Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/852364-ca64-4c12-b457-ca7e1ca676c8/1/u8mwpw0E1jsk-w4M3xyEVo5TlSI.roa
File: u8mwpw0E1jsk-w4M3xyEVo5TlSI.roa (raw, json)
Hash identifier: tmReooEmba7GFL0EOuUIjciXs3Bid2qVlroC5cNAR/o=
Subject key identifier: BB:C9:B0:A7:0D:04:D6:3B:24:FB:0E:0C:DF:1C:84:56:8E:53:95:22
Certificate issuer: /CN=518c14d7fbd0a7b765b1960b8bea82cf7d0cb4be
Certificate serial: 1274CBD3
Authority key identifier: 51:8C:14:D7:FB:D0:A7:B7:65:B1:96:0B:8B:EA:82:CF:7D:0C:B4:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYwU1_vQp7dlsZYLi-qCz30MtL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/852364-ca64-4c12-b457-ca7e1ca676c8/1/u8mwpw0E1jsk-w4M3xyEVo5TlSI.roa
Signing time: Sat 01 Jan 2022 04:01:19 +0000
ROA not before: Sat 01 Jan 2022 04:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35654
IP address blocks: 80.72.66.0/24 maxlen: 24
80.72.68.0/24 maxlen: 24
80.72.69.0/24 maxlen: 24
80.72.75.0/24 maxlen: 24
80.72.78.0/24 maxlen: 24
80.72.77.0/24 maxlen: 24
80.72.80.0/24 maxlen: 24
80.72.82.0/24 maxlen: 24
80.72.81.0/24 maxlen: 24
80.72.93.0/24 maxlen: 24
80.72.95.0/24 maxlen: 24
80.72.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309644243 (0x1274cbd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=518c14d7fbd0a7b765b1960b8bea82cf7d0cb4be
Validity
Not Before: Jan 1 04:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbc9b0a70d04d63b24fb0e0cdf1c84568e539522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:48:e0:9c:9b:f5:dd:47:67:62:dd:87:c8:4f:
aa:64:83:a8:b4:6b:81:9b:cf:f3:21:12:50:80:66:
59:5b:80:19:a2:1b:da:c7:a7:08:8d:1e:c8:1c:c8:
59:92:6a:52:49:10:1d:72:b2:18:73:33:ae:be:dc:
26:de:a3:ed:3c:37:ab:02:75:3b:be:9d:df:3f:47:
19:b6:77:34:e8:c1:0c:68:ef:f8:c0:b9:01:a4:4e:
3a:98:c9:86:07:be:cf:58:7a:50:01:9e:10:b0:6a:
ae:cf:3e:ab:6b:7b:31:0f:e5:de:21:a5:bd:25:db:
1c:75:77:76:3a:c5:da:b4:2f:44:9e:8f:f5:ea:b5:
9b:63:05:59:4d:82:2d:8b:a8:25:8b:1f:4f:6f:b5:
cb:70:da:b6:ad:00:23:a5:be:d2:11:fa:cb:b0:e0:
8a:a7:b1:09:3e:68:16:67:96:7a:43:88:28:f1:af:
0d:a6:81:54:be:94:22:e8:e3:cb:8c:03:c7:d5:e4:
9e:b1:26:fb:13:e7:99:fe:57:a8:e6:88:23:7c:60:
1b:c2:f8:dc:a0:27:b9:e4:d4:92:b7:26:05:59:dc:
79:63:e3:1d:c9:7a:6a:d4:bd:52:2d:ae:0d:a1:4d:
5f:f2:bf:f2:16:b7:28:66:21:10:95:3d:69:88:0b:
01:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C9:B0:A7:0D:04:D6:3B:24:FB:0E:0C:DF:1C:84:56:8E:53:95:22
X509v3 Authority Key Identifier:
keyid:51:8C:14:D7:FB:D0:A7:B7:65:B1:96:0B:8B:EA:82:CF:7D:0C:B4:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYwU1_vQp7dlsZYLi-qCz30MtL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/852364-ca64-4c12-b457-ca7e1ca676c8/1/u8mwpw0E1jsk-w4M3xyEVo5TlSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/852364-ca64-4c12-b457-ca7e1ca676c8/1/UYwU1_vQp7dlsZYLi-qCz30MtL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.66.0/24
80.72.68.0/23
80.72.75.0/24
80.72.77.0-80.72.78.255
80.72.80.0-80.72.82.255
80.72.92.0/23
80.72.95.0/24
Signature Algorithm: sha256WithRSAEncryption
30:b1:1d:31:07:be:a5:6e:a6:9f:9d:ae:d6:e1:bc:a6:c4:68:
c2:08:fc:95:21:e2:c9:92:61:74:8a:b6:6e:5c:81:47:d0:65:
f3:57:d5:30:6d:05:b7:3b:13:51:e4:e1:1d:f6:0f:b5:2d:52:
ed:45:00:66:6f:8f:fc:6a:b3:b2:0e:1f:c1:a1:d1:5e:bc:10:
73:56:1d:05:93:c7:62:b9:c5:ad:c8:bb:68:b1:32:38:74:a6:
2b:5a:92:53:d2:7d:3b:15:6b:86:c0:5e:b0:76:ad:4c:31:9e:
3e:41:d2:d2:44:67:a5:bd:91:9d:2b:b5:dc:58:33:1d:c9:6f:
6e:91:51:d1:53:fe:17:5d:6d:5e:c2:3a:aa:f9:bb:c6:65:be:
8a:da:ff:6b:18:30:af:c4:2d:9d:35:69:20:d1:db:3a:45:0f:
ad:d6:ab:f1:62:70:68:6d:31:1e:cc:a9:87:79:e9:73:6f:f9:
0f:2c:b0:c9:6e:34:91:1c:96:eb:ad:b5:40:dc:de:59:ca:5a:
52:92:8d:e6:d2:e7:f5:76:13:0f:15:f6:2e:01:11:8a:2c:3f:
c6:db:02:c3:b3:5c:40:58:8b:d6:99:0b:31:e8:b3:96:90:0e:
83:ad:5a:7d:e6:f0:8e:c1:56:76:ff:57:a5:03:55:a5:0f:f4:
53:e6:f1:6c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEEnTL0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MThjMTRkN2ZiZDBhN2I3NjViMTk2MGI4YmVhODJjZjdkMGNiNGJlMB4XDTIyMDEw
MTA0MDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJjOWIwYTcwZDA0
ZDYzYjI0ZmIwZTBjZGYxYzg0NTY4ZTUzOTUyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1I4Jyb9d1HZ2Ldh8hPqmSDqLRrgZvP8yESUIBmWVuAGaIb
2senCI0eyBzIWZJqUkkQHXKyGHMzrr7cJt6j7Tw3qwJ1O76d3z9HGbZ3NOjBDGjv
+MC5AaROOpjJhge+z1h6UAGeELBqrs8+q2t7MQ/l3iGlvSXbHHV3djrF2rQvRJ6P
9eq1m2MFWU2CLYuoJYsfT2+1y3Datq0AI6W+0hH6y7DgiqexCT5oFmeWekOIKPGv
DaaBVL6UIujjy4wDx9XknrEm+xPnmf5XqOaII3xgG8L43KAnueTUkrcmBVnceWPj
Hcl6atS9Ui2uDaFNX/K/8ha3KGYhEJU9aYgLAV0CAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBS7ybCnDQTWOyT7DgzfHIRWjlOVIjAfBgNVHSMEGDAWgBRRjBTX+9Cnt2Wx
lguL6oLPfQy0vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VZd1UxX3ZRcDdkbHNaWUxpLXFDejMwTXRMNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvODUyMzY0LWNhNjQtNGMxMi1iNDU3LWNhN2UxY2E2NzZjOC8x
L3U4bXdwdzBFMWpzay13NE0zeHlFVm81VGxTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
ODUyMzY0LWNhNjQtNGMxMi1iNDU3LWNhN2UxY2E2NzZjOC8xL1VZd1UxX3ZRcDdk
bHNaWUxpLXFDejMwTXRMNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAFBIQgMEAVBIRAMEAFBISzAMAwQA
UEhNAwQAUEhOMAwDBARQSFADBABQSFIDBAFQSFwDBABQSF8wDQYJKoZIhvcNAQEL
BQADggEBADCxHTEHvqVupp+drtbhvKbEaMII/JUh4smSYXSKtm5cgUfQZfNX1TBt
Bbc7E1Hk4R32D7UtUu1FAGZvj/xqs7IOH8Gh0V68EHNWHQWTx2K5xa3Iu2ixMjh0
pitaklPSfTsVa4bAXrB2rUwxnj5B0tJEZ6W9kZ0rtdxYMx3Jb26RUdFT/hddbV7C
Oqr5u8Zlvora/2sYMK/ELZ01aSDR2zpFD63Wq/FicGhtMR7MqYd56XNv+Q8ssMlu
NJEcluuttUDc3lnKWlKSjebS5/V2Ew8V9i4BEYosP8bbAsOzXEBYi9aZCzHos5aQ
DoOtWn3m8I7BVnb/V6UDVaUP9FPm8Ww=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org