Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/IR1f_ar47sZMW8Ojb-62PYZG3po.roa
File: IR1f_ar47sZMW8Ojb-62PYZG3po.roa (raw, json)
Hash identifier: 7md2zd8TfezwZMsaud1QKTgbQmhg2V/6NXGYcs89BOc=
Subject key identifier: 21:1D:5F:FD:AA:F8:EE:C6:4C:5B:C3:A3:6F:EE:B6:3D:86:46:DE:9A
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 01828D342BCA008841E32C5B5B3496681CBE
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/IR1f_ar47sZMW8Ojb-62PYZG3po.roa
Signing time: Thu 11 Aug 2022 13:59:42 +0000
ROA not before: Thu 11 Aug 2022 13:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197328
IP address blocks: 167.160.11.0/24 maxlen: 24
162.222.88.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
5.255.57.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
185.150.2.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
185.165.47.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
185.4.224.0/23 maxlen: 23
185.4.227.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
185.162.72.0/23 maxlen: 23
2a07:5140::/29 maxlen: 29
2a06:4b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:34:2b:ca:00:88:41:e3:2c:5b:5b:34:96:68:1c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Aug 11 13:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=211d5ffdaaf8eec64c5bc3a36feeb63d8646de9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:88:c2:db:65:6b:16:c6:f2:d4:fb:22:ce:83:
55:09:5e:14:41:8a:9e:a1:7d:4c:cc:21:a5:7d:52:
56:9f:4d:49:0d:33:7f:93:b8:04:84:14:64:96:f7:
ee:11:72:a6:f1:01:ae:49:dc:6b:48:99:ae:85:2b:
08:7c:4d:85:75:2c:3b:f6:13:7c:23:43:db:65:8f:
3b:ef:73:c1:00:39:b0:17:0b:c0:5d:bb:1a:30:fc:
be:9c:e8:96:4c:b3:a8:3e:44:35:43:88:f1:42:3c:
24:c6:25:b9:47:b2:26:d7:2d:f6:c4:50:ea:ed:6f:
80:0c:6a:7e:09:8b:a1:0b:e3:cc:13:66:3e:38:92:
57:15:77:1b:3e:c0:7d:6a:31:b3:81:72:e5:ef:48:
49:6b:89:11:bf:35:a4:07:41:05:e8:af:b3:7c:25:
15:71:f8:53:61:ad:bc:24:cb:3a:ef:fa:a8:3e:42:
17:21:c4:9f:b6:d6:95:52:45:12:e7:13:9c:52:33:
3f:18:9b:28:9a:4d:d8:ab:73:e0:1c:2c:4e:61:46:
10:91:ea:54:e4:16:fb:b5:55:e1:d3:aa:d8:db:2a:
31:8e:9e:8d:c5:fa:cd:3d:e1:e8:95:26:b5:d4:cd:
17:e8:c2:22:9b:e6:c4:74:7b:8d:04:3d:03:f1:26:
eb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1D:5F:FD:AA:F8:EE:C6:4C:5B:C3:A3:6F:EE:B6:3D:86:46:DE:9A
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/IR1f_ar47sZMW8Ojb-62PYZG3po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.112.0/23
107.150.177.0/24
162.222.88.0/24
167.160.11.0/24
167.160.13.0/24
167.160.27.0/24
185.4.224.0/23
185.4.227.0/24
185.150.2.0/24
185.162.72.0/23
185.165.47.0/24
185.212.172.0/23
IPv6:
2a06:4b40::/29
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
5b:33:31:b2:ac:e5:e2:89:26:6f:12:26:25:c0:a0:eb:c7:61:
29:56:fd:06:99:1c:7c:13:72:ee:a8:9e:10:19:ea:40:e1:74:
bc:be:2a:8d:84:24:8b:13:0d:1c:e6:69:ab:54:0f:16:5e:e9:
dc:d8:06:1d:cf:00:08:f4:95:e0:15:ad:eb:3d:1c:bf:e2:75:
a9:1a:96:5a:bf:12:4f:b2:33:54:54:4f:fe:8c:07:1e:0e:c0:
f7:9e:fd:cf:b6:2e:e0:2d:04:56:83:d5:86:d2:c9:96:0a:54:
74:cd:e3:de:34:f4:a4:94:40:9c:ba:cc:ef:3c:fd:44:72:13:
9d:88:af:a8:9e:8f:3c:93:c1:76:4f:03:b6:e6:b2:a1:a0:c3:
0a:6f:8f:ce:68:6e:15:0b:83:36:82:de:c8:bd:d4:c6:19:70:
73:48:9f:99:85:6e:5d:1a:6d:5f:fb:0f:48:0d:33:7d:ad:8d:
04:79:c3:db:2f:b9:32:1f:43:b4:4f:8b:81:0f:cb:c5:51:11:
ea:99:d9:d2:12:4a:1e:41:8c:e3:e9:5a:de:60:56:14:01:26:
c3:e6:de:a6:e8:8d:07:6b:92:f9:9e:e6:9c:45:d0:af:ff:e6:
21:39:67:87:ab:9c:7b:cf:4a:5b:6d:10:d8:b1:42:f2:47:e9:
c9:33:23:c9
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYKNNCvKAIhB4yxbWzSWaBy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjIwODExMTM1OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFkNWZmZGFhZjhlZWM2NGM1YmMzYTM2ZmVlYjYzZDg2NDZkZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYjC22VrFsby1PsizoNVCV4UQYqe
oX1MzCGlfVJWn01JDTN/k7gEhBRklvfuEXKm8QGuSdxrSJmuhSsIfE2FdSw79hN8
I0PbZY8773PBADmwFwvAXbsaMPy+nOiWTLOoPkQ1Q4jxQjwkxiW5R7Im1y32xFDq
7W+ADGp+CYuhC+PME2Y+OJJXFXcbPsB9ajGzgXLl70hJa4kRvzWkB0EF6K+zfCUV
cfhTYa28JMs67/qoPkIXIcSfttaVUkUS5xOcUjM/GJsomk3Yq3PgHCxOYUYQkepU
5Bb7tVXh06rY2yoxjp6NxfrNPeHolSa11M0X6MIim+bEdHuNBD0D8SbrWQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFCEdX/2q+O7GTFvDo2/utj2GRt6aMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvSVIxZl9hcjQ3c1pNVzhPamItNjJQWVpHM3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQABf85
MAwDBAAF/z0DBAYF/wADBAAX/EIDBAFbXHADBABrlrEDBACi3lgDBACnoAsDBACn
oA0DBACnoBsDBAG5BOADBAC5BOMDBAC5lgIDBAG5okgDBAC5pS8DBAG51KwwFAQC
AAIwDgMFAyoGS0ADBQMqB1FAMA0GCSqGSIb3DQEBCwUAA4IBAQBbMzGyrOXiiSZv
EiYlwKDrx2EpVv0GmRx8E3LuqJ4QGepA4XS8viqNhCSLEw0c5mmrVA8WXunc2AYd
zwAI9JXgFa3rPRy/4nWpGpZavxJPsjNUVE/+jAceDsD3nv3Pti7gLQRWg9WG0smW
ClR0zePeNPSklECcuszvPP1EchOdiK+ono88k8F2TwO25rKhoMMKb4/OaG4VC4M2
gt7IvdTGGXBzSJ+ZhW5dGm1f+w9IDTN9rY0EecPbL7kyH0O0T4uBD8vFURHqmdnS
EkoeQYzj6VreYFYUASbD5t6m6I0Ha5L5nuacRdCv/+YhOWeHq5x7z0pbbRDYsULy
R+nJMyPJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:05 2025 by rpki-client