Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ApTXrllTk5-MNc8c0zvxylKbja4.roa
File: ApTXrllTk5-MNc8c0zvxylKbja4.roa (raw, json)
Hash identifier: ye7qvJ9NMHvUssupU7VsDpaHwRdsirTpUkRSCbAo10I=
Subject key identifier: 02:94:D7:AE:59:53:93:9F:8C:35:CF:1C:D3:3B:F1:CA:52:9B:8D:AE
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 0181F8F366EBE95A1364FE44C69BBC6DA8EC
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ApTXrllTk5-MNc8c0zvxylKbja4.roa
Signing time: Wed 13 Jul 2022 19:05:09 +0000
ROA not before: Wed 13 Jul 2022 19:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.57.27.0/24 maxlen: 24
193.57.33.0/24 maxlen: 24
193.57.35.0/24 maxlen: 24
193.57.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f8:f3:66:eb:e9:5a:13:64:fe:44:c6:9b:bc:6d:a8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jul 13 19:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0294d7ae5953939f8c35cf1cd33bf1ca529b8dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5b:10:e6:5d:cd:05:94:73:9e:9c:81:3c:ab:
86:05:39:53:a9:65:42:47:94:67:96:1b:fd:ad:2a:
ec:24:a4:e3:c4:10:38:4d:b7:00:f0:b1:ee:a7:85:
6b:43:8d:16:8f:3f:90:73:bc:cb:98:a7:8b:fe:04:
57:22:f8:75:c3:e3:2e:09:3e:7d:34:15:e1:c7:fa:
e3:2c:0c:60:75:0d:39:b2:b9:20:45:fa:7f:f0:0f:
8c:55:18:b5:9d:10:3a:db:d8:65:c1:07:0e:5d:02:
c9:b3:80:ca:4a:27:1a:79:13:59:dd:6e:bc:56:6a:
fe:52:16:61:dc:40:26:52:40:d1:a7:f0:e7:ce:c4:
4a:e3:eb:f3:80:c7:da:34:4c:44:46:28:7d:89:3b:
cd:f5:0a:97:72:bc:d1:c6:45:51:72:d7:ad:c0:ed:
ff:af:f7:28:bd:cf:57:8a:0b:04:07:9a:f7:59:ad:
3d:65:94:9c:53:7c:af:c2:99:b6:a4:7e:fd:0c:0d:
39:c4:7f:e7:32:81:fa:5f:08:43:6f:6c:a2:fd:3d:
97:32:98:d8:42:e3:dc:22:87:5c:0b:12:25:c7:2a:
61:77:4e:2b:a6:06:41:9d:50:a7:f1:c2:4f:94:9a:
6d:61:a0:c4:31:a4:52:78:b0:e2:ac:94:32:cf:75:
f6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:94:D7:AE:59:53:93:9F:8C:35:CF:1C:D3:3B:F1:CA:52:9B:8D:AE
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ApTXrllTk5-MNc8c0zvxylKbja4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.27.0/24
193.57.33.0/24
193.57.35.0/24
193.57.57.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c5:c8:17:13:52:73:4a:09:4a:1f:8c:e4:57:ea:a4:85:b5:
3a:0d:8f:94:aa:a6:89:f8:2d:64:fb:c1:96:a3:dd:28:fd:56:
12:72:7d:5f:6f:49:f3:9e:ac:63:72:47:3a:7d:63:c2:2b:47:
58:c2:39:90:24:7f:b4:89:58:0f:da:fb:5c:29:76:e4:ca:6a:
06:71:82:8b:f7:86:b4:12:93:33:2d:54:4e:05:c1:10:6b:7f:
b1:2e:cd:61:92:57:9d:11:82:c2:71:98:6c:2f:e9:24:24:78:
8d:f4:38:6f:d4:d3:dd:c7:4d:80:1a:f8:63:ce:a9:23:87:9b:
62:ae:de:c2:25:43:1e:94:a9:ad:16:cf:4c:5c:35:d4:f4:43:
d3:43:d2:7a:82:bb:f7:19:cd:7f:36:79:aa:02:08:9b:fc:9c:
ca:ce:27:b3:af:5a:7b:b3:65:65:79:21:68:24:d1:94:35:61:
f1:cd:70:89:f2:81:44:6d:5c:f8:8a:a7:6a:cf:c2:1a:3e:46:
67:f2:e6:cc:7a:75:45:e8:d6:1a:6c:f6:b2:80:7e:55:7f:49:
67:8f:dd:c8:16:02:12:23:88:de:df:fb:e8:6e:70:0d:0c:b0:
cd:9f:e4:b4:c9:fd:cd:bc:31:50:cf:59:09:db:42:c7:0a:58:
6d:2b:74:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYH482br6VoTZP5Expu8bajsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIwNzEzMTkwNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk0ZDdhZTU5NTM5MzlmOGMzNWNmMWNkMzNiZjFjYTUyOWI4ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVsQ5l3NBZRznpyBPKuGBTlTqWVC
R5Rnlhv9rSrsJKTjxBA4TbcA8LHup4VrQ40Wjz+Qc7zLmKeL/gRXIvh1w+MuCT59
NBXhx/rjLAxgdQ05srkgRfp/8A+MVRi1nRA629hlwQcOXQLJs4DKSicaeRNZ3W68
Vmr+UhZh3EAmUkDRp/DnzsRK4+vzgMfaNExERih9iTvN9QqXcrzRxkVRctetwO3/
r/covc9XigsEB5r3Wa09ZZScU3yvwpm2pH79DA05xH/nMoH6XwhDb2yi/T2XMpjY
QuPcIodcCxIlxyphd04rpgZBnVCn8cJPlJptYaDEMaRSeLDirJQyz3X2SwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAKU165ZU5OfjDXPHNM78cpSm42uMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvQXBUWHJsbFRrNS1NTmM4YzB6dnh5bEtiamE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwTkbAwQA
wTkhAwQAwTkjAwQAwTk5MA0GCSqGSIb3DQEBCwUAA4IBAQBlxcgXE1JzSglKH4zk
V+qkhbU6DY+UqqaJ+C1k+8GWo90o/VYScn1fb0nznqxjckc6fWPCK0dYwjmQJH+0
iVgP2vtcKXbkymoGcYKL94a0EpMzLVROBcEQa3+xLs1hkledEYLCcZhsL+kkJHiN
9Dhv1NPdx02AGvhjzqkjh5tirt7CJUMelKmtFs9MXDXU9EPTQ9J6grv3Gc1/Nnmq
Agib/JzKziezr1p7s2VleSFoJNGUNWHxzXCJ8oFEbVz4iqdqz8IaPkZn8ubMenVF
6NYabPaygH5Vf0lnj93IFgISI4je3/vobnANDLDNn+S0yf3NvDFQz1kJ20LHClht
K3TL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org