Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a5702a-5f3e-45f7-a85f-fb093296e70f/1/Unkko5umia1h8Gm3J4lQRJ0qUKY.roa
File: Unkko5umia1h8Gm3J4lQRJ0qUKY.roa (raw, json)
Hash identifier: 2FB+jEA1RpunkCfRcr49r45TEOPA8N09/nhcp0Smy/Q=
Subject key identifier: 52:79:24:A3:9B:A6:89:AD:61:F0:69:B7:27:89:50:44:9D:2A:50:A6
Certificate issuer: /CN=af25dcd15003853955fc231cb74bfbc1ec951f07
Certificate serial: 0629ACC3
Authority key identifier: AF:25:DC:D1:50:03:85:39:55:FC:23:1C:B7:4B:FB:C1:EC:95:1F:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryXc0VADhTlV_CMct0v7weyVHwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/a5702a-5f3e-45f7-a85f-fb093296e70f/1/Unkko5umia1h8Gm3J4lQRJ0qUKY.roa
Signing time: Sat 01 Jan 2022 12:03:53 +0000
ROA not before: Sat 01 Jan 2022 12:03:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 193.41.237.0/24 maxlen: 24
193.42.11.0/24 maxlen: 24
193.42.12.0/24 maxlen: 24
176.96.136.0/22 maxlen: 22
193.41.226.0/24 maxlen: 24
2a0d:5941::/32 maxlen: 32
2a0d:5940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103394499 (0x629acc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af25dcd15003853955fc231cb74bfbc1ec951f07
Validity
Not Before: Jan 1 12:03:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=527924a39ba689ad61f069b7278950449d2a50a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:ba:0a:cd:b4:2d:8a:d8:33:69:ca:a0:4a:
81:fd:85:d5:9a:17:db:c1:2a:48:78:00:51:69:7f:
0a:d4:18:c8:53:9d:c9:96:69:91:35:ad:5b:64:5a:
5b:e7:8c:e5:73:3d:39:14:c9:15:e5:46:11:83:45:
d3:8f:0d:0a:b0:f5:40:18:91:21:31:bd:66:03:56:
7b:a0:e8:df:be:e6:38:71:50:c5:a3:23:f7:ad:59:
60:ab:80:e0:e4:7c:5b:47:0a:09:01:d0:c3:f5:67:
46:ab:3f:e4:95:e9:c4:92:f9:81:f4:14:f0:cf:5a:
64:92:58:79:35:cc:18:54:03:36:2f:01:c6:07:bc:
65:99:c8:a1:29:f1:7c:be:52:0a:58:d8:9b:b5:31:
21:76:f5:17:17:ae:96:b3:f1:a3:49:6c:40:50:47:
f8:0b:60:47:31:40:56:c0:66:1f:2f:78:a1:d9:72:
e7:62:96:d8:d6:df:9b:7f:0e:0a:50:91:25:55:3d:
39:6e:94:78:d1:f3:5f:40:4d:21:cd:4a:db:95:cd:
9f:50:15:21:01:e3:d0:62:2b:65:ee:56:35:a7:9b:
43:45:3a:a6:cc:87:b7:ca:6b:53:59:1d:c8:10:9a:
50:8f:7b:b6:af:73:c6:1a:86:75:e5:cf:db:ab:26:
e2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:79:24:A3:9B:A6:89:AD:61:F0:69:B7:27:89:50:44:9D:2A:50:A6
X509v3 Authority Key Identifier:
keyid:AF:25:DC:D1:50:03:85:39:55:FC:23:1C:B7:4B:FB:C1:EC:95:1F:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryXc0VADhTlV_CMct0v7weyVHwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a5702a-5f3e-45f7-a85f-fb093296e70f/1/Unkko5umia1h8Gm3J4lQRJ0qUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a5702a-5f3e-45f7-a85f-fb093296e70f/1/ryXc0VADhTlV_CMct0v7weyVHwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.136.0/22
193.41.226.0/24
193.41.237.0/24
193.42.11.0-193.42.12.255
IPv6:
2a0d:5940::/29
Signature Algorithm: sha256WithRSAEncryption
a8:e3:b6:ea:aa:f3:69:40:41:1a:db:4c:57:68:21:72:3b:27:
05:15:26:b1:30:8d:c6:4b:5e:22:23:76:0d:3e:3b:65:dc:c1:
70:71:39:ac:26:e8:a9:11:f0:5b:47:a7:35:94:7f:46:1d:47:
ec:df:e0:18:5a:d8:d6:e6:b6:41:7f:dd:8f:55:16:5e:4d:ca:
8e:67:6a:bf:b5:59:b3:57:4e:5c:17:24:fa:d3:ff:f9:ff:be:
56:81:49:fa:b3:a1:6c:09:82:0d:be:39:33:1f:c5:e3:28:f4:
6b:aa:76:54:50:75:a6:70:61:b5:96:21:24:53:4a:d2:4b:98:
a9:1b:79:51:62:25:25:aa:e7:fc:bd:d2:bc:70:b2:4e:c6:7f:
f8:d4:45:1b:b6:79:8a:21:bc:28:a7:a4:f3:3b:01:e2:2b:16:
ad:6d:1d:ed:1f:2d:42:6f:2c:04:04:6d:9c:0d:39:39:b1:3b:
15:6c:d6:a9:c9:ff:e5:86:66:e8:1e:f2:9a:f7:0a:f0:b8:1f:
54:3f:e6:40:fb:8b:0b:e0:9e:93:04:ff:9f:09:48:75:58:f0:
54:33:61:15:81:17:0c:fc:21:3e:42:64:d6:1e:7e:dd:91:56:
c5:01:88:b4:13:24:cf:c6:e6:57:3a:6c:95:1f:a4:a2:8b:69:
eb:ef:52:a8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEBimswzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjI1ZGNkMTUwMDM4NTM5NTVmYzIzMWNiNzRiZmJjMWVjOTUxZjA3MB4XDTIyMDEw
MTEyMDM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI3OTI0YTM5YmE2
ODlhZDYxZjA2OWI3Mjc4OTUwNDQ5ZDJhNTBhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWvugrNtC2K2DNpyqBKgf2F1ZoX28EqSHgAUWl/CtQYyFOd
yZZpkTWtW2RaW+eM5XM9ORTJFeVGEYNF048NCrD1QBiRITG9ZgNWe6Do377mOHFQ
xaMj961ZYKuA4OR8W0cKCQHQw/VnRqs/5JXpxJL5gfQU8M9aZJJYeTXMGFQDNi8B
xge8ZZnIoSnxfL5SCljYm7UxIXb1FxeulrPxo0lsQFBH+AtgRzFAVsBmHy94odly
52KW2Nbfm38OClCRJVU9OW6UeNHzX0BNIc1K25XNn1AVIQHj0GIrZe5WNaebQ0U6
psyHt8prU1kdyBCaUI97tq9zxhqGdeXP26sm4u0CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRSeSSjm6aJrWHwabcniVBEnSpQpjAfBgNVHSMEGDAWgBSvJdzRUAOFOVX8
Ixy3S/vB7JUfBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J5WGMwVkFEaFRsVl9DTWN0MHY3d2V5Vkh3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYTU3MDJhLTVmM2UtNDVmNy1hODVmLWZiMDkzMjk2ZTcwZi8x
L1Vua2tvNXVtaWExaDhHbTNKNGxRUkowcVVLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YTU3MDJhLTVmM2UtNDVmNy1hODVmLWZiMDkzMjk2ZTcwZi8xL3J5WGMwVkFEaFRs
Vl9DTWN0MHY3d2V5Vkh3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEArBgiAMEAMEp4gMEAMEp7TAMAwQA
wSoLAwQAwSoMMA0EAgACMAcDBQMqDVlAMA0GCSqGSIb3DQEBCwUAA4IBAQCo47bq
qvNpQEEa20xXaCFyOycFFSaxMI3GS14iI3YNPjtl3MFwcTmsJuipEfBbR6c1lH9G
HUfs3+AYWtjW5rZBf92PVRZeTcqOZ2q/tVmzV05cFyT60//5/75WgUn6s6FsCYIN
vjkzH8XjKPRrqnZUUHWmcGG1liEkU0rSS5ipG3lRYiUlquf8vdK8cLJOxn/41EUb
tnmKIbwop6TzOwHiKxatbR3tHy1CbywEBG2cDTk5sTsVbNapyf/lhmboHvKa9wrw
uB9UP+ZA+4sL4J6TBP+fCUh1WPBUM2EVgRcM/CE+QmTWHn7dkVbFAYi0EyTPxuZX
OmyVH6Sii2nr71Ko
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:07 2024 by rpki-client on console-ams.rpki-client.org