Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/541538-1642-4532-93ad-143044d2d906/1/PxaKQDMInZUMEWpWsmN08kBNCXg.roa
File: PxaKQDMInZUMEWpWsmN08kBNCXg.roa (raw, json)
Hash identifier: 4poeLnI/beU2UPOY1SiD6i48uVsMn8hyiZ5SrJ2ztVo=
Subject key identifier: 3F:16:8A:40:33:08:9D:95:0C:11:6A:56:B2:63:74:F2:40:4D:09:78
Certificate issuer: /CN=5b8f821f65ca86d3b5c745776b5a308b6cc5864d
Certificate serial: 01856F14D4E4A541447B1C7690582F7017D9
Authority key identifier: 5B:8F:82:1F:65:CA:86:D3:B5:C7:45:77:6B:5A:30:8B:6C:C5:86:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W4-CH2XKhtO1x0V3a1owi2zFhk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/541538-1642-4532-93ad-143044d2d906/1/PxaKQDMInZUMEWpWsmN08kBNCXg.roa
Signing time: Sun 01 Jan 2023 20:45:14 +0000
ROA not before: Sun 01 Jan 2023 20:45:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 46.253.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d4:e4:a5:41:44:7b:1c:76:90:58:2f:70:17:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b8f821f65ca86d3b5c745776b5a308b6cc5864d
Validity
Not Before: Jan 1 20:45:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f168a4033089d950c116a56b26374f2404d0978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c2:d3:20:c9:a0:e2:8b:86:f6:f2:df:a3:85:
8c:d7:ec:12:e8:e6:9b:95:ab:79:c4:88:0e:b0:60:
96:54:a9:a6:03:9a:ef:83:e9:ec:69:72:91:18:46:
8a:fb:86:4f:c7:c9:3d:f3:51:50:03:da:9b:a8:24:
00:09:63:19:92:e6:cb:ce:3c:cc:42:d0:bf:14:63:
98:62:2c:67:ed:13:ab:ba:08:6b:3d:c6:16:0d:d2:
fa:bb:80:a0:29:fe:69:ba:03:5f:30:11:7b:4b:1e:
b1:96:8e:7b:09:cf:14:3a:c7:d7:12:30:bf:c2:d2:
07:73:40:00:6a:f1:7e:cb:fd:0b:01:ac:e5:c6:64:
ef:2b:cc:56:9c:fb:8a:18:d2:84:95:c8:35:e7:ce:
c8:2f:42:e2:94:ab:c3:ad:ce:13:8a:8c:96:6f:57:
1b:24:84:e2:5f:aa:46:37:80:39:ce:d1:91:1b:83:
f2:22:fe:2a:e3:7c:ee:4b:61:19:bc:d7:e0:b5:68:
dc:ac:34:12:82:d0:42:19:11:b1:48:d3:8a:df:d6:
99:e6:04:76:23:e5:b5:b7:36:60:44:e6:ba:3c:6a:
e2:d8:04:2a:7d:54:ff:dc:52:33:ce:16:09:bb:57:
89:34:f3:9b:69:00:f9:c5:aa:18:84:7b:e4:d0:6e:
d2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:16:8A:40:33:08:9D:95:0C:11:6A:56:B2:63:74:F2:40:4D:09:78
X509v3 Authority Key Identifier:
keyid:5B:8F:82:1F:65:CA:86:D3:B5:C7:45:77:6B:5A:30:8B:6C:C5:86:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W4-CH2XKhtO1x0V3a1owi2zFhk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/541538-1642-4532-93ad-143044d2d906/1/PxaKQDMInZUMEWpWsmN08kBNCXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/541538-1642-4532-93ad-143044d2d906/1/W4-CH2XKhtO1x0V3a1owi2zFhk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.128.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e2:10:6e:ca:68:1f:1c:5a:67:4f:46:dd:19:0b:9c:06:e0:
dc:26:1e:a7:e4:65:f8:96:3a:dc:e2:5b:c0:73:83:16:d3:a6:
ba:71:66:c4:64:00:ea:ef:bd:bf:64:b6:37:7b:45:84:68:95:
9a:1b:da:d2:67:1c:a8:1e:25:b8:cd:77:d0:bc:9a:7d:7d:e4:
01:5d:25:21:78:37:05:24:c1:bb:8c:73:c4:24:90:7e:cc:7e:
75:19:31:95:78:3e:71:8c:af:f2:b4:24:88:1f:d3:02:b8:1a:
14:fd:1c:60:3b:a7:52:22:a1:72:8a:07:b7:5e:d8:15:59:e5:
eb:82:96:5e:87:47:2e:cd:8b:45:8d:35:21:ac:af:68:90:15:
9f:ea:dd:cb:03:ac:d9:c6:4b:44:96:fb:54:e8:15:61:4c:e9:
42:6c:df:21:f1:1c:c3:ca:02:6a:27:d0:ec:62:fb:33:aa:1e:
3d:d6:95:93:ff:42:b1:0e:b1:83:c4:2d:26:f3:97:38:3a:75:
0b:88:f1:cf:fa:c1:38:f6:46:7d:9f:65:51:55:4b:24:d4:d0:
97:78:8e:62:c6:8f:63:a7:56:15:15:bd:fe:c8:5d:fe:08:84:
40:88:3e:7e:e0:27:60:05:0d:85:42:9d:e5:83:d1:b4:19:10:
33:41:1e:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNTkpUFEexx2kFgvcBfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOGY4MjFmNjVjYTg2ZDNiNWM3NDU3NzZiNWEzMDhiNmNj
NTg2NGQwHhcNMjMwMTAxMjA0NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE2OGE0MDMzMDg5ZDk1MGMxMTZhNTZiMjYzNzRmMjQwNGQwOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocLTIMmg4ouG9vLfo4WM1+wS6Oab
lat5xIgOsGCWVKmmA5rvg+nsaXKRGEaK+4ZPx8k981FQA9qbqCQACWMZkubLzjzM
QtC/FGOYYixn7ROrughrPcYWDdL6u4CgKf5pugNfMBF7Sx6xlo57Cc8UOsfXEjC/
wtIHc0AAavF+y/0LAazlxmTvK8xWnPuKGNKElcg1587IL0LilKvDrc4TioyWb1cb
JITiX6pGN4A5ztGRG4PyIv4q43zuS2EZvNfgtWjcrDQSgtBCGRGxSNOK39aZ5gR2
I+W1tzZgROa6PGri2AQqfVT/3FIzzhYJu1eJNPObaQD5xaoYhHvk0G7STwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8WikAzCJ2VDBFqVrJjdPJATQl4MB8GA1UdIwQY
MBaAFFuPgh9lyobTtcdFd2taMItsxYZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzQtQ0gyWEtodE8xeDBWM2Exb3dpMnpGaGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NDE1MzgtMTY0Mi00NTMyLTkzYWQt
MTQzMDQ0ZDJkOTA2LzEvUHhhS1FETUluWlVNRVdwV3NtTjA4a0JOQ1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NDE1MzgtMTY0Mi00NTMyLTkzYWQtMTQzMDQ0ZDJkOTA2
LzEvVzQtQ0gyWEtodE8xeDBWM2Exb3dpMnpGaGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALv2AMA0G
CSqGSIb3DQEBCwUAA4IBAQA04hBuymgfHFpnT0bdGQucBuDcJh6n5GX4ljrc4lvA
c4MW06a6cWbEZADq772/ZLY3e0WEaJWaG9rSZxyoHiW4zXfQvJp9feQBXSUheDcF
JMG7jHPEJJB+zH51GTGVeD5xjK/ytCSIH9MCuBoU/RxgO6dSIqFyige3XtgVWeXr
gpZeh0cuzYtFjTUhrK9okBWf6t3LA6zZxktElvtU6BVhTOlCbN8h8RzDygJqJ9Ds
Yvszqh491pWT/0KxDrGDxC0m85c4OnULiPHP+sE49kZ9n2VRVUsk1NCXeI5ixo9j
p1YVFb3+yF3+CIRAiD5+4CdgBQ2FQp3lg9G0GRAzQR7A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org