Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/tYMB1a8__PKouhPZjmAuOUIwc30.roa
File: tYMB1a8__PKouhPZjmAuOUIwc30.roa (raw, json)
Hash identifier: 5Cw1A0ug6Ycbg6Jy6flpf190PWKcJkr1D9TvVS1cYQU=
Subject key identifier: B5:83:01:D5:AF:3F:FC:F2:A8:BA:13:D9:8E:60:2E:39:42:30:73:7D
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 018769E44D3CE66BA245FDD90531E8FEF490
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/tYMB1a8__PKouhPZjmAuOUIwc30.roa
Signing time: Mon 10 Apr 2023 06:39:42 +0000
ROA not before: Mon 10 Apr 2023 06:39:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.225.237.0/24 maxlen: 24
213.225.236.0/24 maxlen: 24
45.132.98.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:69:e4:4d:3c:e6:6b:a2:45:fd:d9:05:31:e8:fe:f4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Apr 10 06:39:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b58301d5af3ffcf2a8ba13d98e602e394230737d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:0c:49:a9:b8:1e:c3:c6:5f:f5:0a:62:79:
61:ee:ee:66:2a:7f:26:60:ff:9c:cd:20:a3:1f:5b:
e8:a8:1e:8a:a9:49:c5:38:f3:01:84:aa:58:7d:e9:
4d:ec:b1:ce:42:8f:81:4e:75:b4:02:20:9d:e9:77:
82:23:82:d2:0b:ad:7b:9c:ba:ec:ac:70:cc:ad:b4:
44:75:55:ef:c9:a8:7a:69:d8:50:28:94:58:c5:d8:
c9:10:b7:ad:05:ba:cb:64:fe:24:96:8a:aa:8e:84:
c8:74:07:03:80:55:d7:e8:01:d4:d1:d9:f4:09:98:
70:03:fb:96:32:d9:bf:c3:cc:70:21:67:26:a4:3b:
df:aa:ed:4e:e3:04:ad:0a:36:8f:c2:f4:6a:22:b7:
74:b9:62:58:5c:2f:e6:de:d6:7f:de:f5:b2:d5:ae:
a5:e1:19:e8:fe:37:23:c3:a9:02:96:13:df:9d:53:
1b:1b:d6:57:35:47:ce:bf:ae:5e:b1:14:5e:41:f4:
99:21:c0:2a:8a:57:63:4e:4f:50:e7:ff:3b:83:c6:
52:4e:e8:42:a9:bf:0b:67:27:4e:51:1e:ed:5e:e0:
44:29:86:db:df:42:99:4a:e5:ea:5a:be:1d:76:e8:
2f:a2:46:34:a3:89:0e:98:3b:3c:65:d4:80:5b:c8:
3b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:83:01:D5:AF:3F:FC:F2:A8:BA:13:D9:8E:60:2E:39:42:30:73:7D
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/tYMB1a8__PKouhPZjmAuOUIwc30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/23
213.225.236.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:1e:58:b2:5b:72:e2:86:37:94:82:71:f5:cb:16:f3:51:6a:
10:9c:d7:ed:35:64:d1:2e:ac:bb:15:7f:7b:a1:40:8b:b7:07:
ef:d8:d9:35:47:f3:b5:18:e7:98:d4:aa:dc:9c:07:c6:18:a6:
a2:01:52:85:ba:fb:33:35:d5:b6:31:2f:a4:05:40:18:aa:04:
75:8b:29:8d:0f:1b:70:2b:33:d1:4e:e1:87:3a:db:7f:37:a0:
c4:10:f5:98:6c:5a:6a:8c:f6:a4:7d:e8:72:5f:62:1f:b1:01:
8d:bd:24:49:62:9d:ce:10:49:9a:c2:96:9b:3d:2f:2f:27:ae:
90:7b:ce:af:5d:21:4d:2b:3b:8d:b3:70:c7:39:fe:da:93:a0:
15:37:c2:d4:2d:40:f5:b0:07:95:bf:ae:8b:75:93:47:86:e3:
cf:32:66:e5:23:93:3f:6c:f1:38:af:e1:8b:1a:75:3c:7b:3a:
e0:c5:99:3b:d4:92:e7:3d:42:4e:2d:48:24:16:2c:02:c4:4e:
72:0a:04:f3:2c:9b:f6:d1:19:0d:98:04:b3:95:bd:fa:d1:ed:
f2:9f:5d:c2:bf:82:92:18:62:1f:ce:fa:8b:2d:d5:6c:ca:35:
35:c2:aa:37:ea:5d:66:c7:97:08:02:28:2c:0a:0f:ab:66:06:
60:88:ac:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdp5E085muiRf3ZBTHo/vSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwNDEwMDYzOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTgzMDFkNWFmM2ZmY2YyYThiYTEzZDk4ZTYwMmUzOTQyMzA3MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArysMSam4HsPGX/UKYnlh7u5mKn8m
YP+czSCjH1voqB6KqUnFOPMBhKpYfelN7LHOQo+BTnW0AiCd6XeCI4LSC617nLrs
rHDMrbREdVXvyah6adhQKJRYxdjJELetBbrLZP4kloqqjoTIdAcDgFXX6AHU0dn0
CZhwA/uWMtm/w8xwIWcmpDvfqu1O4wStCjaPwvRqIrd0uWJYXC/m3tZ/3vWy1a6l
4Rno/jcjw6kClhPfnVMbG9ZXNUfOv65esRReQfSZIcAqildjTk9Q5/87g8ZSTuhC
qb8LZydOUR7tXuBEKYbb30KZSuXqWr4ddugvokY0o4kOmDs8ZdSAW8g7aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLWDAdWvP/zyqLoT2Y5gLjlCMHN9MB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvdFlNQjFhOF9fUEtvdWhQWmptQXVPVUl3YzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYRiAwQB
1eHsMA0GCSqGSIb3DQEBCwUAA4IBAQBdHliyW3LihjeUgnH1yxbzUWoQnNftNWTR
Lqy7FX97oUCLtwfv2Nk1R/O1GOeY1KrcnAfGGKaiAVKFuvszNdW2MS+kBUAYqgR1
iymNDxtwKzPRTuGHOtt/N6DEEPWYbFpqjPakfehyX2IfsQGNvSRJYp3OEEmawpab
PS8vJ66Qe86vXSFNKzuNs3DHOf7ak6AVN8LULUD1sAeVv66LdZNHhuPPMmblI5M/
bPE4r+GLGnU8ezrgxZk71JLnPUJOLUgkFiwCxE5yCgTzLJv20RkNmASzlb360e3y
n13Cv4KSGGIfzvqLLdVsyjU1wqo36l1mx5cIAigsCg+rZgZgiKzC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:14 2025 by rpki-client