Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/pAdSjAUoeSq7dpahHz1D9rN8oCE.roa
File: pAdSjAUoeSq7dpahHz1D9rN8oCE.roa (raw, json)
Hash identifier: jSnZVbgEQ9/kivahGdYbCuGt8fMphrk1OrmBIUQOrt0=
Subject key identifier: A4:07:52:8C:05:28:79:2A:BB:76:96:A1:1F:3D:43:F6:B3:7C:A0:21
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018A791AC6578D8DAAC4C83505C64CB487BB
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/pAdSjAUoeSq7dpahHz1D9rN8oCE.roa
Signing time: Sat 09 Sep 2023 08:41:52 +0000
ROA not before: Sat 09 Sep 2023 08:41:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 167.160.4.0/24 maxlen: 24
185.192.215.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.12.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
185.165.47.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
185.4.224.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.212.0/24 maxlen: 24
185.192.212.0/22 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:79:1a:c6:57:8d:8d:aa:c4:c8:35:05:c6:4c:b4:87:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Sep 9 08:41:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a407528c0528792abb7696a11f3d43f6b37ca021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f4:2e:e1:fe:d5:10:af:c7:f7:c6:71:db:75:
17:25:3a:c7:2c:2d:58:8e:6c:c7:74:5b:5c:35:c1:
0d:ce:eb:17:6c:f7:a2:95:db:39:8d:63:4b:0c:27:
47:18:f7:49:b0:fa:25:43:63:78:4d:05:30:6e:08:
32:3d:7b:dd:4a:51:d4:8f:a5:d4:77:2d:db:c8:28:
4c:3d:50:da:a4:a8:b8:dd:c4:82:aa:b1:9d:2b:44:
2b:4d:f9:9b:c4:a4:2e:34:46:f7:57:20:a4:9f:65:
96:a6:bb:f5:4a:f4:20:0f:17:fa:81:cf:b6:47:6f:
2a:10:70:4c:5b:d3:f9:50:15:14:b7:8f:41:fb:64:
45:6e:1b:76:b4:df:98:e4:63:6e:1b:e7:ee:19:a5:
ad:a5:a4:06:93:19:38:a4:7c:09:18:3d:bb:d2:73:
81:c3:91:92:b4:d4:1d:d5:eb:65:c1:25:42:78:2e:
9f:2a:4d:bb:fa:30:ef:20:d6:9b:53:1b:63:9e:82:
cc:01:d9:01:31:8a:75:b7:8c:88:31:05:a2:d1:d2:
9e:a5:34:1a:3e:62:76:40:99:89:86:69:5c:8a:d2:
4c:cc:e2:07:95:b7:9f:f9:6a:06:3e:61:6e:1c:df:
0d:c2:c9:9c:2d:9c:7e:73:5c:57:37:16:c5:d6:cb:
9c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:07:52:8C:05:28:79:2A:BB:76:96:A1:1F:3D:43:F6:B3:7C:A0:21
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/pAdSjAUoeSq7dpahHz1D9rN8oCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.2.0/24
167.160.4.0/24
167.160.11.0-167.160.12.255
167.160.16.0/24
167.160.19.0/24
185.4.224.0/23
185.161.111.0/24
185.165.47.0/24
185.192.212.0/22
185.212.172.0-185.212.174.255
Signature Algorithm: sha256WithRSAEncryption
06:c5:49:e8:06:ce:e2:57:01:7b:98:54:6f:36:c8:0f:4f:85:
25:70:48:f0:c2:a8:9d:e5:3a:13:71:4e:ae:e1:d9:8f:9a:0e:
08:f5:0c:e7:b7:ca:a9:6c:73:5a:b4:03:84:e1:5b:d8:55:79:
ef:6f:86:cb:bf:25:d9:c4:d1:cb:b3:24:72:c5:0f:b3:50:8b:
c3:d1:62:fa:80:58:74:e7:94:9c:a3:e9:26:6f:8e:fd:56:8a:
ad:8e:7d:c5:79:80:6a:b2:36:f6:1d:fd:49:48:bd:38:48:0f:
57:9f:e4:ff:27:54:60:ee:71:2f:db:ef:44:52:1c:ab:da:a2:
78:93:11:8a:b5:49:de:b5:c7:10:62:fc:f0:5c:3e:be:c3:ca:
a5:af:d6:3d:0b:88:69:cd:9f:b5:62:b7:a2:22:17:bb:26:e2:
25:9e:f0:81:1e:7b:f1:a8:62:cc:fb:7f:2d:f9:77:98:01:68:
5d:14:45:aa:d4:2f:9e:11:72:c0:a3:c4:3c:b3:eb:41:38:5e:
90:b2:12:df:3a:f1:75:df:d2:5f:3a:9a:36:74:86:62:e1:0b:
e1:06:9e:b7:e5:0b:17:b7:d2:1f:02:6e:63:9d:95:72:c9:35:
1b:31:81:c3:72:d8:aa:59:13:3d:7f:df:e9:08:0c:75:bf:c6:
bb:e4:76:26
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYp5GsZXjY2qxMg1BcZMtIe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwOTA5MDg0MTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA3NTI4YzA1Mjg3OTJhYmI3Njk2YTExZjNkNDNmNmIzN2NhMDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/Qu4f7VEK/H98Zx23UXJTrHLC1Y
jmzHdFtcNcENzusXbPeilds5jWNLDCdHGPdJsPolQ2N4TQUwbggyPXvdSlHUj6XU
dy3byChMPVDapKi43cSCqrGdK0QrTfmbxKQuNEb3VyCkn2WWprv1SvQgDxf6gc+2
R28qEHBMW9P5UBUUt49B+2RFbht2tN+Y5GNuG+fuGaWtpaQGkxk4pHwJGD270nOB
w5GStNQd1etlwSVCeC6fKk27+jDvINabUxtjnoLMAdkBMYp1t4yIMQWi0dKepTQa
PmJ2QJmJhmlcitJMzOIHlbef+WoGPmFuHN8NwsmcLZx+c1xXNxbF1sucpQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFKQHUowFKHkqu3aWoR89Q/azfKAhMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvcEFkU2pBVW9lU3E3ZHBhaEh6MUQ5ck44b0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAp6ACAwQA
p6AEMAwDBACnoAsDBACnoAwDBACnoBADBACnoBMDBAG5BOADBAC5oW8DBAC5pS8D
BAK5wNQwDAMEArnUrAMEALnUrjANBgkqhkiG9w0BAQsFAAOCAQEABsVJ6AbO4lcB
e5hUbzbID0+FJXBI8MKoneU6E3FOruHZj5oOCPUM57fKqWxzWrQDhOFb2FV572+G
y78l2cTRy7MkcsUPs1CLw9Fi+oBYdOeUnKPpJm+O/VaKrY59xXmAarI29h39SUi9
OEgPV5/k/ydUYO5xL9vvRFIcq9qieJMRirVJ3rXHEGL88Fw+vsPKpa/WPQuIac2f
tWK3oiIXuybiJZ7wgR578ahizPt/Lfl3mAFoXRRFqtQvnhFywKPEPLPrQThekLIS
3zrxdd/SXzqaNnSGYuEL4Qaet+ULF7fSHwJuY52Vcsk1GzGBw3LYqlkTPX/f6QgM
db/Gu+R2Jg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:17 2025 by rpki-client