Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/gKcp_XPxe_s-ErtD8-blkaZU-2M.roa
File: gKcp_XPxe_s-ErtD8-blkaZU-2M.roa (raw, json)
Hash identifier: Bt+IAgLo3oBPINd9QzGx2n10y3IU33HM+nuaysZsvM0=
Subject key identifier: 80:A7:29:FD:73:F1:7B:FB:3E:12:BB:43:F3:E6:E5:91:A6:54:FB:63
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018822BCA91D2F76B7C70523043007FF8292
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/gKcp_XPxe_s-ErtD8-blkaZU-2M.roa
Signing time: Tue 16 May 2023 04:06:09 +0000
ROA not before: Tue 16 May 2023 04:06:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59447
IP address blocks: 198.55.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
198.55.30.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
185.161.110.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
107.150.167.0/24 maxlen: 24
107.150.168.0/24 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:22:bc:a9:1d:2f:76:b7:c7:05:23:04:30:07:ff:82:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: May 16 04:06:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a729fd73f17bfb3e12bb43f3e6e591a654fb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6a:a5:4c:18:f7:c8:8e:2a:2f:7d:e9:fe:cd:
60:fe:ca:a5:b9:3b:91:79:1f:ed:36:40:b5:0f:b7:
53:58:e4:9f:78:98:2d:e1:6b:11:d8:b4:4e:2c:a0:
f7:4b:23:54:bc:73:60:b4:2a:83:71:44:e7:63:32:
c1:05:dd:53:72:89:25:05:04:3f:e4:67:c9:a3:91:
85:3c:5c:f9:63:30:ab:d2:78:b2:54:22:c3:d7:c6:
ea:5f:b2:ad:69:c6:17:61:28:7c:73:57:37:ab:dd:
c7:a5:8e:2b:e3:29:44:b4:c6:a7:70:1a:54:ce:e1:
ba:58:d9:d9:a3:df:f5:8a:7d:7c:18:c1:b8:bd:bc:
65:b9:fc:3f:df:f3:45:82:0f:15:16:2e:3d:a5:cf:
fb:16:bb:5e:11:1c:24:53:99:d3:07:41:d5:2e:df:
76:7a:83:82:22:e7:6b:7c:45:ef:5e:24:03:38:d1:
c5:ee:d1:f4:25:a9:4a:14:44:dc:d2:c9:78:1e:be:
51:be:b1:a5:8b:ce:23:89:b6:16:28:10:e8:e0:ee:
8a:d9:67:07:c9:ce:6f:da:4b:f4:eb:46:29:f3:8f:
2b:aa:f6:17:e0:2b:57:9a:c2:0f:4d:8d:3e:02:59:
a6:30:4a:77:99:6d:fb:de:ff:ad:57:9b:e6:23:e3:
10:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A7:29:FD:73:F1:7B:FB:3E:12:BB:43:F3:E6:E5:91:A6:54:FB:63
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/gKcp_XPxe_s-ErtD8-blkaZU-2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.76.0/24
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.166.0-107.150.169.255
107.150.171.0-107.150.173.255
107.150.175.0/24
162.218.176.0/22
162.222.89.0-162.222.90.255
167.160.0.0/23
167.160.3.0/24
167.160.13.0/24
167.160.17.0/24
167.160.21.0/24
167.160.28.0-167.160.30.255
185.4.225.0/24
185.161.110.0/23
185.212.174.0/24
198.55.28.0/22
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
2d:89:7e:a5:84:60:e8:02:bb:10:5c:fe:b6:1f:4c:92:e1:7d:
ad:99:83:82:f2:5b:00:3e:68:a5:48:e4:52:99:20:60:b3:3a:
fb:e1:0d:3e:5c:32:5d:ff:06:27:e2:48:cd:12:71:1f:2e:32:
7d:16:d3:4f:8d:46:f1:41:b3:94:17:35:a9:44:f3:d4:83:3e:
d0:57:df:18:5a:db:93:d0:b3:35:41:01:49:2e:12:95:5b:0c:
48:8e:fd:51:35:45:65:99:da:09:4b:12:e8:da:9f:ed:2d:e0:
81:47:ec:eb:e9:70:52:4a:6e:d8:c4:0d:93:29:5e:c0:68:d0:
dd:f9:86:98:ba:fc:c5:62:c3:a0:36:c9:90:c1:af:fb:00:10:
ac:3e:ff:83:ed:2e:b5:02:fe:b0:54:81:4b:fb:14:a8:7a:5b:
66:e7:82:52:c5:29:08:b8:5e:2d:63:b8:5b:7e:46:13:a4:5d:
5c:cc:d6:1d:82:42:f6:72:6b:07:95:39:ab:26:3e:42:43:92:
ec:8d:82:d2:65:d9:8d:60:86:b3:73:e0:59:e0:02:37:99:4e:
4a:72:69:fc:1f:09:12:41:e8:30:b4:f4:36:f1:56:98:73:ae:
97:83:a4:74:96:3b:6f:f2:22:10:aa:df:58:de:43:f2:78:89:
03:04:75:22
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYgivKkdL3a3xwUjBDAH/4KSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwNTE2MDQwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE3MjlmZDczZjE3YmZiM2UxMmJiNDNmM2U2ZTU5MWE2NTRmYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2qlTBj3yI4qL33p/s1g/sqluTuR
eR/tNkC1D7dTWOSfeJgt4WsR2LROLKD3SyNUvHNgtCqDcUTnYzLBBd1TcoklBQQ/
5GfJo5GFPFz5YzCr0niyVCLD18bqX7KtacYXYSh8c1c3q93HpY4r4ylEtMancBpU
zuG6WNnZo9/1in18GMG4vbxlufw/3/NFgg8VFi49pc/7FrteERwkU5nTB0HVLt92
eoOCIudrfEXvXiQDONHF7tH0JalKFETc0sl4Hr5RvrGli84jibYWKBDo4O6K2WcH
yc5v2kv060Yp848rqvYX4CtXmsIPTY0+AlmmMEp3mW373v+tV5vmI+MQdQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFICnKf1z8Xv7PhK7Q/Pm5ZGmVPtjMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvZ0tjcF9YUHhlX3MtRXJ0RDgtYmxrYVpVLTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagwDAME
ABf8QwMEABf8RAMEABf8RwMEABf8TAMEABf8TzAMAwQBa5aiAwQAa5akMAwDBAFr
lqYDBAFrlqgwDAMEAGuWqwMEAWuWrAMEAGuWrwMEAqLasDAMAwQAot5ZAwQAot5a
AwQBp6AAAwQAp6ADAwQAp6ANAwQAp6ARAwQAp6AVMAwDBAKnoBwDBACnoB4DBAC5
BOEDBAG5oW4DBAC51K4DBALGNxwwDQQCAAIwBwMFAyoHUUAwDQYJKoZIhvcNAQEL
BQADggEBAC2JfqWEYOgCuxBc/rYfTJLhfa2Zg4LyWwA+aKVI5FKZIGCzOvvhDT5c
Ml3/BifiSM0ScR8uMn0W00+NRvFBs5QXNalE89SDPtBX3xha25PQszVBAUkuEpVb
DEiO/VE1RWWZ2glLEujan+0t4IFH7OvpcFJKbtjEDZMpXsBo0N35hpi6/MViw6A2
yZDBr/sAEKw+/4PtLrUC/rBUgUv7FKh6W2bnglLFKQi4Xi1juFt+RhOkXVzM1h2C
QvZyaweVOasmPkJDkuyNgtJl2Y1ghrNz4FngAjeZTkpyafwfCRJB6DC09DbxVphz
rpeDpHSWO2/yIhCq31jeQ/J4iQMEdSI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:11:23 2025 by rpki-client