Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/UDU8Pa3uOujL1w0akg2MLry4Qig.roa
File: UDU8Pa3uOujL1w0akg2MLry4Qig.roa (raw, json)
Hash identifier: KKbTLgoHo1K8c7U1i4ZZNtSs8IVFZkRkKjPhlImrX5Q=
Subject key identifier: 50:35:3C:3D:AD:EE:3A:E8:CB:D7:0D:1A:92:0D:8C:2E:BC:B8:42:28
Certificate issuer: /CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Certificate serial: 019206C5077E6332D6F3F1911B402A1EAC18
Authority key identifier: CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/UDU8Pa3uOujL1w0akg2MLry4Qig.roa
Signing time: Wed 18 Sep 2024 20:13:48 +0000
ROA not before: Wed 18 Sep 2024 20:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212598
IP address blocks: 5.42.202.0/24 maxlen: 24
194.31.59.0/24 maxlen: 24
194.31.64.0/24 maxlen: 24
194.31.79.0/24 maxlen: 24
194.31.87.0/24 maxlen: 24
2a0f:a440::/29 maxlen: 29
2a12:1dc7:fffd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:06:c5:07:7e:63:32:d6:f3:f1:91:1b:40:2a:1e:ac:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Validity
Not Before: Sep 18 20:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50353c3dadee3ae8cbd70d1a920d8c2ebcb84228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:f8:d6:54:cf:d1:40:a7:f6:b5:30:da:4b:
c4:eb:bf:90:ac:cb:c1:c0:db:88:d4:12:36:4d:13:
a5:8d:0f:ef:2c:8e:71:4c:ea:b9:8f:96:af:11:5d:
d7:c1:6c:36:fb:6b:c9:b6:f0:5b:3d:a9:0f:e0:d6:
c1:7c:c6:61:e2:4e:25:52:2e:26:35:dd:ea:3a:2c:
61:93:53:29:78:19:dc:4b:e4:b0:9f:56:4a:b2:10:
b9:78:4b:1f:c0:e6:c4:7c:ac:10:de:58:4a:6a:17:
9e:40:32:a6:46:3d:91:5c:49:1d:98:ea:c6:e6:c7:
25:6b:28:21:4b:4e:98:af:28:93:4f:1d:27:c6:30:
b4:09:70:83:d8:e7:8a:79:0e:38:1b:30:c5:ce:09:
d1:07:31:ad:68:9d:3a:36:0a:f8:31:3f:41:aa:9f:
45:41:97:b1:5c:91:b3:bb:e9:58:8d:ab:37:7c:b7:
07:fa:41:cd:e2:28:dd:c9:af:f4:1c:1a:c4:eb:01:
29:f9:5a:41:77:4b:03:e9:32:9d:11:22:99:f4:c0:
0b:57:8e:6c:3e:a7:05:89:e6:7c:ec:0a:ed:b0:47:
43:f4:77:a0:a0:6c:26:5e:15:a3:37:27:a5:06:9d:
ad:82:f9:a2:64:18:54:1b:86:21:58:cd:de:5d:ea:
0c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:35:3C:3D:AD:EE:3A:E8:CB:D7:0D:1A:92:0D:8C:2E:BC:B8:42:28
X509v3 Authority Key Identifier:
keyid:CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/UDU8Pa3uOujL1w0akg2MLry4Qig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/zxCtkS75QqrLTRCt05kDxun7sDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.202.0/24
194.31.59.0/24
194.31.64.0/24
194.31.79.0/24
194.31.87.0/24
IPv6:
2a0f:a440::/29
2a12:1dc7:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
33:c2:74:d2:15:cf:d5:8c:fe:8e:1e:c4:eb:62:ad:d4:11:f7:
5e:11:6f:17:40:5a:39:75:67:61:a7:30:5f:b6:08:e1:31:99:
f0:b6:b4:5c:15:07:80:8a:4b:07:49:a5:df:57:4e:e1:bd:a6:
30:b2:7f:f3:45:4d:b0:e7:93:37:b6:15:7d:15:83:02:90:c4:
2d:52:1e:fc:a1:a7:8f:61:fe:5e:35:f1:3c:e9:9d:05:1c:bd:
e9:12:9e:a8:67:8f:c4:f4:0f:5e:b4:4e:d1:02:0f:aa:c9:35:
c8:87:cf:f6:ce:33:64:b0:a8:ab:4e:18:80:61:64:1a:a7:17:
42:9c:50:2d:1e:30:f3:e5:1d:90:78:fe:91:5b:05:d1:91:aa:
93:58:98:92:16:1e:2d:a6:41:a3:ff:db:08:0b:5d:48:f5:ed:
2b:71:2b:d8:95:ba:d6:3c:08:5a:e2:4b:5f:ba:88:76:13:44:
28:a5:8d:e3:a8:04:02:ef:bd:e1:5b:9a:ca:d2:92:20:a8:40:
e9:ce:80:ff:3d:aa:18:b8:65:40:08:8a:ab:5c:2c:0d:a9:38:
57:5c:85:bb:39:15:ab:1c:97:3a:7e:c3:0b:3d:2c:1b:66:10:
cf:ff:aa:1e:57:58:1e:a6:cd:b1:06:3a:5e:15:e7:a3:42:0b:
8e:c4:70:8a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZIGxQd+YzLW8/GRG0AqHqwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTBhZDkxMmVmOTQyYWFjYjRkMTBhZGQzOTkwM2M2ZTlm
YmIwM2EwHhcNMjQwOTE4MjAxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM1M2MzZGFkZWUzYWU4Y2JkNzBkMWE5MjBkOGMyZWJjYjg0MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9341lTP0UCn9rUw2kvE67+QrMvB
wNuI1BI2TROljQ/vLI5xTOq5j5avEV3XwWw2+2vJtvBbPakP4NbBfMZh4k4lUi4m
Nd3qOixhk1MpeBncS+Swn1ZKshC5eEsfwObEfKwQ3lhKaheeQDKmRj2RXEkdmOrG
5sclayghS06YryiTTx0nxjC0CXCD2OeKeQ44GzDFzgnRBzGtaJ06Ngr4MT9Bqp9F
QZexXJGzu+lYjas3fLcH+kHN4ijdya/0HBrE6wEp+VpBd0sD6TKdESKZ9MALV45s
PqcFieZ87ArtsEdD9HegoGwmXhWjNyelBp2tgvmiZBhUG4YhWM3eXeoMDwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFA1PD2t7jroy9cNGpINjC68uEIoMB8GA1UdIwQY
MBaAFM8QrZEu+UKqy00QrdOZA8bp+7A6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhDdGtTNzVRcXJMVFJDdDA1a0R4dW43c0RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNjFiNTItMjRmMi00NTM1LTgzODIt
ZTdmZTljNDc2NjBmLzEvVURVOFBhM3VPdWpMMXcwYWtnMk1Mcnk0UWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNjFiNTItMjRmMi00NTM1LTgzODItZTdmZTljNDc2NjBm
LzEvenhDdGtTNzVRcXJMVFJDdDA1a0R4dW43c0RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQABSrKAwQA
wh87AwQAwh9AAwQAwh9PAwQAwh9XMBYEAgACMBADBQMqD6RAAwcAKhIdx//9MA0G
CSqGSIb3DQEBCwUAA4IBAQAzwnTSFc/VjP6OHsTrYq3UEfdeEW8XQFo5dWdhpzBf
tgjhMZnwtrRcFQeAiksHSaXfV07hvaYwsn/zRU2w55M3thV9FYMCkMQtUh78oaeP
Yf5eNfE86Z0FHL3pEp6oZ4/E9A9etE7RAg+qyTXIh8/2zjNksKirThiAYWQapxdC
nFAtHjDz5R2QeP6RWwXRkaqTWJiSFh4tpkGj/9sIC11I9e0rcSvYlbrWPAha4ktf
uoh2E0QopY3jqAQC773hW5rK0pIgqEDpzoD/PaoYuGVACIqrXCwNqThXXIW7ORWr
HJc6fsMLPSwbZhDP/6oeV1geps2xBjpeFeejQguOxHCK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:47 2025 by rpki-client