Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UwFHvly7w-_yypktfsxqTdCdTOk.roa
File: UwFHvly7w-_yypktfsxqTdCdTOk.roa (raw, json)
Hash identifier: +K1npAtGzoARLR4e3zer+HVgD1hjlySJrash5YOTelA=
Subject key identifier: 53:01:47:BE:5C:BB:C3:EF:F2:CA:99:2D:7E:CC:6A:4D:D0:9D:4C:E9
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018CC49335C3F5AA2DDE0537B3336BDE7924
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UwFHvly7w-_yypktfsxqTdCdTOk.roa
Signing time: Mon 01 Jan 2024 10:30:31 +0000
ROA not before: Mon 01 Jan 2024 10:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 167.160.4.0/24 maxlen: 24
185.192.215.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.12.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
185.165.47.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
185.4.224.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.212.0/22 maxlen: 24
185.192.212.0/24 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:35:c3:f5:aa:2d:de:05:37:b3:33:6b:de:79:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 1 10:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=530147be5cbbc3eff2ca992d7ecc6a4dd09d4ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:00:e3:61:2b:07:28:6b:26:09:84:a3:49:b2:
14:80:c3:79:05:a1:4c:3f:ba:0a:19:0e:b6:59:ca:
26:9f:66:a7:6e:ec:37:e6:83:ca:94:3a:74:9f:e0:
a7:48:6a:61:ee:5e:47:ec:4f:4b:c2:10:de:11:0f:
49:18:e6:db:c7:2a:52:f1:d1:b5:b3:68:ce:23:f8:
b4:6e:75:c7:1a:af:70:17:0a:48:43:83:06:94:87:
69:9f:14:8c:ac:1d:10:fe:21:70:77:d6:37:58:bd:
4c:7b:94:ed:ba:56:8c:dc:09:a9:12:7b:ce:e3:1f:
d1:cf:b2:69:c7:c0:45:92:46:a1:9a:bb:cb:78:70:
7e:0a:4c:f6:d2:13:92:b5:c4:af:74:ea:34:1c:31:
cc:3a:78:0f:fa:45:66:01:77:d2:aa:ad:24:cc:07:
71:39:40:03:f8:0d:20:4b:33:4b:47:3b:02:4f:aa:
fb:73:08:81:cd:2c:3a:51:58:cf:f6:5e:2a:fa:79:
26:57:14:b8:c8:ea:6a:b7:a3:f4:50:22:ba:56:91:
7d:87:96:38:bb:70:e2:c0:68:d6:de:1d:83:31:a1:
70:d3:07:51:d9:5f:55:23:fe:2f:70:be:bc:50:72:
a1:13:79:43:0e:4b:81:ee:a1:52:bd:b2:6e:6f:0a:
5c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:01:47:BE:5C:BB:C3:EF:F2:CA:99:2D:7E:CC:6A:4D:D0:9D:4C:E9
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UwFHvly7w-_yypktfsxqTdCdTOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.2.0/24
167.160.4.0/24
167.160.11.0-167.160.12.255
167.160.16.0/24
167.160.19.0/24
185.4.224.0/23
185.161.111.0/24
185.165.47.0/24
185.192.212.0/22
185.212.172.0-185.212.174.255
Signature Algorithm: sha256WithRSAEncryption
55:ff:ba:ca:41:13:c4:be:d6:bb:80:e0:c7:d1:1b:db:45:1b:
41:0a:30:26:73:00:da:44:4e:92:db:91:be:88:49:22:86:a6:
d8:a3:03:64:9f:1a:57:50:03:6c:e8:a9:c9:1b:cd:73:cd:21:
e1:01:24:2f:72:63:f3:34:75:80:76:ef:9e:63:fa:01:e0:eb:
9e:8f:7e:7a:fb:61:33:7b:79:6b:59:ad:c3:da:3f:4d:a7:03:
66:c4:f9:94:6f:18:af:0a:93:a3:28:1e:05:e8:a7:7f:d4:fe:
82:27:3b:3b:27:ec:74:53:d8:a8:7d:6f:67:15:4c:4d:83:f1:
2a:02:fa:4b:c2:dd:0d:47:e6:08:0b:3a:9a:23:c4:e7:8c:36:
5b:8e:73:d5:08:df:e6:7e:72:c1:aa:99:92:42:64:7c:1b:84:
cf:be:38:00:f4:c1:db:24:8c:a5:ca:58:ee:33:ca:46:38:84:
d1:1e:3c:83:48:84:92:c5:26:13:22:c9:db:ca:b6:0b:35:8a:
5e:05:8a:61:d3:e0:4a:41:91:e5:96:ed:52:ab:02:ca:56:16:
df:23:09:03:28:61:6d:71:9f:6a:d5:2a:07:b0:26:91:d6:54:
0d:15:a4:b0:22:9b:bd:8e:3f:bc:18:d1:7d:c6:cb:0d:3d:76:
ee:86:2f:c5
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzEkzXD9aot3gU3szNr3nkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjQwMTAxMTAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzAxNDdiZTVjYmJjM2VmZjJjYTk5MmQ3ZWNjNmE0ZGQwOWQ0Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQDjYSsHKGsmCYSjSbIUgMN5BaFM
P7oKGQ62Wcomn2anbuw35oPKlDp0n+CnSGph7l5H7E9LwhDeEQ9JGObbxypS8dG1
s2jOI/i0bnXHGq9wFwpIQ4MGlIdpnxSMrB0Q/iFwd9Y3WL1Me5TtulaM3AmpEnvO
4x/Rz7Jpx8BFkkahmrvLeHB+Ckz20hOStcSvdOo0HDHMOngP+kVmAXfSqq0kzAdx
OUAD+A0gSzNLRzsCT6r7cwiBzSw6UVjP9l4q+nkmVxS4yOpqt6P0UCK6VpF9h5Y4
u3DiwGjW3h2DMaFw0wdR2V9VI/4vcL68UHKhE3lDDkuB7qFSvbJubwpcwQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFMBR75cu8Pv8sqZLX7Mak3QnUzpMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvVXdGSHZseTd3LV95eXBrdGZzeHFUZENkVE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAp6ACAwQA
p6AEMAwDBACnoAsDBACnoAwDBACnoBADBACnoBMDBAG5BOADBAC5oW8DBAC5pS8D
BAK5wNQwDAMEArnUrAMEALnUrjANBgkqhkiG9w0BAQsFAAOCAQEAVf+6ykETxL7W
u4Dgx9Eb20UbQQowJnMA2kROktuRvohJIoam2KMDZJ8aV1ADbOipyRvNc80h4QEk
L3Jj8zR1gHbvnmP6AeDrno9+evthM3t5a1mtw9o/TacDZsT5lG8YrwqToygeBein
f9T+gic7OyfsdFPYqH1vZxVMTYPxKgL6S8LdDUfmCAs6miPE54w2W45z1Qjf5n5y
waqZkkJkfBuEz744APTB2ySMpcpY7jPKRjiE0R48g0iEksUmEyLJ28q2CzWKXgWK
YdPgSkGR5ZbtUqsCylYW3yMJAyhhbXGfatUqB7AmkdZUDRWksCKbvY4/vBjRfcbL
DT127oYvxQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:37 2025 by rpki-client