Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/32332e3137372e382e302f32342d3234203d3e203630383538.roa
File: 32332e3137372e382e302f32342d3234203d3e203630383538.roa (raw, json)
Hash identifier: 3rBSsydAXZ2y4UdddSi5WKJL+wcoW9hT+vPlIP2Mh1E=
Subject key identifier: F8:1D:55:A3:6A:74:9D:90:9B:A0:A3:B7:08:22:80:CB:A5:D1:F8:50
Certificate issuer: /CN=200ae5435fb90645e100822def5e63484c98f880d9093373a5
Certificate serial: 4F56DDDFE4898F1EB7B144DD66F0CEFCA3000C2E
Authority key identifier: 2D:0F:81:69:76:82:D4:91:BD:CC:43:90:2B:3C:EC:73:6D:61:31:E4
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435fb90645e100822def5e63484c98f880d9093373a5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/32332e3137372e382e302f32342d3234203d3e203630383538.roa
Signing time: Tue 21 May 2024 12:05:11 +0000
ROA not before: Tue 21 May 2024 12:00:11 +0000
ROA not after: Tue 20 May 2025 12:05:11 +0000
asID: 60858
IP address blocks: 23.177.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:56:dd:df:e4:89:8f:1e:b7:b1:44:dd:66:f0:ce:fc:a3:00:0c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200ae5435fb90645e100822def5e63484c98f880d9093373a5
Validity
Not Before: May 21 12:00:11 2024 GMT
Not After : May 20 12:05:11 2025 GMT
Subject: CN=F81D55A36A749D909BA0A3B7082280CBA5D1F850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c3:66:43:fc:be:b8:93:7b:6b:a0:fa:2c:fd:
47:da:68:63:24:59:a2:66:c0:75:91:39:67:f7:18:
16:44:4e:4f:16:a9:33:07:25:ef:17:da:38:c6:8d:
32:5c:80:d9:b1:8a:34:e9:1d:05:81:2f:fe:e4:ae:
0b:4c:b7:41:48:70:ee:2f:50:ba:cd:72:09:60:8e:
d0:02:92:a1:82:ba:1b:0a:40:a9:73:33:14:9a:2c:
21:b0:31:d8:f3:72:eb:92:15:d0:a5:ae:56:ba:29:
e9:d7:7d:8f:1a:9d:61:b4:b1:f2:82:f1:9c:0d:44:
60:61:cb:3b:8d:7a:e6:f9:a7:cd:b5:01:af:10:1b:
91:95:de:9a:18:22:92:7b:a9:a6:1a:29:eb:69:e1:
d8:f2:fc:ff:f9:fa:3b:6f:05:80:d4:2a:85:c0:e0:
59:b4:49:36:e9:7a:9c:63:35:d1:a8:9e:a0:7a:47:
a5:7e:80:a5:e8:08:89:53:af:f0:84:24:66:51:bb:
c4:de:13:c1:86:86:0c:1f:36:9d:78:a8:23:a9:14:
b0:ad:ec:dc:bf:ac:dd:08:a5:a4:6f:08:64:14:79:
6b:21:91:c5:b2:09:e7:39:3c:b5:c4:0c:4d:75:0e:
e5:7a:ce:31:b9:4b:31:0e:73:d6:f8:a6:5e:a1:16:
21:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1D:55:A3:6A:74:9D:90:9B:A0:A3:B7:08:22:80:CB:A5:D1:F8:50
X509v3 Authority Key Identifier:
keyid:2D:0F:81:69:76:82:D4:91:BD:CC:43:90:2B:3C:EC:73:6D:61:31:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/2D0F81697682D491BDCC43902B3CEC736D6131E4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435fb90645e100822def5e63484c98f880d9093373a5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/32332e3137372e382e302f32342d3234203d3e203630383538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.177.8.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f9:02:bd:19:71:57:1c:0c:8f:f6:de:10:42:f8:9c:9c:09:
8d:17:32:0e:8d:df:73:00:c0:30:f1:05:1b:fc:7a:8a:5a:1b:
40:c1:c8:6b:f8:54:94:2b:8c:57:7d:5b:fe:13:9e:0f:e0:cf:
47:19:fd:6c:be:f0:16:8a:9a:d4:ca:ff:9d:3d:c8:9b:f3:a4:
25:b7:39:d3:c3:d4:16:78:4c:fc:db:48:28:72:4f:a3:18:4b:
ca:9d:13:b2:28:71:9b:cf:2f:4f:17:ff:35:24:4a:04:4b:d0:
f2:a4:2a:cd:76:00:d1:17:bb:bd:22:1f:d8:5d:21:a0:34:d5:
54:e0:d3:77:e5:58:82:7e:03:f4:9d:d5:f0:9a:f6:41:d0:01:
53:96:27:9b:29:8d:49:e9:10:65:9b:d6:cd:c0:5e:c8:67:2d:
3f:2e:65:96:70:5a:6f:6e:f6:3e:04:fc:44:3d:0e:55:24:c4:
c5:19:4b:19:db:20:42:8b:68:48:e8:53:b0:a7:a1:f5:40:5a:
b5:bd:d3:a2:0f:a7:6e:4b:da:90:fa:d1:81:dc:88:70:f2:73:
cf:0f:d5:b6:19:c7:36:65:2f:6f:b3:48:22:a9:e4:17:58:c3:
42:a5:08:41:49:91:c2:64:9c:4c:84:d0:f2:69:f0:13:e8:f9:
40:64:f2:43
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIUT1bd3+SJjx63sUTdZvDO/KMADC4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjAwYWU1NDM1ZmI5MDY0NWUxMDA4MjJkZWY1ZTYzNDg0
Yzk4Zjg4MGQ5MDkzMzczYTUwHhcNMjQwNTIxMTIwMDExWhcNMjUwNTIwMTIwNTEx
WjAzMTEwLwYDVQQDEyhGODFENTVBMzZBNzQ5RDkwOUJBMEEzQjcwODIyODBDQkE1
RDFGODUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucNmQ/y+uJN7
a6D6LP1H2mhjJFmiZsB1kTln9xgWRE5PFqkzByXvF9o4xo0yXIDZsYo06R0FgS/+
5K4LTLdBSHDuL1C6zXIJYI7QApKhgrobCkCpczMUmiwhsDHY83LrkhXQpa5Wuinp
132PGp1htLHygvGcDURgYcs7jXrm+afNtQGvEBuRld6aGCKSe6mmGinraeHY8vz/
+fo7bwWA1CqFwOBZtEk26XqcYzXRqJ6gekelfoCl6AiJU6/whCRmUbvE3hPBhoYM
HzadeKgjqRSwrezcv6zdCKWkbwhkFHlrIZHFsgnnOTy1xAxNdQ7les4xuUsxDnPW
+KZeoRYhQQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFPgdVaNqdJ2Qm6CjtwgigMul
0fhQMB8GA1UdIwQYMBaAFC0PgWl2gtSRvcxDkCs87HNtYTHkMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTctNGMzYi05MDQz
LWEwZTdmZWJmMTY3ZC80LzJEMEY4MTY5NzY4MkQ0OTFCRENDNDM5MDJCM0NFQzcz
NkQ2MTMxRTQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzZlYWQwNzNjLWI5ZjAt
NDUyMy1iMzllLWEzYzdkYWI5N2MyNS84ZTYxNDdiOC1kNTVkLTRlZDgtODk3My1k
NWNmMmEyN2UxNjEvMjAwYWU1NDM1ZmI5MDY0NWUxMDA4MjJkZWY1ZTYzNDg0Yzk4
Zjg4MGQ5MDkzMzczYTUuY2VyMIGpBggrBgEFBQcBCwSBnDCBmTCBlgYIKwYBBQUH
MAuGgYlyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC80LzMyMzMyZTMx
MzczNzJlMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzgzNTM4LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAF7EIMA0GCSqGSIb3DQEBCwUAA4IBAQAR+QK9GXFXHAyP9t4QQvicnAmN
FzIOjd9zAMAw8QUb/HqKWhtAwchr+FSUK4xXfVv+E54P4M9HGf1svvAWiprUyv+d
Pcib86QltznTw9QWeEz820gock+jGEvKnROyKHGbzy9PF/81JEoES9DypCrNdgDR
F7u9Ih/YXSGgNNVU4NN35ViCfgP0ndXwmvZB0AFTliebKY1J6RBlm9bNwF7IZy0/
LmWWcFpvbvY+BPxEPQ5VJMTFGUsZ2yBCi2hI6FOwp6H1QFq1vdOiD6duS9qQ+tGB
3Ihw8nPPD9W2Gcc2ZS9vs0giqeQXWMNCpQhBSZHCZJxMhNDyafAT6PlAZPJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org