Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207841.roa
File: AS207841.roa (raw, json)
Hash identifier: sJFYIbqiDMeFFkoSLl/xWgF+RFJF+GwubfMmWwZM0EE=
Subject key identifier: 4C:C1:49:99:57:37:D5:82:EC:99:E4:9F:AE:E4:8F:80:4E:C6:7C:9D
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 75F413E09E4918773145EC158B4D0FCB37B4CC5A
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207841.roa
Signing time: Fri 19 Jul 2024 13:36:48 +0000
ROA not before: Fri 19 Jul 2024 13:31:48 +0000
ROA not after: Fri 18 Jul 2025 13:36:48 +0000
asID: 207841
IP address blocks: 193.57.144.0/24 maxlen: 24
193.57.159.0/24 maxlen: 24
193.57.167.0/24 maxlen: 24
193.57.168.0/24 maxlen: 24
2a0f:85c0::/48 maxlen: 48
2a0f:85c2::/32 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f4:13:e0:9e:49:18:77:31:45:ec:15:8b:4d:0f:cb:37:b4:cc:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 19 13:31:48 2024 GMT
Not After : Jul 18 13:36:48 2025 GMT
Subject: CN=4CC149995737D582EC99E49FAEE48F804EC67C9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:6c:0d:eb:3c:b2:48:b1:eb:d5:82:8b:eb:
8d:33:fc:1b:c9:7e:5b:d0:d3:7c:7b:e5:77:d1:76:
80:2d:0f:bf:77:c8:f0:44:ff:c5:50:87:70:72:77:
21:84:d1:b4:f7:89:bb:f6:b4:93:84:6a:a4:4c:11:
d1:2f:5e:43:9b:66:be:8d:aa:0f:5b:cb:bf:4f:60:
2e:44:9f:b8:5e:f3:a4:65:4b:84:13:36:f5:22:12:
73:63:f2:87:6a:1e:5e:b5:0d:52:69:52:85:59:1e:
80:fc:87:2c:6d:ad:8f:ea:98:d3:aa:aa:59:e6:95:
01:7e:b0:99:92:50:24:06:e1:c8:8b:4e:c7:27:af:
8a:e1:f2:80:a1:34:f7:d4:0c:12:43:8b:30:e3:2d:
e3:f0:20:35:b2:58:81:69:1a:c8:d7:06:70:5d:9b:
53:f1:94:31:1c:a6:e3:78:cd:09:23:71:3e:d9:30:
1b:73:82:bb:05:51:20:ce:f3:12:f4:94:be:55:7a:
c2:31:c7:06:a9:30:d1:d6:0e:d7:1e:59:46:3f:f7:
29:3b:3c:3b:fd:51:fb:0c:2a:57:1b:b2:71:f8:51:
6c:5e:e6:90:51:9b:6b:43:9c:2b:9b:02:12:b5:a5:
5c:74:23:0b:74:5b:6a:5c:fd:62:20:6d:01:0f:85:
2f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C1:49:99:57:37:D5:82:EC:99:E4:9F:AE:E4:8F:80:4E:C6:7C:9D
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207841.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.144.0/24
193.57.159.0/24
193.57.167.0-193.57.168.255
IPv6:
2a0f:85c0::/48
2a0f:85c2::/32
Signature Algorithm: sha256WithRSAEncryption
55:e2:9f:39:97:38:88:51:b0:c6:f2:02:4f:a5:56:53:a3:15:
42:77:f6:a1:01:1e:a4:09:f2:0d:7e:01:be:1e:6e:bc:e1:4a:
60:81:0d:dd:43:fd:14:8e:78:30:ea:e9:ad:30:64:9d:ab:f4:
46:6d:d5:1e:0d:a9:67:09:e0:3f:0f:8f:52:d4:36:ee:8f:c2:
32:34:10:ef:5d:d3:65:af:40:8e:c0:1c:86:db:ba:0a:6e:d4:
20:47:23:20:eb:c7:33:23:54:1c:1d:e2:26:01:94:fc:66:44:
71:2f:7e:10:55:72:b8:10:e6:c9:68:29:10:44:65:34:ca:66:
28:7d:da:9e:4e:61:ca:23:1e:21:ec:2f:30:f1:bf:70:33:e5:
fb:d7:ab:1c:ed:26:f0:4d:fd:65:dd:6b:b9:32:91:4c:83:9f:
20:9c:51:48:d7:97:09:aa:8f:0c:c9:24:ec:ef:74:2e:7d:3a:
aa:b1:a6:eb:69:af:cc:e1:49:f7:a9:1c:25:68:40:30:84:0d:
d0:9c:db:71:ab:f6:44:da:26:d2:98:cf:2f:c4:22:67:38:58:
30:91:dc:14:00:50:f3:c8:85:f0:a7:c7:6b:68:5b:65:8a:40:
64:e8:b8:23:ac:bf:c5:8a:e6:f3:92:6c:08:e6:91:8a:cb:bc:
c2:e0:f3:37
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUdfQT4J5JGHcxRewVi00Pyze0zFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MTkxMzMxNDhaFw0yNTA3MTgxMzM2NDhaMDMxMTAvBgNV
BAMTKDRDQzE0OTk5NTczN0Q1ODJFQzk5RTQ5RkFFRTQ4RjgwNEVDNjdDOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqhGwN6zyySLHr1YKL640z/BvJ
flvQ03x75XfRdoAtD793yPBE/8VQh3BydyGE0bT3ibv2tJOEaqRMEdEvXkObZr6N
qg9by79PYC5En7he86RlS4QTNvUiEnNj8odqHl61DVJpUoVZHoD8hyxtrY/qmNOq
qlnmlQF+sJmSUCQG4ciLTscnr4rh8oChNPfUDBJDizDjLePwIDWyWIFpGsjXBnBd
m1PxlDEcpuN4zQkjcT7ZMBtzgrsFUSDO8xL0lL5VesIxxwapMNHWDtceWUY/9yk7
PDv9UfsMKlcbsnH4UWxe5pBRm2tDnCubAhK1pVx0Iwt0W2pc/WIgbQEPhS+DAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUTMFJmVc31YLsmeSfruSPgE7GfJ0wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjA3ODQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaAwQAwTmQ
AwQAwTmfMAwDBADBOacDBADBOagwFgQCAAIwEAMHACoPhcAAAAMFACoPhcIwDQYJ
KoZIhvcNAQELBQADggEBAFXinzmXOIhRsMbyAk+lVlOjFUJ39qEBHqQJ8g1+Ab4e
brzhSmCBDd1D/RSOeDDq6a0wZJ2r9EZt1R4NqWcJ4D8Pj1LUNu6PwjI0EO9d02Wv
QI7AHIbbugpu1CBHIyDrxzMjVBwd4iYBlPxmRHEvfhBVcrgQ5sloKRBEZTTKZih9
2p5OYcojHiHsLzDxv3Az5fvXqxztJvBN/WXda7kykUyDnyCcUUjXlwmqjwzJJOzv
dC59Oqqxputpr8zhSfepHCVoQDCEDdCc23Gr9kTaJtKYzy/EImc4WDCR3BQAUPPI
hfCnx2toW2WKQGTouCOsv8WK5vOSbAjmkYrLvMLg8zc=
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org