Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/UuJhylcZO1w1yiGDptF7S6feiIw.roa
File: UuJhylcZO1w1yiGDptF7S6feiIw.roa (raw, json)
Hash identifier: AuCF+7CQPwJAg9qzemvaoIPe5kJTPnh/UyR00qWaSUI=
Subject key identifier: 52:E2:61:CA:57:19:3B:5C:35:CA:21:83:A6:D1:7B:4B:A7:DE:88:8C
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 06B36830
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/UuJhylcZO1w1yiGDptF7S6feiIw.roa
Signing time: Sat 01 Jan 2022 07:52:31 +0000
ROA not before: Sat 01 Jan 2022 07:52:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 109.203.160.0/21 maxlen: 24
37.49.144.0/21 maxlen: 24
109.203.172.0/22 maxlen: 24
109.203.168.0/22 maxlen: 24
109.203.176.0/22 maxlen: 24
109.203.180.0/22 maxlen: 24
109.203.184.0/21 maxlen: 24
94.74.152.0/22 maxlen: 24
185.34.162.0/24 maxlen: 24
185.34.160.0/23 maxlen: 24
185.34.163.0/24 maxlen: 24
176.46.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112420912 (0x6b36830)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 1 07:52:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52e261ca57193b5c35ca2183a6d17b4ba7de888c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bb:e2:b1:8d:15:50:5e:5a:b4:d0:97:f1:d5:
4d:19:b2:ab:2f:96:cb:e9:b9:75:ed:22:4b:16:68:
59:d5:63:a0:93:8e:55:ab:c7:4c:6f:5e:7e:1f:f3:
fe:6a:c5:25:dc:47:8b:6b:92:1b:49:cb:f8:ab:43:
a1:1f:7a:22:d4:1f:41:18:63:84:b8:82:a1:c2:52:
a7:77:9b:40:dd:18:19:e6:ff:e9:ee:84:5a:9b:e7:
d8:ae:d5:9b:ee:46:52:0f:aa:21:86:7a:25:7a:5e:
f2:59:aa:94:5d:25:c6:8d:67:23:52:6b:3d:a8:27:
0c:8d:77:2d:70:86:a9:72:ef:e8:8c:e1:23:08:e3:
68:ee:cc:0e:9b:1f:a8:b5:4e:42:7a:6a:16:60:32:
16:c4:35:93:2d:df:b1:62:b2:4b:03:c6:eb:1c:35:
5b:1a:0e:f2:be:51:d3:24:72:6c:16:e4:f0:3b:97:
c5:ca:b0:de:fd:eb:e9:26:33:b2:bd:62:d6:9f:e4:
c8:e6:6c:1b:7c:80:49:37:ee:ed:64:77:e6:3b:64:
c5:d2:92:9b:47:6a:95:7b:2f:de:bf:a4:6e:60:2f:
00:05:ae:bd:90:94:62:72:0c:86:4a:8b:e9:78:19:
3c:eb:9a:d0:76:33:c7:36:7a:4a:9c:bc:f9:b1:5a:
71:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E2:61:CA:57:19:3B:5C:35:CA:21:83:A6:D1:7B:4B:A7:DE:88:8C
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/UuJhylcZO1w1yiGDptF7S6feiIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/21
94.74.152.0/22
109.203.160.0/19
176.46.128.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
91:cb:a2:06:52:b1:b8:89:d8:ab:97:46:f1:6e:a8:35:22:6f:
40:a5:2e:02:b1:39:f4:94:40:1e:e5:a2:84:06:3b:3a:94:d6:
f9:bb:30:39:be:e7:0f:13:95:62:b3:60:34:8e:0b:07:a3:e5:
e7:e1:ef:df:b1:fe:1c:36:d8:dd:75:04:72:14:c5:c1:9c:a6:
0b:68:2f:3a:13:06:70:fb:9d:98:3c:eb:12:c0:69:19:c9:a8:
2c:b6:41:ee:11:fa:91:32:e1:29:57:dc:6d:94:d1:3c:4c:e1:
94:be:95:ac:2c:5c:1d:45:84:b3:8e:2d:cf:ad:0b:b7:41:d9:
da:39:aa:c9:aa:09:ac:4b:a8:d0:4f:4e:b5:d3:81:14:50:e0:
7a:37:b7:80:4b:2c:61:9b:5a:72:5c:58:9c:ae:f6:b6:7f:ca:
da:ce:8a:8f:5e:85:c3:7b:06:26:7b:4f:8f:d1:9d:66:ca:40:
a6:c1:8d:2b:a8:34:d9:ce:a8:b7:88:89:dc:a8:64:d1:00:cc:
0e:a5:03:f9:f8:9d:a6:01:b8:7c:1b:31:16:17:f3:38:cf:f9:
b1:64:7a:56:1b:c8:62:e7:27:ac:6c:d5:e8:aa:9e:77:62:17:
61:1e:2c:6b:20:65:2f:60:eb:25:c2:4d:ba:06:38:ad:0c:57:
65:2b:24:9a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBrNoMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjA0NzVlYmU3ZjA3ZDc0MTUzY2IxY2NhMzM4YzE2ZDgwMWY0NWY3MB4XDTIyMDEw
MTA3NTIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJlMjYxY2E1NzE5
M2I1YzM1Y2EyMTgzYTZkMTdiNGJhN2RlODg4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL674rGNFVBeWrTQl/HVTRmyqy+Wy+m5de0iSxZoWdVjoJOO
VavHTG9efh/z/mrFJdxHi2uSG0nL+KtDoR96ItQfQRhjhLiCocJSp3ebQN0YGeb/
6e6EWpvn2K7Vm+5GUg+qIYZ6JXpe8lmqlF0lxo1nI1JrPagnDI13LXCGqXLv6Izh
IwjjaO7MDpsfqLVOQnpqFmAyFsQ1ky3fsWKySwPG6xw1WxoO8r5R0yRybBbk8DuX
xcqw3v3r6SYzsr1i1p/kyOZsG3yASTfu7WR35jtkxdKSm0dqlXsv3r+kbmAvAAWu
vZCUYnIMhkqL6XgZPOua0HYzxzZ6Spy8+bFacQcCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRS4mHKVxk7XDXKIYOm0XtLp96IjDAfBgNVHSMEGDAWgBTWBHXr5/B9dBU8
scyjOMFtgB9F9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFnUjE2LWZ3ZlhRVlBMSE1vempCYllBZlJmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8x
L1V1Smh5bGNaTzF3MXlpR0RwdEY3UzZmZWlJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8xLzFnUjE2LWZ3ZlhR
VlBMSE1vempCYllBZlJmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAyUxkAMEAl5KmAMEBW3LoAMEBbAu
gAMEArkioDANBgkqhkiG9w0BAQsFAAOCAQEAkcuiBlKxuInYq5dG8W6oNSJvQKUu
ArE59JRAHuWihAY7OpTW+bswOb7nDxOVYrNgNI4LB6Pl5+Hv37H+HDbY3XUEchTF
wZymC2gvOhMGcPudmDzrEsBpGcmoLLZB7hH6kTLhKVfcbZTRPEzhlL6VrCxcHUWE
s44tz60Lt0HZ2jmqyaoJrEuo0E9OtdOBFFDgeje3gEssYZtaclxYnK72tn/K2s6K
j16Fw3sGJntPj9GdZspApsGNK6g02c6ot4iJ3Khk0QDMDqUD+fidpgG4fBsxFhfz
OM/5sWR6VhvIYucnrGzV6Kqed2IXYR4sayBlL2DrJcJNugY4rQxXZSskmg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:20 2025 by rpki-client