Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YlVhlwxK5qSKbS2BV2VVyYiN9M0.roa
File: YlVhlwxK5qSKbS2BV2VVyYiN9M0.roa (raw, json)
Hash identifier: S8WJ+bO0VhbocvKV9Gk/0m1JVC5Yh2tqG9spOHcb+Qo=
Subject key identifier: 62:55:61:97:0C:4A:E6:A4:8A:6D:2D:81:57:65:55:C9:88:8D:F4:CD
Certificate issuer: /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial: 018C4AF504AF37E5A43FDFCF37E86B13E5F8
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YlVhlwxK5qSKbS2BV2VVyYiN9M0.roa
Signing time: Fri 08 Dec 2023 19:43:40 +0000
ROA not before: Fri 08 Dec 2023 19:43:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41564
IP address blocks: 23.92.127.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.153.236.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
2a02:5740::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:22::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:f5:04:af:37:e5:a4:3f:df:cf:37:e8:6b:13:e5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6327607563493337687ad69ce1064e636265be3f
Validity
Not Before: Dec 8 19:43:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=625561970c4ae6a48a6d2d81576555c9888df4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6d:94:e5:96:37:f0:3c:cf:86:2c:35:3c:28:
62:f6:98:1c:23:0c:82:ef:ba:b0:ec:41:2c:22:07:
1f:60:e8:ce:1b:c7:1d:ce:8a:0b:81:e3:3a:96:8e:
40:66:52:bf:0b:cb:61:08:97:f6:37:3b:51:4b:ca:
b8:fe:58:f4:f4:de:21:55:c8:46:6a:ae:8d:f3:e9:
02:8a:c7:1e:9a:a8:1e:3a:c2:33:17:23:02:b8:b7:
be:80:28:11:9d:15:3f:7f:60:69:c8:5c:f8:65:cc:
e5:f6:8d:25:55:b5:53:54:ec:84:ce:e6:c6:3f:df:
da:ec:31:af:43:5e:b1:ff:d9:c9:ca:3a:e0:8a:50:
55:d2:f2:2d:31:f2:78:78:fa:c7:73:b5:de:2e:97:
8c:8f:62:4c:8d:8d:42:5d:4a:8e:e4:5b:af:53:1e:
af:d2:f8:f2:ff:9f:c6:d0:10:d0:1d:7f:20:1f:dc:
88:0d:a8:7f:f0:42:60:a7:1d:ed:13:b0:90:cd:69:
e0:56:e6:dc:d0:eb:79:28:16:51:14:1e:c7:53:8a:
72:91:ba:27:c9:53:b8:a6:5b:9f:71:85:63:4f:89:
1e:d1:33:64:68:e2:4f:a4:40:e2:46:bf:a0:70:1b:
57:54:89:14:68:eb:84:44:62:2a:87:d8:03:a8:aa:
26:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:55:61:97:0C:4A:E6:A4:8A:6D:2D:81:57:65:55:C9:88:8D:F4:CD
X509v3 Authority Key Identifier:
keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YlVhlwxK5qSKbS2BV2VVyYiN9M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.6.0/24
151.237.186.0/24
IPv6:
2a02:5740::/47
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:19:f6:aa:c2:bd:25:3f:01:ad:af:79:10:98:b5:9e:91:07:
d3:ea:0c:f7:63:e5:86:ba:c3:00:56:52:ec:36:60:92:3f:3e:
24:6f:ec:8f:c7:e6:61:94:4f:87:08:2c:9a:f7:54:2f:0d:bb:
9d:b2:df:44:57:1b:dc:55:ef:9c:13:70:7a:85:f4:11:7a:12:
16:47:61:9e:6e:b8:9b:de:1b:df:26:39:8f:79:1e:ec:8e:50:
3b:73:c1:c8:17:e8:5c:45:38:9f:99:4a:27:a8:13:f9:a8:a5:
17:65:5a:7c:3b:a9:1f:ec:72:7a:16:0d:c1:19:ff:80:69:d0:
71:d6:05:da:5d:ea:63:46:3c:c8:fa:4f:87:2b:01:c8:b3:fd:
59:f9:4f:61:81:b6:b2:e5:99:3b:02:5d:ff:7a:3e:ce:7e:04:
06:a2:2a:83:1a:54:31:97:14:da:e3:7b:ab:7d:0c:d2:96:37:
e9:35:e3:2c:2f:7f:43:61:4a:fd:6e:5d:c8:60:cf:56:0b:b4:
9a:01:74:0c:9f:c4:c5:c5:dd:9e:d6:ed:8e:92:a9:74:15:ec:
e2:35:ab:02:9e:03:8f:cf:2d:cf:23:5f:70:3f:fa:e2:0b:01:
6a:71:b6:1d:6c:0d:bb:ee:ed:60:17:12:d6:5f:34:fc:e8:90:
8e:66:26:48
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYxK9QSvN+WkP9/PN+hrE+X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjMxMjA4MTk0MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjU1NjE5NzBjNGFlNmE0OGE2ZDJkODE1NzY1NTVjOTg4OGRmNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1G2U5ZY38DzPhiw1PChi9pgcIwyC
77qw7EEsIgcfYOjOG8cdzooLgeM6lo5AZlK/C8thCJf2NztRS8q4/lj09N4hVchG
aq6N8+kCiscemqgeOsIzFyMCuLe+gCgRnRU/f2BpyFz4Zczl9o0lVbVTVOyEzubG
P9/a7DGvQ16x/9nJyjrgilBV0vItMfJ4ePrHc7XeLpeMj2JMjY1CXUqO5FuvUx6v
0vjy/5/G0BDQHX8gH9yIDah/8EJgpx3tE7CQzWngVubc0Ot5KBZRFB7HU4pykbon
yVO4plufcYVjT4ke0TNkaOJPpEDiRr+gcBtXVIkUaOuERGIqh9gDqKomIQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGJVYZcMSuakim0tgVdlVcmIjfTNMB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEvWWxWaGx3eEs1cVNLYlMyQlYyVlZ5WWlOOU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB4BAIAATByAwQABZns
AwQABZnvAwQABZ0IMAwDBAAFnQ0DBAAFnQ4DBAAFnREDBAAFnRYDBAAFnRswDAME
AAWdKQMEAAWdKgMEAAWdLQMEAAWdODAMAwQBBZ06AwQGBZ0AAwQAF1x/AwQAaKAC
AwQAaKAGAwQAl+26MDUEAgACMC8DBwEqAldAAAADBwAqAldAABEDBwAqAldAABgw
EgMHACoCV0AAIQMHACoCV0AAIjANBgkqhkiG9w0BAQsFAAOCAQEAUBn2qsK9JT8B
ra95EJi1npEH0+oM92PlhrrDAFZS7DZgkj8+JG/sj8fmYZRPhwgsmvdULw27nbLf
RFcb3FXvnBNweoX0EXoSFkdhnm64m94b3yY5j3ke7I5QO3PByBfoXEU4n5lKJ6gT
+ailF2VafDupH+xyehYNwRn/gGnQcdYF2l3qY0Y8yPpPhysByLP9WflPYYG2suWZ
OwJd/3o+zn4EBqIqgxpUMZcU2uN7q30M0pY36TXjLC9/Q2FK/W5dyGDPVgu0mgF0
DJ/ExcXdntbtjpKpdBXs4jWrAp4Dj88tzyNfcD/64gsBanG2HWwNu+7tYBcS1l80
/OiQjmYmSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org