Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/uaWU0WxtRsyjj2zz-CJ_aAbzZI8.roa
File: uaWU0WxtRsyjj2zz-CJ_aAbzZI8.roa (raw, json)
Hash identifier: EUr3NRUhT4odmDvJTNeOHWu8gfWuXyiCAyZQnMQcF7o=
Subject key identifier: B9:A5:94:D1:6C:6D:46:CC:A3:8F:6C:F3:F8:22:7F:68:06:F3:64:8F
Certificate issuer: /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial: 01856DD40BAC03C1192A98C509032784C2C6
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/uaWU0WxtRsyjj2zz-CJ_aAbzZI8.roa
Signing time: Sun 01 Jan 2023 14:54:51 +0000
ROA not before: Sun 01 Jan 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44253
IP address blocks: 213.171.128.0/20 maxlen: 24
2a00:1bd8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0b:ac:03:c1:19:2a:98:c5:09:03:27:84:c2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
Validity
Not Before: Jan 1 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9a594d16c6d46cca38f6cf3f8227f6806f3648f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:a6:ad:9b:c3:dd:38:93:8c:89:be:6d:f6:
02:cf:91:32:81:2a:a2:de:2b:5b:d1:02:26:78:c8:
8f:3d:ea:ae:ae:66:6c:35:d6:4d:74:43:a0:d0:9a:
fa:84:b1:cf:97:ed:5f:50:f8:29:39:2d:6c:07:6a:
61:c6:57:1f:88:09:bc:31:cc:9a:51:5d:54:23:c5:
8c:5d:41:e2:5f:23:e2:31:16:de:bb:af:f1:4e:85:
a8:f7:65:45:e3:58:0c:d7:fb:86:ca:3e:3f:07:e6:
5f:08:66:50:bf:4b:70:43:e4:b7:5d:a7:50:9d:29:
35:6e:39:e0:87:26:09:ae:6f:1a:e5:6e:e3:9a:ef:
49:00:ed:86:f5:f4:a5:10:ce:17:49:11:eb:e5:e1:
7b:e3:df:5d:7b:99:a0:7e:b9:05:b0:4c:52:27:28:
b6:b0:2c:db:0f:b1:e0:e1:05:4e:94:4a:63:6c:6a:
2c:ed:6b:86:7f:a1:a6:c5:a8:af:ea:55:c6:52:fd:
cc:95:cf:ce:2c:70:0a:79:8a:a5:cd:f6:b7:4a:a7:
f0:e6:6c:a6:b5:3e:28:7e:91:ff:60:8b:f0:9b:c5:
69:f8:91:42:eb:87:ab:ff:7c:ac:c8:62:ca:70:a8:
de:51:ae:d6:ea:67:1c:4e:11:f2:1e:49:37:7c:17:
14:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A5:94:D1:6C:6D:46:CC:A3:8F:6C:F3:F8:22:7F:68:06:F3:64:8F
X509v3 Authority Key Identifier:
keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/uaWU0WxtRsyjj2zz-CJ_aAbzZI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.128.0/20
IPv6:
2a00:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
88:73:52:d9:7c:c3:12:ea:95:00:9c:66:f6:03:78:32:bf:ea:
b1:8c:21:26:4d:59:3f:48:7b:5d:1d:d3:6c:e4:e9:a6:79:e8:
fd:44:a8:d2:f4:92:71:e1:92:7a:a2:74:2c:3e:a4:6b:0c:03:
f6:c4:52:09:f5:18:47:bf:5b:ca:c2:4c:70:39:5b:60:51:a8:
af:ff:d9:6c:47:a2:0a:34:ab:87:70:7a:42:94:86:94:77:7f:
ef:03:4f:b7:0f:fa:a7:b8:84:f4:c7:9c:73:98:38:a0:1d:a4:
54:80:0c:2f:30:70:f0:47:e4:f1:a2:38:97:ec:43:fe:89:c8:
e6:4d:d3:54:4f:e2:7a:84:99:91:fa:27:53:eb:d7:7d:b8:52:
5d:34:8c:04:76:4e:8e:af:37:bc:2d:1e:25:42:b5:9a:47:ac:
bc:db:dc:8e:12:fa:00:ea:90:63:a8:52:1b:03:9b:7a:94:61:
aa:e4:9d:d4:55:04:0a:7d:a8:47:e2:9f:8a:45:cd:67:f6:54:
95:b0:09:b0:4a:e2:0a:19:39:b4:43:0b:b2:6d:73:ad:e3:8b:
25:b6:ca:8b:70:48:4e:53:83:db:ee:3f:2a:c4:4f:79:99:73:
55:bc:b2:f2:dd:6d:2d:2f:76:ca:6f:6e:2b:f3:ee:81:91:cc:
ac:74:d0:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1AusA8EZKpjFCQMnhMLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjQwYjAyMzExMzc2ZGM5NmVlYmZlY2E3NTVjM2IwMDYx
MTQwZWMwHhcNMjMwMTAxMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWE1OTRkMTZjNmQ0NmNjYTM4ZjZjZjNmODIyN2Y2ODA2ZjM2NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIemrZvD3TiTjIm+bfYCz5EygSqi
3itb0QImeMiPPequrmZsNdZNdEOg0Jr6hLHPl+1fUPgpOS1sB2phxlcfiAm8Mcya
UV1UI8WMXUHiXyPiMRbeu6/xToWo92VF41gM1/uGyj4/B+ZfCGZQv0twQ+S3XadQ
nSk1bjnghyYJrm8a5W7jmu9JAO2G9fSlEM4XSRHr5eF7499de5mgfrkFsExSJyi2
sCzbD7Hg4QVOlEpjbGos7WuGf6Gmxaiv6lXGUv3Mlc/OLHAKeYqlzfa3Sqfw5mym
tT4ofpH/YIvwm8Vp+JFC64er/3ysyGLKcKjeUa7W6mccThHyHkk3fBcUCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLmllNFsbUbMo49s8/gif2gG82SPMB8GA1UdIwQY
MBaAFM9kCwIxE3bclu6/7KdVw7AGEUDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMt
OWRiNWJlNGQwZWZmLzEvdWFXVTBXeHRSc3lqajJ6ei1DSl9hQWJ6Wkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMtOWRiNWJlNGQwZWZm
LzEvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE1auAMA0E
AgACMAcDBQAqABvYMA0GCSqGSIb3DQEBCwUAA4IBAQCIc1LZfMMS6pUAnGb2A3gy
v+qxjCEmTVk/SHtdHdNs5Ommeej9RKjS9JJx4ZJ6onQsPqRrDAP2xFIJ9RhHv1vK
wkxwOVtgUaiv/9lsR6IKNKuHcHpClIaUd3/vA0+3D/qnuIT0x5xzmDigHaRUgAwv
MHDwR+TxojiX7EP+icjmTdNUT+J6hJmR+idT69d9uFJdNIwEdk6Orze8LR4lQrWa
R6y829yOEvoA6pBjqFIbA5t6lGGq5J3UVQQKfahH4p+KRc1n9lSVsAmwSuIKGTm0
QwuybXOt44sltsqLcEhOU4Pb7j8qxE95mXNVvLLy3W0tL3bKb24r8+6BkcysdNAK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org