Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198923.roa
File: AS198923.roa (raw, json)
Hash identifier: N68k1RR1e2mQeOWTdrxI8H/MbP8SF2E6HOWesYDBYbg=
Subject key identifier: 84:D1:03:0B:B3:38:57:65:69:94:6C:9E:3B:A5:DB:AD:7B:EB:C9:06
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3DD5A7B7F4BD2AC9AA0CB8DEB9321BEB6761B700
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198923.roa
Signing time: Wed 20 Dec 2023 16:21:55 +0000
ROA not before: Wed 20 Dec 2023 16:16:55 +0000
ROA not after: Wed 18 Dec 2024 16:21:55 +0000
asID: 198923
IP address blocks: 2a13:df81::/32 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:d5:a7:b7:f4:bd:2a:c9:aa:0c:b8:de:b9:32:1b:eb:67:61:b7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:55 2023 GMT
Not After : Dec 18 16:21:55 2024 GMT
Subject: CN=84D1030BB338576569946C9E3BA5DBAD7BEBC906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1d:c6:90:fe:20:f3:a2:8c:62:12:e5:94:b0:
ea:8e:ce:63:6f:b7:78:aa:c5:a4:70:59:b8:66:0a:
c6:5a:3d:27:1f:1f:04:03:e9:98:e1:88:c7:01:9a:
be:74:9f:38:7b:b5:94:89:ca:ac:47:5b:d8:44:07:
2c:de:a4:c0:d8:95:db:38:17:35:d8:27:d5:31:4c:
64:90:6f:f1:24:f7:6f:0e:30:cc:de:f6:5b:71:3b:
d1:6f:5a:ed:a5:67:5d:e1:c5:9b:b8:80:a3:ed:26:
6f:b1:10:37:be:9d:f7:9d:d0:58:20:8f:70:2f:e6:
d5:51:30:11:00:11:9f:0b:7f:5f:ac:77:7b:31:95:
68:22:aa:59:b9:29:c7:67:1f:0d:a9:6b:c4:0c:c7:
26:23:dc:1a:6b:23:e1:d4:e3:15:6b:79:c1:1f:56:
b7:19:e1:99:c7:4d:d5:5a:7d:a6:3a:c2:39:69:35:
d2:49:42:07:5b:ca:81:13:3c:b6:76:c2:a7:b1:d5:
e3:04:92:54:c5:19:c3:73:78:04:6a:bf:da:29:24:
96:6d:27:ba:c0:56:ab:45:2c:20:15:be:0f:e5:27:
74:2d:de:fe:08:dc:28:b7:08:00:1c:91:91:b6:cb:
d0:c0:bd:a5:c2:49:de:5d:61:f0:c7:a3:14:5b:79:
d0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D1:03:0B:B3:38:57:65:69:94:6C:9E:3B:A5:DB:AD:7B:EB:C9:06
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198923.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df81::/32
Signature Algorithm: sha256WithRSAEncryption
a5:56:1a:67:00:3c:87:a3:05:d0:66:3c:d4:85:81:b1:4e:e5:
03:b9:a7:01:45:25:23:a8:cd:b8:58:7d:00:39:d3:2a:62:fb:
6a:af:af:e8:14:d3:9a:01:3c:fc:28:cb:fe:cb:af:3d:8f:20:
cd:1d:6e:de:63:a5:03:fd:0b:dd:0b:fe:ff:42:41:74:c8:4e:
30:29:cb:4b:ca:a7:ac:eb:dd:a3:c9:c9:16:02:39:ec:ce:67:
b8:f2:54:60:f7:9f:ec:fc:24:b9:6e:f0:9a:8f:0a:2b:8a:5c:
d8:55:50:b9:fd:02:fe:80:e9:6c:5d:76:ff:71:3e:af:2f:f5:
d0:26:37:67:ac:c4:98:48:04:9a:93:30:02:13:ea:f9:57:d8:
de:76:a7:fc:c8:e5:ae:5a:10:38:89:d0:45:de:1c:17:1e:bc:
9e:d2:25:f9:02:0a:a5:0c:fb:db:15:20:6d:30:0f:ac:71:9e:
86:f0:46:a7:23:74:f6:c7:b6:76:9e:98:1e:b1:18:24:dd:6d:
eb:8f:2f:84:bd:11:3f:74:27:8d:ec:2e:6e:f5:fd:60:35:66:
1f:e4:1c:ab:c3:01:af:a5:ec:3f:fc:97:d3:4d:96:c9:ff:3a:
4f:57:35:c7:77:79:2c:93:12:77:39:f9:61:92:48:4f:aa:4e:
cf:b3:08:e2
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUPdWnt/S9KsmqDLjeuTIb62dhtwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTVaFw0yNDEyMTgxNjIxNTVaMDMxMTAvBgNV
BAMTKDg0RDEwMzBCQjMzODU3NjU2OTk0NkM5RTNCQTVEQkFEN0JFQkM5MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeHcaQ/iDzooxiEuWUsOqOzmNv
t3iqxaRwWbhmCsZaPScfHwQD6ZjhiMcBmr50nzh7tZSJyqxHW9hEByzepMDYlds4
FzXYJ9UxTGSQb/Ek928OMMze9ltxO9FvWu2lZ13hxZu4gKPtJm+xEDe+nfed0Fgg
j3Av5tVRMBEAEZ8Lf1+sd3sxlWgiqlm5KcdnHw2pa8QMxyYj3BprI+HU4xVrecEf
VrcZ4ZnHTdVafaY6wjlpNdJJQgdbyoETPLZ2wqex1eMEklTFGcNzeARqv9opJJZt
J7rAVqtFLCAVvg/lJ3Qt3v4I3Ci3CAAckZG2y9DAvaXCSd5dYfDHoxRbedCrAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUhNEDC7M4V2VplGyeO6XbrXvryQYwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk4OTIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPf
gTANBgkqhkiG9w0BAQsFAAOCAQEApVYaZwA8h6MF0GY81IWBsU7lA7mnAUUlI6jN
uFh9ADnTKmL7aq+v6BTTmgE8/CjL/suvPY8gzR1u3mOlA/0L3Qv+/0JBdMhOMCnL
S8qnrOvdo8nJFgI57M5nuPJUYPef7PwkuW7wmo8KK4pc2FVQuf0C/oDpbF12/3E+
ry/10CY3Z6zEmEgEmpMwAhPq+VfY3nan/MjlrloQOInQRd4cFx68ntIl+QIKpQz7
2xUgbTAPrHGehvBGpyN09se2dp6YHrEYJN1t648vhL0RP3QnjewubvX9YDVmH+Qc
q8MBr6XsP/yX002Wyf86T1c1x3d5LJMSdzn5YZJIT6pOz7MI4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org