Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/3138382e36342e3134332e302f32342d3234203d3e20323035323230.roa
File: 3138382e36342e3134332e302f32342d3234203d3e20323035323230.roa (raw, json)
Hash identifier: hlfvyJG8ogwKoiMqcJcuHt0gGuqJD1S55exOSospGeE=
Subject key identifier: 87:C7:03:58:5E:DC:EA:50:D7:CD:5A:03:7F:80:9C:81:F6:98:41:0D
Certificate issuer: /CN=fdc1a908766b391e371b6e3f5e6a1141efe78a48
Certificate serial: 3F325E2D1BD4FE846F4EA68F7B11E4FFADB5E192
Authority key identifier: FD:C1:A9:08:76:6B:39:1E:37:1B:6E:3F:5E:6A:11:41:EF:E7:8A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cGpCHZrOR43G24_XmoRQe_nikg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/3138382e36342e3134332e302f32342d3234203d3e20323035323230.roa
Signing time: Tue 11 Jul 2023 11:12:48 +0000
ROA not before: Tue 11 Jul 2023 11:07:48 +0000
ROA not after: Tue 09 Jul 2024 11:12:48 +0000
asID: 205220
IP address blocks: 188.64.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:32:5e:2d:1b:d4:fe:84:6f:4e:a6:8f:7b:11:e4:ff:ad:b5:e1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc1a908766b391e371b6e3f5e6a1141efe78a48
Validity
Not Before: Jul 11 11:07:48 2023 GMT
Not After : Jul 9 11:12:48 2024 GMT
Subject: CN=87C703585EDCEA50D7CD5A037F809C81F698410D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:56:ed:6e:4c:5e:dc:e7:28:f3:9f:36:c2:79:
a3:79:33:c3:05:7e:32:f6:3d:53:24:07:a3:1c:a8:
3e:f2:a7:e8:7c:8f:13:f9:18:b0:58:50:82:46:c2:
32:c6:41:e8:15:9a:5e:55:75:78:10:52:31:56:36:
bf:e0:f3:d7:46:b4:34:31:c9:26:b1:59:85:9d:7c:
3a:59:60:e9:1d:cd:09:47:d3:23:5a:7d:a8:8d:9d:
3e:47:7c:93:3a:cb:eb:07:ba:8f:96:cb:f8:a5:3e:
5c:cc:94:88:b1:6b:aa:c3:ab:bf:ee:90:e4:61:7a:
56:c4:f1:b7:5f:04:01:d6:7b:69:3b:4a:3b:a1:9c:
44:87:6c:bf:ed:6a:7c:45:75:38:10:7d:b0:4b:60:
d9:2b:8f:e2:f2:ea:e8:ac:92:0c:6d:75:c6:6d:31:
d3:2d:5c:36:b6:6b:1a:b5:ac:ef:a3:08:06:b6:6b:
99:76:a1:7c:d0:55:51:29:51:65:17:17:37:29:52:
7c:9f:4f:e8:14:d3:b9:37:5a:7a:6a:94:f3:d5:48:
77:25:84:fa:7e:ed:30:9e:d9:99:53:c6:2d:d9:79:
15:4c:73:07:f4:e5:9a:87:33:b6:50:9f:db:18:29:
29:46:06:ee:30:84:4f:6b:42:6a:99:9b:b8:49:1f:
03:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C7:03:58:5E:DC:EA:50:D7:CD:5A:03:7F:80:9C:81:F6:98:41:0D
X509v3 Authority Key Identifier:
keyid:FD:C1:A9:08:76:6B:39:1E:37:1B:6E:3F:5E:6A:11:41:EF:E7:8A:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/FDC1A908766B391E371B6E3F5E6A1141EFE78A48.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cGpCHZrOR43G24_XmoRQe_nikg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/3138382e36342e3134332e302f32342d3234203d3e20323035323230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.143.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:ff:95:3f:a7:a5:4e:b5:ba:a3:22:18:41:8b:86:ad:c2:3b:
34:e4:88:b3:83:b3:34:fa:c9:80:cb:3f:e7:e6:cd:39:06:cd:
f1:d3:69:0e:42:2d:64:3f:eb:69:37:05:b1:7a:19:f6:2e:1e:
4f:d3:36:73:87:13:f9:53:15:2b:7d:4a:7e:e1:98:1c:d1:9b:
6c:40:70:c6:3d:65:a7:1b:36:db:89:65:fc:15:de:0a:d3:52:
26:c7:7d:a0:c9:6a:40:9e:58:57:02:5a:de:a9:bd:63:c4:f5:
be:6c:f1:69:62:9e:5b:16:0c:9a:53:8b:98:d7:cd:d4:ab:05:
73:43:f1:df:43:69:38:06:2d:ad:9c:d4:ad:06:b5:8a:7e:ac:
4d:68:a3:af:da:94:b4:0d:b7:42:55:e8:27:6e:0d:ff:41:0e:
5c:9a:ae:af:34:11:79:b3:75:77:f0:e3:43:95:b5:27:04:93:
ac:7b:7b:78:11:24:3e:fb:dc:5c:4e:60:a8:74:05:cf:bd:38:
af:19:de:00:be:b4:b0:62:9e:0f:f4:2f:74:80:cf:98:de:77:
ef:e4:ff:d8:ca:50:73:b7:8a:67:66:c0:ed:92:38:11:5d:bb:
09:34:10:f4:39:8d:f1:b5:46:4c:8a:5a:de:32:db:1c:c5:19:
f5:dc:57:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPzJeLRvU/oRvTqaPexHk/6214ZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmRjMWE5MDg3NjZiMzkxZTM3MWI2ZTNmNWU2YTExNDFl
ZmU3OGE0ODAeFw0yMzA3MTExMTA3NDhaFw0yNDA3MDkxMTEyNDhaMDMxMTAvBgNV
BAMTKDg3QzcwMzU4NUVEQ0VBNTBEN0NENUEwMzdGODA5QzgxRjY5ODQxMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFVu1uTF7c5yjznzbCeaN5M8MF
fjL2PVMkB6McqD7yp+h8jxP5GLBYUIJGwjLGQegVml5VdXgQUjFWNr/g89dGtDQx
ySaxWYWdfDpZYOkdzQlH0yNafaiNnT5HfJM6y+sHuo+Wy/ilPlzMlIixa6rDq7/u
kORhelbE8bdfBAHWe2k7SjuhnESHbL/tanxFdTgQfbBLYNkrj+Ly6uiskgxtdcZt
MdMtXDa2axq1rO+jCAa2a5l2oXzQVVEpUWUXFzcpUnyfT+gU07k3WnpqlPPVSHcl
hPp+7TCe2ZlTxi3ZeRVMcwf05ZqHM7ZQn9sYKSlGBu4whE9rQmqZm7hJHwOFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUh8cDWF7c6lDXzVoDf4CcgfaYQQ0wHwYDVR0j
BBgwFoAU/cGpCHZrOR43G24/XmoRQe/nikgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWFkOWJlYWQtNDY2OS00ZTk3LTk5NjMtMzc2M2M5M2Nj
ZjY2LzAvRkRDMUE5MDg3NjZCMzkxRTM3MUI2RTNGNUU2QTExNDFFRkU3OEE0OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19jR3BDSFpyT1I0M0cyNF9YbW9SUWVf
bmlrZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNWFkOWJlYWQt
NDY2OS00ZTk3LTk5NjMtMzc2M2M5M2NjZjY2LzAvMzEzODM4MmUzNjM0MmUzMTM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzUzMjMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC8QI8wDQYJKoZIhvcNAQELBQADggEBAMP/lT+npU61uqMiGEGLhq3COzTkiLOD
szT6yYDLP+fmzTkGzfHTaQ5CLWQ/62k3BbF6GfYuHk/TNnOHE/lTFSt9Sn7hmBzR
m2xAcMY9ZacbNtuJZfwV3grTUibHfaDJakCeWFcCWt6pvWPE9b5s8WlinlsWDJpT
i5jXzdSrBXND8d9DaTgGLa2c1K0GtYp+rE1oo6/alLQNt0JV6CduDf9BDlyarq80
EXmzdXfw40OVtScEk6x7e3gRJD773FxOYKh0Bc+9OK8Z3gC+tLBing/0L3SAz5je
d+/k/9jKUHO3imdmwO2SOBFduwk0EPQ5jfG1RkyKWt4y2xzFGfXcVzM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org