Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/Qj4qlYy8CJV3NXg9Y0C6zbSFEyk.roa
File: Qj4qlYy8CJV3NXg9Y0C6zbSFEyk.roa (raw, json)
Hash identifier: hs6cUD11RmGlxUd6dxL2rA7iDq00D23k+kVQl638blc=
Subject key identifier: 42:3E:2A:95:8C:BC:08:95:77:35:78:3D:63:40:BA:CD:B4:85:13:29
Certificate issuer: /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial: 018CC348DBDBE7BB21A5DC06F886377B4D5F
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/Qj4qlYy8CJV3NXg9Y0C6zbSFEyk.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46805
IP address blocks: 104.160.0.0/24 maxlen: 24
104.160.5.0/24 maxlen: 24
104.160.8.0/24 maxlen: 24
104.160.23.0/24 maxlen: 24
104.160.24.0/24 maxlen: 24
104.160.22.0/24 maxlen: 24
104.160.25.0/24 maxlen: 24
104.160.27.0/24 maxlen: 24
104.160.26.0/24 maxlen: 24
23.92.112.0/24 maxlen: 24
23.92.114.0/24 maxlen: 24
23.92.113.0/24 maxlen: 24
192.40.95.0/24 maxlen: 24
107.150.80.0/24 maxlen: 24
107.150.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:db:db:e7:bb:21:a5:dc:06:f8:86:37:7b:4d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6327607563493337687ad69ce1064e636265be3f
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=423e2a958cbc08957735783d6340bacdb4851329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3f:8d:3a:bb:5c:41:d0:d1:52:44:46:48:c3:
e1:bb:ab:08:59:19:4e:ef:e4:cd:2e:7f:e8:c5:0f:
ca:ef:d8:4b:bb:47:2a:88:32:5d:59:67:48:4f:7b:
a7:f3:62:e4:49:a5:b1:05:9e:e1:8f:51:25:ef:35:
31:0a:d4:0e:06:42:d7:f6:4f:3d:5a:8f:43:4a:e4:
7e:03:a6:d4:ed:b0:86:21:40:09:e1:62:f6:fc:36:
2c:4e:03:81:48:57:9f:02:39:2b:68:b1:f9:f1:c8:
84:d2:cc:77:6f:8a:9c:5a:6f:e5:05:97:c1:b9:a7:
35:af:f2:7c:66:20:2a:0f:ed:73:e6:ec:14:18:33:
06:87:b1:5c:2c:bc:c8:e2:39:5c:40:92:0e:90:60:
93:48:9b:ab:f1:dc:c3:71:fd:e4:3a:02:07:93:76:
6d:3c:74:61:25:91:74:7f:2e:cb:48:f8:55:bd:9c:
2f:23:4f:ed:97:fd:7d:51:3e:32:6f:fb:24:2c:8c:
c5:a8:2d:e0:ac:6f:63:65:4d:06:09:7d:85:19:ac:
ad:0b:8b:0d:5e:de:f0:98:1f:ab:f3:d9:8d:7c:fc:
07:91:52:99:4f:59:7f:58:15:2f:d3:e7:df:b8:13:
d0:c7:42:19:aa:e6:d0:ca:aa:d7:88:bb:ee:17:7d:
7b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3E:2A:95:8C:BC:08:95:77:35:78:3D:63:40:BA:CD:B4:85:13:29
X509v3 Authority Key Identifier:
keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/Qj4qlYy8CJV3NXg9Y0C6zbSFEyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.92.112.0-23.92.114.255
104.160.0.0/24
104.160.5.0/24
104.160.8.0/24
104.160.22.0-104.160.27.255
107.150.80.0/24
107.150.92.0/24
192.40.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:5a:23:14:5e:8e:89:cc:47:fd:ad:a3:7f:66:5c:fa:62:67:
85:30:2c:6e:cf:d4:2b:57:61:97:bb:98:42:db:80:54:8e:bc:
16:d3:13:07:6b:59:8f:26:28:f5:f0:f2:60:3d:4a:b1:a7:8d:
5b:d4:e5:5b:b9:44:a6:d7:21:37:f1:0d:e6:28:3e:6a:af:ce:
2b:05:fe:a9:dc:30:87:ae:01:b3:38:8f:1a:2c:6a:c2:1b:30:
d1:19:22:6d:80:00:92:44:3a:7c:a3:c9:62:0c:16:ce:66:15:
0c:0c:ef:7c:b8:2a:e5:e6:03:ab:fe:40:1a:5c:a6:48:3e:39:
26:70:e9:54:55:8a:f8:7a:4e:3d:fd:e0:e0:ec:79:95:2b:e4:
0e:f9:81:f9:11:5e:78:05:43:a9:24:e1:8b:1e:b5:8b:b1:ef:
a3:2b:3c:35:43:0f:58:00:88:a2:b6:eb:11:fb:54:91:ab:ea:
25:83:a8:ee:51:04:60:1f:f9:33:cd:78:ca:0d:7d:7a:ea:00:
fc:e3:3a:b1:3c:71:ea:4a:df:fb:1c:9f:8a:85:6a:e8:72:8c:
07:99:17:03:f6:2d:21:56:a9:9d:84:6c:c6:89:e6:7f:f1:8c:
fc:38:40:4e:0a:fb:ce:c0:60:fc:48:29:05:4c:21:b2:0e:b5:
ce:45:ad:86
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzDSNvb57shpdwG+IY3e01fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNlMmE5NThjYmMwODk1NzczNTc4M2Q2MzQwYmFjZGI0ODUxMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT+NOrtcQdDRUkRGSMPhu6sIWRlO
7+TNLn/oxQ/K79hLu0cqiDJdWWdIT3un82LkSaWxBZ7hj1El7zUxCtQOBkLX9k89
Wo9DSuR+A6bU7bCGIUAJ4WL2/DYsTgOBSFefAjkraLH58ciE0sx3b4qcWm/lBZfB
uac1r/J8ZiAqD+1z5uwUGDMGh7FcLLzI4jlcQJIOkGCTSJur8dzDcf3kOgIHk3Zt
PHRhJZF0fy7LSPhVvZwvI0/tl/19UT4yb/skLIzFqC3grG9jZU0GCX2FGaytC4sN
Xt7wmB+r89mNfPwHkVKZT1l/WBUv0+ffuBPQx0IZqubQyqrXiLvuF317/wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEI+KpWMvAiVdzV4PWNAus20hRMpMB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEvUWo0cWxZeThDSlYzTlhnOVkwQzZ6YlNGRXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAQXXHAD
BAAXXHIDBABooAADBABooAUDBABooAgwDAMEAWigFgMEAmigGAMEAGuWUAMEAGuW
XAMEAMAoXzANBgkqhkiG9w0BAQsFAAOCAQEAbVojFF6OicxH/a2jf2Zc+mJnhTAs
bs/UK1dhl7uYQtuAVI68FtMTB2tZjyYo9fDyYD1KsaeNW9TlW7lEptchN/EN5ig+
aq/OKwX+qdwwh64BsziPGixqwhsw0RkibYAAkkQ6fKPJYgwWzmYVDAzvfLgq5eYD
q/5AGlymSD45JnDpVFWK+HpOPf3g4Ox5lSvkDvmB+RFeeAVDqSThix61i7Hvoys8
NUMPWACIorbrEftUkavqJYOo7lEEYB/5M814yg19euoA/OM6sTxx6krf+xyfioVq
6HKMB5kXA/YtIVapnYRsxonmf/GM/DhATgr7zsBg/EgpBUwhsg61zkWthg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org