Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/xpufFsfaSuCYydx4Bg9F5xo4ScI.roa
File: xpufFsfaSuCYydx4Bg9F5xo4ScI.roa (raw, json)
Hash identifier: D5z2TdeLMyq8Kh2uG9EsFbp8Kedoe1+7nxhz3VXI1lI=
Subject key identifier: C6:9B:9F:16:C7:DA:4A:E0:98:C9:DC:78:06:0F:45:E7:1A:38:49:C2
Certificate issuer: /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial: 018C4AF505398F8272F6561966F43181B196
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/xpufFsfaSuCYydx4Bg9F5xo4ScI.roa
Signing time: Fri 08 Dec 2023 19:43:40 +0000
ROA not before: Fri 08 Dec 2023 19:43:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48950
IP address blocks: 104.160.4.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:f5:05:39:8f:82:72:f6:56:19:66:f4:31:81:b1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6327607563493337687ad69ce1064e636265be3f
Validity
Not Before: Dec 8 19:43:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c69b9f16c7da4ae098c9dc78060f45e71a3849c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:8d:44:61:de:fa:78:82:c1:73:c5:2f:e0:
85:86:3a:db:16:57:cc:84:b4:04:cb:06:41:a4:ef:
b4:6e:bc:b3:7f:5a:ab:35:8c:fd:c9:5a:37:55:47:
6f:9b:be:74:e7:55:60:34:94:a1:a0:6a:00:4b:70:
a7:6f:e9:f7:17:ac:33:d4:b9:6d:32:b0:30:10:06:
70:82:bc:b5:52:58:f4:91:1f:8c:0e:83:d9:e9:04:
f7:da:7a:ac:f2:b3:cd:83:75:3d:78:4b:3f:22:29:
23:f1:06:fe:ca:7e:4b:6f:01:70:5f:26:19:65:c5:
f5:8e:61:cf:80:23:99:18:cf:90:13:5a:76:5f:d0:
10:29:db:0a:d1:b9:f4:b1:a8:44:f5:61:db:42:cb:
33:da:bb:f3:8a:b5:84:8f:f9:88:17:9b:3a:4a:ff:
fd:25:7d:99:7b:50:c9:55:c5:4b:64:d9:99:3d:5e:
17:3a:f8:31:66:bb:70:27:b0:ca:76:17:ee:c5:56:
3f:cc:85:54:db:9a:31:de:37:74:18:ec:75:6e:44:
d2:91:07:b9:8d:53:e5:bd:48:29:e8:b6:df:82:86:
e0:55:bf:6d:2e:a4:26:2f:7a:fb:b4:20:3e:00:83:
25:ad:7b:a2:51:b3:d1:84:e4:34:28:01:c5:76:f7:
fa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9B:9F:16:C7:DA:4A:E0:98:C9:DC:78:06:0F:45:E7:1A:38:49:C2
X509v3 Authority Key Identifier:
keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/xpufFsfaSuCYydx4Bg9F5xo4ScI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.160.4.0/24
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
15:32:3d:f4:3f:a5:27:bf:6b:c8:52:c9:77:e9:17:c4:3f:db:
9e:78:57:23:73:23:45:c5:a3:9f:bd:0d:f1:92:f6:2b:b5:b7:
cc:6f:da:0c:53:22:b5:7f:41:26:c6:48:b2:c5:cb:81:40:ef:
7b:d2:65:54:75:3f:75:ac:0a:2d:cb:7e:a8:1a:0d:e6:4b:57:
04:13:46:ef:6b:02:4c:dc:14:bb:37:5d:00:a6:82:af:5a:e8:
b0:2c:71:b8:e0:55:28:d3:6d:f6:d5:69:24:bf:85:22:98:9b:
bf:7d:13:e7:f2:e8:81:48:71:67:c9:ad:5f:2f:08:de:a2:14:
c4:40:99:38:78:d2:a1:a4:8b:7d:74:e2:3d:e8:ef:f4:f4:11:
3e:59:39:f9:e9:ce:cb:40:fc:6b:0e:f9:6a:a1:c4:db:d9:b5:
18:71:18:f4:44:a6:9a:73:e9:6d:69:ec:29:1c:d4:77:da:bd:
64:28:8f:47:90:0f:2a:9a:49:62:cc:00:37:e6:8e:73:e6:f1:
1b:5f:1f:32:de:95:9b:4c:f7:db:f6:0d:c8:5b:46:57:02:28:
e6:ac:8c:9e:04:5c:82:5c:02:22:5f:13:38:5a:c1:92:54:59:
92:b0:42:b9:8c:85:ed:e7:87:b4:2f:5b:e6:0f:86:46:00:34:
84:0b:7d:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxK9QU5j4Jy9lYZZvQxgbGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjMxMjA4MTk0MzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjliOWYxNmM3ZGE0YWUwOThjOWRjNzgwNjBmNDVlNzFhMzg0OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcGNRGHe+niCwXPFL+CFhjrbFlfM
hLQEywZBpO+0bryzf1qrNYz9yVo3VUdvm75051VgNJShoGoAS3Cnb+n3F6wz1Llt
MrAwEAZwgry1Ulj0kR+MDoPZ6QT32nqs8rPNg3U9eEs/Iikj8Qb+yn5LbwFwXyYZ
ZcX1jmHPgCOZGM+QE1p2X9AQKdsK0bn0sahE9WHbQssz2rvzirWEj/mIF5s6Sv/9
JX2Ze1DJVcVLZNmZPV4XOvgxZrtwJ7DKdhfuxVY/zIVU25ox3jd0GOx1bkTSkQe5
jVPlvUgp6LbfgobgVb9tLqQmL3r7tCA+AIMlrXuiUbPRhOQ0KAHFdvf6nwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMabnxbH2krgmMnceAYPRecaOEnCMB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEveHB1ZkZzZmFTdUNZeWR4NEJnOUY1eG80U2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAaKAEAwQA
aKAKAwQAnt4DAwQAnt4FAwQAnt4HMA0GCSqGSIb3DQEBCwUAA4IBAQAVMj30P6Un
v2vIUsl36RfEP9ueeFcjcyNFxaOfvQ3xkvYrtbfMb9oMUyK1f0EmxkiyxcuBQO97
0mVUdT91rAoty36oGg3mS1cEE0bvawJM3BS7N10ApoKvWuiwLHG44FUo02321Wkk
v4UimJu/fRPn8uiBSHFnya1fLwjeohTEQJk4eNKhpIt9dOI96O/09BE+WTn56c7L
QPxrDvlqocTb2bUYcRj0RKaac+ltaewpHNR32r1kKI9HkA8qmklizAA35o5z5vEb
Xx8y3pWbTPfb9g3IW0ZXAijmrIyeBFyCXAIiXxM4WsGSVFmSsEK5jIXt54e0L1vm
D4ZGADSEC32W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:25 2024 by rpki-client on console-fra.rpki-client.org