Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/9zNAo-ARsqdRxUaE4DxcNXImiWQ.roa
File: 9zNAo-ARsqdRxUaE4DxcNXImiWQ.roa (raw, json)
Hash identifier: pN7aUqADc8qlJS6SpRjKs98rP2eVOscFraB5ZlfUrxM=
Subject key identifier: F7:33:40:A3:E0:11:B2:A7:51:C5:46:84:E0:3C:5C:35:72:26:89:64
Certificate issuer: /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial: 018CC348DBA1FF41C6D030291706189CC550
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/9zNAo-ARsqdRxUaE4DxcNXImiWQ.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41564
IP address blocks: 23.92.127.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.153.236.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
2a02:5740::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:22::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:db:a1:ff:41:c6:d0:30:29:17:06:18:9c:c5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6327607563493337687ad69ce1064e636265be3f
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f73340a3e011b2a751c54684e03c5c3572268964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:33:6c:80:20:00:d3:7d:4c:ea:ce:a7:b1:41:
7d:79:96:35:7e:48:b7:2a:32:27:f9:68:98:e1:ee:
8d:08:71:28:67:27:c9:21:00:e5:84:3a:90:6d:24:
90:2b:b9:9a:da:5e:3f:86:e2:45:c3:ad:2d:95:0d:
89:f6:0e:81:d2:66:1b:5f:d9:82:7c:b6:fb:03:99:
1a:f4:02:05:bd:ae:a1:40:5c:aa:b5:b8:3e:5c:47:
43:92:b4:cc:8b:14:fd:5d:ba:22:1a:a4:4f:f5:eb:
18:a6:01:c3:3b:00:9e:67:e2:a9:2c:a4:19:28:a2:
20:0d:d0:b1:45:4c:90:82:e5:36:d4:6a:a9:a2:03:
eb:9e:e5:66:a5:28:00:d3:ee:77:d3:dd:2c:e9:a9:
e8:d9:7f:4c:9e:29:15:80:18:26:7c:27:02:f5:81:
5a:18:4e:b2:87:19:8c:38:2a:fe:11:5f:e2:26:44:
83:5f:a9:10:7b:f3:5a:18:42:24:f9:5c:90:1b:64:
09:e3:95:e1:32:1e:75:f9:59:d2:f0:1e:35:5a:67:
5f:07:c2:6e:fc:4c:31:28:f4:63:8d:6d:a9:42:e6:
94:f0:98:90:5c:6d:53:c6:99:fd:57:da:ed:fd:b6:
27:3e:70:ff:53:e7:41:2e:61:44:ab:7f:ec:ee:52:
b0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:33:40:A3:E0:11:B2:A7:51:C5:46:84:E0:3C:5C:35:72:26:89:64
X509v3 Authority Key Identifier:
keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/9zNAo-ARsqdRxUaE4DxcNXImiWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.6.0/24
151.237.186.0/24
IPv6:
2a02:5740::/47
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:cd:9a:53:91:52:5f:04:96:b9:0e:c2:97:ce:5c:a2:70:c7:
2f:32:f2:2e:23:d5:76:09:a6:e5:93:ec:b8:06:e5:d5:1a:a5:
75:53:b6:39:15:dc:d5:9d:3f:e5:84:f3:e9:83:73:ce:c4:24:
40:b9:34:35:e9:61:44:b1:d9:c2:1c:35:ea:4c:87:77:fa:64:
ea:5b:b1:a9:8f:9c:7b:69:f1:0e:4a:e6:be:11:ce:e7:25:f9:
c2:d5:35:ac:88:ef:06:93:d4:27:92:be:39:af:68:00:5d:d6:
4c:9c:a1:cf:b4:92:13:1e:bf:76:43:86:c8:e5:c7:f4:6e:64:
21:b2:59:fa:28:15:94:20:65:8e:3f:14:a4:76:93:b6:81:ce:
ed:68:ab:b0:f4:fd:66:44:7b:d7:f5:e9:62:70:09:7b:6d:8e:
29:74:16:45:dc:e5:33:6e:3b:be:c2:75:08:0e:d2:cf:6d:32:
7b:5f:36:53:5c:08:5b:43:20:bb:c6:0b:cb:ee:6e:a4:fa:e9:
35:00:f9:7e:4a:96:ce:89:fb:e4:12:22:69:70:d5:2c:68:9f:
64:db:eb:11:7b:e9:8d:f7:4d:e7:4f:50:44:4c:77:38:27:38:
88:80:a1:e4:92:9d:17:f9:18:84:20:8d:f4:c7:52:f6:23:ed:
06:ea:df:e0
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzDSNuh/0HG0DApFwYYnMVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzMzNDBhM2UwMTFiMmE3NTFjNTQ2ODRlMDNjNWMzNTcyMjY4OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTNsgCAA031M6s6nsUF9eZY1fki3
KjIn+WiY4e6NCHEoZyfJIQDlhDqQbSSQK7ma2l4/huJFw60tlQ2J9g6B0mYbX9mC
fLb7A5ka9AIFva6hQFyqtbg+XEdDkrTMixT9XboiGqRP9esYpgHDOwCeZ+KpLKQZ
KKIgDdCxRUyQguU21GqpogPrnuVmpSgA0+53090s6ano2X9MnikVgBgmfCcC9YFa
GE6yhxmMOCr+EV/iJkSDX6kQe/NaGEIk+VyQG2QJ45XhMh51+VnS8B41WmdfB8Ju
/EwxKPRjjW2pQuaU8JiQXG1Txpn9V9rt/bYnPnD/U+dBLmFEq3/s7lKwDwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPczQKPgEbKnUcVGhOA8XDVyJolkMB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEvOXpOQW8tQVJzcWRSeFVhRTREeGNOWEltaVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB4BAIAATByAwQABZns
AwQABZnvAwQABZ0IMAwDBAAFnQ0DBAAFnQ4DBAAFnREDBAAFnRYDBAAFnRswDAME
AAWdKQMEAAWdKgMEAAWdLQMEAAWdODAMAwQBBZ06AwQGBZ0AAwQAF1x/AwQAaKAC
AwQAaKAGAwQAl+26MDUEAgACMC8DBwEqAldAAAADBwAqAldAABEDBwAqAldAABgw
EgMHACoCV0AAIQMHACoCV0AAIjANBgkqhkiG9w0BAQsFAAOCAQEAA82aU5FSXwSW
uQ7Cl85conDHLzLyLiPVdgmm5ZPsuAbl1RqldVO2ORXc1Z0/5YTz6YNzzsQkQLk0
NelhRLHZwhw16kyHd/pk6luxqY+ce2nxDkrmvhHO5yX5wtU1rIjvBpPUJ5K+Oa9o
AF3WTJyhz7SSEx6/dkOGyOXH9G5kIbJZ+igVlCBljj8UpHaTtoHO7WirsPT9ZkR7
1/XpYnAJe22OKXQWRdzlM247vsJ1CA7Sz20ye182U1wIW0Mgu8YLy+5upPrpNQD5
fkqWzon75BIiaXDVLGifZNvrEXvpjfdN509QREx3OCc4iICh5JKdF/kYhCCN9MdS
9iPtBurf4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org