Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/SNi28UXw7gnpkDvKQEWe43iYN7g.roa
File: SNi28UXw7gnpkDvKQEWe43iYN7g.roa (raw, json)
Hash identifier: xGq3tGGvCJszlYwZQ14rNtrtW3/V4QgkMstPJjTAeIY=
Subject key identifier: 48:D8:B6:F1:45:F0:EE:09:E9:90:3B:CA:40:45:9E:E3:78:98:37:B8
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 0190E948177C1AF51A487732E2624CE63CC7
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/SNi28UXw7gnpkDvKQEWe43iYN7g.roa
Signing time: Thu 25 Jul 2024 09:45:34 +0000
ROA not before: Thu 25 Jul 2024 09:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59447
IP address blocks: 23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:48:17:7c:1a:f5:1a:48:77:32:e2:62:4c:e6:3c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jul 25 09:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48d8b6f145f0ee09e9903bca40459ee3789837b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a1:8f:7f:18:c0:9c:b0:b5:1b:5a:fd:d7:e8:
a3:81:ef:7e:8a:a0:f2:14:14:fe:cd:0b:84:16:e1:
c2:16:61:d2:8d:a9:51:29:58:17:31:d3:31:88:0f:
d0:d3:5e:71:7f:79:ec:37:d2:80:c9:c7:bd:4d:92:
c4:4f:5a:78:f0:5a:a8:61:2b:79:1e:87:99:7d:14:
f7:9d:9b:f8:26:ce:31:c0:c1:9f:ce:65:0b:96:cb:
ce:a4:0d:ef:b9:0a:26:41:be:23:76:8f:f8:14:30:
35:a2:49:fc:da:5e:9b:fc:d9:c4:cd:81:bb:42:2b:
51:94:2b:52:5f:94:6d:58:05:51:e6:94:88:c0:0f:
93:a0:b9:5f:d9:46:26:d7:d3:ca:aa:c7:7e:e0:33:
bb:60:57:13:c5:05:d6:4e:b2:ee:bb:cc:6a:0b:2a:
5f:40:81:a8:73:b6:54:a9:aa:a6:bc:bc:ed:a2:a7:
f4:f5:4e:39:68:c0:19:78:af:f0:73:bc:9b:ce:a1:
13:80:6c:59:6b:2d:d8:78:8b:16:bd:ac:43:77:9d:
d0:7b:ee:8c:ec:cb:1f:de:83:6c:82:86:30:5c:1b:
81:f3:5f:8e:d0:a6:73:b5:6b:e0:62:ca:87:a8:13:
55:e3:6d:ac:de:f1:36:ef:6c:53:3d:bd:e4:b3:c1:
28:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D8:B6:F1:45:F0:EE:09:E9:90:3B:CA:40:45:9E:E3:78:98:37:B8
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/SNi28UXw7gnpkDvKQEWe43iYN7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.76.0/24
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.171.0/24
107.150.175.0/24
162.222.89.0-162.222.90.255
167.160.21.0/24
167.160.30.0/24
185.4.225.0/24
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
32:4e:39:bd:8b:3c:27:f2:60:25:ec:c7:e5:f9:21:34:a8:05:
88:e7:46:c0:df:ff:77:09:f1:93:24:a2:e8:4a:cd:33:f2:92:
2e:0d:bb:c9:a1:8c:59:8f:4c:c4:ef:3f:c8:58:d9:1b:f4:62:
68:56:5d:7c:5b:34:8d:ff:cb:81:a4:e9:51:50:88:3e:af:8b:
b4:e5:5a:4b:59:48:9e:ff:77:67:75:44:ac:aa:ea:ec:b5:75:
3b:ee:d3:c0:e4:2f:c7:8b:77:ef:9c:04:3c:e4:04:a3:d2:fc:
02:70:cd:c9:bc:35:46:f1:08:4c:b2:9f:0f:21:41:65:de:c6:
46:9e:b3:dd:a5:ef:04:1e:db:2e:a3:c0:5a:83:ce:95:3d:a3:
e7:ab:d6:72:93:b3:6f:aa:8a:6f:4e:d8:e3:d5:06:aa:10:df:
95:1f:80:e4:fa:eb:93:90:f0:41:95:e0:c6:6f:be:a6:11:bc:
ef:89:12:de:1a:c8:2a:58:96:a2:11:00:c0:be:e4:d5:b0:1a:
ee:9e:38:49:50:e6:9f:cf:55:45:4a:e6:8e:8a:2a:73:c3:25:
e0:d2:46:2c:26:a4:44:38:24:33:84:7d:25:27:8f:8b:e2:7b:
c3:7a:80:7d:dc:7c:bb:3c:ba:46:44:f9:ef:50:3e:35:fd:0e:
66:a0:e0:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZDpSBd8GvUaSHcy4mJM5jzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjQwNzI1MDk0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQ4YjZmMTQ1ZjBlZTA5ZTk5MDNiY2E0MDQ1OWVlMzc4OTgzN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6GPfxjAnLC1G1r91+ijge9+iqDy
FBT+zQuEFuHCFmHSjalRKVgXMdMxiA/Q015xf3nsN9KAyce9TZLET1p48FqoYSt5
HoeZfRT3nZv4Js4xwMGfzmULlsvOpA3vuQomQb4jdo/4FDA1okn82l6b/NnEzYG7
QitRlCtSX5RtWAVR5pSIwA+ToLlf2UYm19PKqsd+4DO7YFcTxQXWTrLuu8xqCypf
QIGoc7ZUqaqmvLztoqf09U45aMAZeK/wc7ybzqETgGxZay3YeIsWvaxDd53Qe+6M
7Msf3oNsgoYwXBuB81+O0KZztWvgYsqHqBNV422s3vE272xTPb3ks8EoqQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFEjYtvFF8O4J6ZA7ykBFnuN4mDe4MB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvU05pMjhVWHc3Z25wa0R2S1FFV2U0M2lZTjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWjAMAwQAF/xD
AwQAF/xEAwQAF/xHAwQAF/xMAwQAF/xPMAwDBAFrlqIDBABrlqQDBABrlqsDBABr
lq8wDAMEAKLeWQMEAKLeWgMEAKegFQMEAKegHgMEALkE4TANBAIAAjAHAwUDKgdR
QDANBgkqhkiG9w0BAQsFAAOCAQEAMk45vYs8J/JgJezH5fkhNKgFiOdGwN//dwnx
kySi6ErNM/KSLg27yaGMWY9MxO8/yFjZG/RiaFZdfFs0jf/LgaTpUVCIPq+LtOVa
S1lInv93Z3VErKrq7LV1O+7TwOQvx4t375wEPOQEo9L8AnDNybw1RvEITLKfDyFB
Zd7GRp6z3aXvBB7bLqPAWoPOlT2j56vWcpOzb6qKb07Y49UGqhDflR+A5Prrk5Dw
QZXgxm++phG874kS3hrIKliWohEAwL7k1bAa7p44SVDmn89VRUrmjooqc8Ml4NJG
LCakRDgkM4R9JSePi+J7w3qAfdx8uzy6RkT571A+Nf0OZqDgqQ==
-----END CERTIFICATE-----
Generated at Fri Jul 26 12:45:48 2024 by rpki-client on console-ams.rpki-client.org