Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/tXLOTV_UhcvlufoNg1wROTFPIIM.roa
File: tXLOTV_UhcvlufoNg1wROTFPIIM.roa (raw, json)
Hash identifier: spvlyqhz7/fER9rA2NWT0t3ODLF+zphcwck0+reINok=
Subject key identifier: B5:72:CE:4D:5F:D4:85:CB:E5:B9:FA:0D:83:5C:11:39:31:4F:20:83
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 018745E4C9F08AB696E606A8B24DF1FAEA61
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/tXLOTV_UhcvlufoNg1wROTFPIIM.roa
Signing time: Mon 03 Apr 2023 06:53:54 +0000
ROA not before: Mon 03 Apr 2023 06:53:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.225.236.0/24 maxlen: 24
45.146.104.0/24 maxlen: 24
45.132.98.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:e4:c9:f0:8a:b6:96:e6:06:a8:b2:4d:f1:fa:ea:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Apr 3 06:53:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b572ce4d5fd485cbe5b9fa0d835c1139314f2083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4a:e3:28:cb:41:2f:59:15:c4:b2:51:f6:48:
23:d5:3f:b9:3f:0d:a6:cd:bd:a0:2b:52:f0:00:e4:
a2:0c:f3:11:3a:66:bf:90:73:b0:6f:1b:8b:48:9c:
91:c8:b1:d1:d1:13:bb:f1:db:26:99:7f:aa:c1:53:
f9:43:37:66:fc:d1:a4:77:bd:4c:1a:d4:9b:fc:3d:
ce:11:4a:d1:d5:46:ab:3e:6e:01:c0:d2:c4:49:4d:
43:03:61:de:d0:99:1a:c9:4b:83:d0:95:82:cf:97:
90:2e:a3:a9:08:24:90:8f:52:c2:c3:7e:e7:75:b0:
24:b6:6d:61:aa:06:70:a3:0e:9a:57:21:75:ef:5e:
3a:b0:bd:55:30:9a:c4:7c:0d:cd:2a:6c:75:f3:6b:
1c:4c:10:6e:d2:4b:63:58:b0:99:c4:d7:07:41:1e:
a8:91:b9:ae:58:12:fd:07:2b:fc:f0:32:e6:9b:67:
4a:ab:81:51:93:1c:17:a5:42:98:96:5d:d1:ec:36:
f1:46:d3:cf:96:b4:62:c2:8c:c9:38:3b:58:3d:a3:
4b:2e:b8:63:67:d9:ec:2f:ad:76:59:b7:e7:5a:77:
18:8d:4c:d5:c5:6e:17:32:66:60:ff:f2:5f:d8:4d:
c7:59:30:11:3f:65:19:61:a3:73:67:ce:68:41:69:
26:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:72:CE:4D:5F:D4:85:CB:E5:B9:FA:0D:83:5C:11:39:31:4F:20:83
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/tXLOTV_UhcvlufoNg1wROTFPIIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/23
45.146.104.0/24
213.225.236.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ee:5c:cb:55:77:ff:c5:88:88:48:8e:e4:71:08:0f:67:6d:
2c:9a:c7:83:b2:5e:e2:f8:91:5a:92:c8:63:9f:ea:b1:4c:10:
0b:f9:8f:54:e0:87:6c:f5:4e:4b:d5:4c:0a:28:a1:df:45:42:
57:c1:97:7f:58:a4:ee:98:77:5c:f7:ec:ce:84:be:3d:c9:4e:
8c:7b:d7:63:31:b6:b6:7f:1d:b4:50:27:6d:a1:3e:42:a0:28:
55:46:2d:ef:bc:ee:0e:a2:6a:22:f2:a8:0a:78:6e:21:03:10:
00:6c:24:a3:c0:b7:9a:46:6a:11:e1:e4:c1:66:e4:3c:a5:d1:
62:af:37:29:35:50:09:f4:c6:77:7a:d0:00:7f:ec:7e:92:70:
0b:dd:d1:23:bd:26:a8:4d:ba:34:a7:43:82:e2:26:ae:84:26:
32:c6:41:11:ae:8f:78:ec:20:57:83:7e:17:20:4c:6e:27:f2:
a0:b8:fa:69:18:b5:23:02:b8:0e:59:e7:f7:38:4c:64:04:0f:
e2:7a:01:3c:83:c0:b5:0f:a8:c9:27:a2:9c:4a:36:f2:c1:21:
0d:5b:e3:a3:ec:f4:b2:72:4c:6d:8f:6d:62:b1:6e:ab:14:46:
c9:bd:2d:f3:d6:30:e9:ca:5e:1e:e4:da:2a:16:57:08:b3:e6:
5b:fb:fb:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdF5MnwiraW5gaosk3x+uphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwNDAzMDY1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTcyY2U0ZDVmZDQ4NWNiZTViOWZhMGQ4MzVjMTEzOTMxNGYyMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokrjKMtBL1kVxLJR9kgj1T+5Pw2m
zb2gK1LwAOSiDPMROma/kHOwbxuLSJyRyLHR0RO78dsmmX+qwVP5Qzdm/NGkd71M
GtSb/D3OEUrR1UarPm4BwNLESU1DA2He0JkayUuD0JWCz5eQLqOpCCSQj1LCw37n
dbAktm1hqgZwow6aVyF17146sL1VMJrEfA3NKmx182scTBBu0ktjWLCZxNcHQR6o
kbmuWBL9Byv88DLmm2dKq4FRkxwXpUKYll3R7DbxRtPPlrRiwozJODtYPaNLLrhj
Z9nsL612WbfnWncYjUzVxW4XMmZg//Jf2E3HWTARP2UZYaNzZ85oQWkm3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLVyzk1f1IXL5bn6DYNcETkxTyCDMB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvdFhMT1RWX1VoY3ZsdWZvTmcxd1JPVEZQSUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYRiAwQA
LZJoAwQA1eHsMA0GCSqGSIb3DQEBCwUAA4IBAQAm7lzLVXf/xYiISI7kcQgPZ20s
mseDsl7i+JFakshjn+qxTBAL+Y9U4Ids9U5L1UwKKKHfRUJXwZd/WKTumHdc9+zO
hL49yU6Me9djMba2fx20UCdtoT5CoChVRi3vvO4Oomoi8qgKeG4hAxAAbCSjwLea
RmoR4eTBZuQ8pdFirzcpNVAJ9MZ3etAAf+x+knAL3dEjvSaoTbo0p0OC4iauhCYy
xkERro947CBXg34XIExuJ/KguPppGLUjArgOWef3OExkBA/iegE8g8C1D6jJJ6Kc
SjbywSENW+Oj7PSyckxtj21isW6rFEbJvS3z1jDpyl4e5NoqFlcIs+Zb+/vX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org