Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/AS28964.roa
File: AS28964.roa (raw, json)
Hash identifier: R23EhEXdHlW1YugxtnbH44tpaRY3vr5XgT3KAv8GQS8=
Subject key identifier: 52:43:67:12:37:50:D1:61:29:41:FD:B6:F6:D8:8A:B8:23:6F:30:7A
Certificate issuer: /CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Certificate serial: 6508A7536BFFEB13429E96B317A59FD300645B57
Authority key identifier: 4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/AS28964.roa
Signing time: Tue 06 Jun 2023 09:25:56 +0000
ROA not before: Tue 06 Jun 2023 09:20:56 +0000
ROA not after: Tue 04 Jun 2024 09:25:56 +0000
asID: 28964
IP address blocks: 5.172.32.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.72.0/23 maxlen: 23
89.23.94.0/23 maxlen: 23
109.111.241.0/24 maxlen: 24
109.111.242.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:08:a7:53:6b:ff:eb:13:42:9e:96:b3:17:a5:9f:d3:00:64:5b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Validity
Not Before: Jun 6 09:20:56 2023 GMT
Not After : Jun 4 09:25:56 2024 GMT
Subject: CN=524367123750D1612941FDB6F6D88AB8236F307A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b0:b0:88:dc:84:b9:61:99:99:a7:7f:bf:8d:
94:16:c9:38:60:41:4a:0c:d8:83:20:33:65:07:cf:
56:95:0b:7e:3f:11:5b:a6:b0:76:53:73:ba:f0:a4:
84:97:72:9a:01:00:78:0e:d7:05:a0:9b:75:88:89:
10:c9:a9:5f:35:13:09:02:7e:00:2c:fa:e0:ee:8c:
e2:47:30:ad:57:9e:d9:ef:eb:de:e1:b8:74:84:3f:
6f:b5:d6:91:98:ba:50:15:e9:d8:62:87:9b:6f:08:
a1:b2:54:7d:44:17:25:e8:2c:a6:cd:ff:cd:37:6f:
4a:7d:70:ff:25:0a:38:5a:df:aa:b3:c9:88:ac:2c:
4d:df:77:df:be:26:99:f3:ea:d1:07:99:31:a3:e5:
5e:27:99:94:3d:20:e1:7e:34:4e:22:13:31:ec:06:
49:20:23:c1:76:73:99:fd:2e:49:e7:e0:9b:07:c4:
92:87:c2:73:50:4f:bd:49:28:05:c9:23:5a:43:c0:
74:b0:21:00:96:39:07:56:c1:4a:3d:9a:34:ea:da:
a4:79:bb:6b:a6:d5:b5:6f:ae:f9:71:34:32:4a:09:
46:76:4d:ef:e5:7d:5a:46:0b:9c:5e:5c:a0:8e:fb:
2e:32:f0:a4:6b:f6:c7:47:b8:de:d2:ea:c0:ba:ed:
0e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:43:67:12:37:50:D1:61:29:41:FD:B6:F6:D8:8A:B8:23:6F:30:7A
X509v3 Authority Key Identifier:
keyid:4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/4F9948D82C74F5B80667B4A37394C8A56B7FE484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/AS28964.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.66.0/23
89.23.72.0/23
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.249.0/24
109.111.251.0/24
109.111.255.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0-185.157.47.255
193.104.68.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:dd:89:06:8f:82:4e:1a:74:11:d4:fa:3a:0f:7d:52:62:64:
5a:4a:83:01:94:e0:cb:84:4e:a6:34:4c:ed:37:f3:21:74:c3:
9e:34:b5:c9:82:e7:59:98:53:30:db:83:e0:6a:b4:1e:d9:3a:
8c:36:19:e5:5c:c4:1e:b1:94:8e:6c:04:34:0e:bc:63:24:a6:
9f:c6:07:19:93:8f:db:1e:2c:a7:de:5e:99:cc:69:20:de:cf:
1e:b3:fb:cb:b8:eb:b6:f7:d5:17:f1:45:24:73:59:68:c2:9f:
27:91:38:7a:d0:bf:9d:b0:c1:e9:52:ed:cf:50:b5:92:f2:cc:
dc:d1:fa:30:f0:13:48:05:82:84:0e:ce:b0:a0:77:a2:41:b9:
9d:72:de:c2:e4:d2:bd:22:b9:ce:6a:5c:6b:90:6f:32:d0:f1:
3e:27:9b:93:04:87:2e:c5:ee:b3:14:cf:3e:e9:c5:5e:28:4b:
98:9f:9e:4c:f2:85:b6:25:43:d6:ad:e0:6c:73:9e:0c:62:d3:
fc:08:c3:5b:32:57:e2:73:27:b0:f7:e7:68:43:62:6e:03:b4:
9c:f5:76:d8:2a:65:13:4c:f5:bf:b7:e5:6c:a6:4c:33:68:4c:
75:34:8a:b8:a0:59:fb:a8:23:00:85:8a:a3:76:d7:0f:e4:d4:
db:d4:03:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIUZQinU2v/6xNCnpazF6Wf0wBkW1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGY5OTQ4ZDgyYzc0ZjViODA2NjdiNGEzNzM5NGM4YTU2
YjdmZTQ4NDAeFw0yMzA2MDYwOTIwNTZaFw0yNDA2MDQwOTI1NTZaMDMxMTAvBgNV
BAMTKDUyNDM2NzEyMzc1MEQxNjEyOTQxRkRCNkY2RDg4QUI4MjM2RjMwN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPsLCI3IS5YZmZp3+/jZQWyThg
QUoM2IMgM2UHz1aVC34/EVumsHZTc7rwpISXcpoBAHgO1wWgm3WIiRDJqV81EwkC
fgAs+uDujOJHMK1Xntnv697huHSEP2+11pGYulAV6dhih5tvCKGyVH1EFyXoLKbN
/803b0p9cP8lCjha36qzyYisLE3fd9++Jpnz6tEHmTGj5V4nmZQ9IOF+NE4iEzHs
BkkgI8F2c5n9Lknn4JsHxJKHwnNQT71JKAXJI1pDwHSwIQCWOQdWwUo9mjTq2qR5
u2um1bVvrvlxNDJKCUZ2Te/lfVpGC5xeXKCO+y4y8KRr9sdHuN7S6sC67Q6tAgMB
AAGjggKOMIICijAdBgNVHQ4EFgQUUkNnEjdQ0WEpQf229tiKuCNvMHowHwYDVR0j
BBgwFoAUT5lI2Cx09bgGZ7Sjc5TIpWt/5IQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYtYWFkNi00MWJmLWFlYmYtODBhMmNjNjdh
NDY2LzAvNEY5OTQ4RDgyQzc0RjVCODA2NjdCNEEzNzM5NEM4QTU2QjdGRTQ4NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q1bEkyQ3gwOWJnR1o3U2pjNVRJcFd0
XzVJUS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzQ1NTZmNDE2LWFhZDYt
NDFiZi1hZWJmLTgwYTJjYzY3YTQ2Ni8wL0FTMjg5NjQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgaMGCCsGAQUFBwEHAQH/BIGTMIGQMIGNBAIAATCBhgME
AAWsIAMEAFkXQAMEAVkXQgMEAVkXSAMEAVkXXjAMAwQAbW/xAwQAbW/yAwQAbW/5
AwQAbW/7AwQAbW//MAwDBAWy/qADBACy/qIDBACy/qQDBAGy/qYwDAMEALL+rQME
ALL+rgMEALL+sgMEALL+uTAMAwQAuZ0tAwQEuZ0gAwQAwWhEMA0GCSqGSIb3DQEB
CwUAA4IBAQBq3YkGj4JOGnQR1Po6D31SYmRaSoMBlODLhE6mNEztN/MhdMOeNLXJ
gudZmFMw24PgarQe2TqMNhnlXMQesZSObAQ0DrxjJKafxgcZk4/bHiyn3l6ZzGkg
3s8es/vLuOu299UX8UUkc1lowp8nkTh60L+dsMHpUu3PULWS8szc0fow8BNIBYKE
Ds6woHeiQbmdct7C5NK9IrnOalxrkG8y0PE+J5uTBIcuxe6zFM8+6cVeKEuYn55M
8oW2JUPWreBsc54MYtP8CMNbMlficyew9+doQ2JuA7Sc9XbYKmUTTPW/t+Vspkwz
aEx1NIq4oFn7qCMAhYqjdtcP5NTb1ANQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:12 2024 by rpki-client on console-fra.rpki-client.org