e2:ea:b3:b6:78:0b:f1:7d:75:8d:5c:87:0c:0e:68:45:98:73:
03:c9:46:68:bf:ff:ff:d9:2c:0a:0f:ab:e5:70:52:44:5d:ac:
1e:6a:b0:01:23:9e:a0:5a:e4:26:fb:57:b3:84:41:cd:2b:f2:
8c:b6:2d:0d:21:0e:86:b2:ad:3d:ba:cf:80:f9:40:f1:d1:84:
14:cb:89:e1:bb:90:c3:78:bc:76:13:76:e2:4f:b7:27:9b:c9:
8b:67:47:eb:6f:45:3c:26:3b:3e:6a:05:da:21:eb:18:bd:c7:
d6:49:66:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfCn3AB18hGWkAObtrAnPVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwNDI3MTIxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBlZjY2NmNmYTdhZTdlNzA0NTc4MmQ5OWNjZjMyODY2YmIyYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/W48t5JMwpv1xG7Av3QHcixYUnw
/sHeVQQe2EmWHto/o0MY0C+reZ4bK+nBYN7EJRIzFfpNWxvUoSQzziB2+IK/YE1a
x2HcgZgdwRnl57/Hhk2vh4ZyDcovNrjB27jsQa0axi4LSd3mK807wjNF6g1j2g18
ThpSIEa14K+YB476+CnOrSQTMOC4pIcLQTBsU8oLSNPzo4MdZ8uEdhAP3uUC6U+K
cIhf7MNv9orFUJy1yO4AewuJ34jmVI6YMKhTleBFa5JKSZSW61Z3TheO53UWdT6U
QkrQ0qihvmgEsRuf5ln47ebfmI8Cb15RCNdgiYbQ/CyUCXmq5Iics4ETlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE0O9mbPp65+cEV4LZnM8yhmuyw4MB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvVFE3MlpzLW5ybjV3UlhndG1jenpLR2E3TERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYRiAwQA
1eHsMA0GCSqGSIb3DQEBCwUAA4IBAQAaSkN0U17yrZ+vNeo+p1KaSSds8GMC7w6A
qkqYeNh1OcCdzM+rfHXHGDATptb8Sax2aqUl6S1FzFM0ugoN7Ny0c3DFiIcoXXlf
bHrZ54wF1tYAQZ+vif42cS/sNJZvnny/w+MfbmGuniScm7QIb97CA7TFwOausGT4
X4sv6zX4mAun5iqt/XQ+qNyIb5t7bCHi6rO2eAvxfXWNXIcMDmhFmHMDyUZov///
2SwKD6vlcFJEXawearABI56gWuQm+1ezhEHNK/KMti0NIQ6Gsq09us+A+UDx0YQU
y4nhu5DDeLx2E3biT7cnm8mLZ0frb0U8Jjs+agXaIesYvcfWSWar
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org