Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/LUyjz5khkwF0up_SKtv4Oh6tO7Q.roa
File: LUyjz5khkwF0up_SKtv4Oh6tO7Q.roa (raw, json)
Hash identifier: rBnLOroG+8zcnjSq90aHGH7YJtrPhERWyt49grALMsE=
Subject key identifier: 2D:4C:A3:CF:99:21:93:01:74:BA:9F:D2:2A:DB:F8:3A:1E:AD:3B:B4
Certificate issuer: /CN=591a0fef1efbaeedb3d28d439f3d5ccfadfd8873
Certificate serial: 0194214433588ECECD8E04AE2F3EFEE8731F
Authority key identifier: 59:1A:0F:EF:1E:FB:AE:ED:B3:D2:8D:43:9F:3D:5C:CF:AD:FD:88:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/LUyjz5khkwF0up_SKtv4Oh6tO7Q.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44869
IP address blocks: 5.103.0.0/16 maxlen: 16
5.186.0.0/16 maxlen: 16
37.122.240.0/21 maxlen: 21
46.21.32.0/20 maxlen: 20
77.33.0.0/16 maxlen: 16
78.143.64.0/18 maxlen: 18
80.71.64.0/19 maxlen: 19
80.208.0.0/17 maxlen: 17
80.209.0.0/17 maxlen: 17
87.104.0.0/18 maxlen: 18
89.239.192.0/18 maxlen: 18
185.202.8.0/22 maxlen: 22
212.178.160.0/19 maxlen: 19
2a02:17c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:33:58:8e:ce:cd:8e:04:ae:2f:3e:fe:e8:73:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=591a0fef1efbaeedb3d28d439f3d5ccfadfd8873
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d4ca3cf9921930174ba9fd22adbf83a1ead3bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:c7:c5:03:e7:1c:67:71:d6:9f:57:ca:5b:
31:56:76:0e:05:4e:3d:25:d1:05:b7:2d:16:f1:bf:
4b:0a:e5:e8:b6:23:fc:ac:8c:60:fa:09:87:3b:02:
5a:3f:40:6c:6a:a2:bc:6f:53:91:bd:54:10:9a:02:
af:8d:c3:07:56:8a:aa:e6:9d:b0:aa:04:6b:a3:1d:
5b:69:7e:3e:d2:b6:0d:6a:f5:95:02:1d:09:a7:10:
58:a9:85:a2:cc:a3:c9:0b:2e:05:0e:1b:cb:5a:2d:
24:03:3e:d6:64:b7:14:f6:2b:d3:ae:89:f8:8d:58:
22:69:f3:fe:e1:ce:38:45:7f:ca:09:1d:7a:29:f4:
b3:12:7f:97:4c:92:e0:9c:85:31:2f:79:e1:19:01:
a8:99:45:b3:ef:67:b2:bd:d1:7e:89:d4:1b:32:fb:
d5:ea:cf:05:f8:8f:1d:e2:8f:a0:ec:f2:7a:be:4c:
6b:02:8d:63:e2:f6:16:06:3f:0d:68:d3:71:fe:92:
54:26:34:e3:af:94:80:dd:4a:c8:e2:a1:50:9f:f8:
e3:c5:ec:94:8d:dd:41:9f:e2:ae:42:45:e1:ce:96:
d2:9f:0a:9b:31:0d:5c:36:8a:7e:de:88:9d:55:6c:
58:4a:44:d8:a5:4e:cb:35:ce:35:eb:a3:d5:c8:6a:
e3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4C:A3:CF:99:21:93:01:74:BA:9F:D2:2A:DB:F8:3A:1E:AD:3B:B4
X509v3 Authority Key Identifier:
keyid:59:1A:0F:EF:1E:FB:AE:ED:B3:D2:8D:43:9F:3D:5C:CF:AD:FD:88:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/LUyjz5khkwF0up_SKtv4Oh6tO7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/WRoP7x77ru2z0o1Dnz1cz639iHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.103.0.0/16
5.186.0.0/16
37.122.240.0/21
46.21.32.0/20
77.33.0.0/16
78.143.64.0/18
80.71.64.0/19
80.208.0.0/17
80.209.0.0/17
87.104.0.0/18
89.239.192.0/18
185.202.8.0/22
212.178.160.0/19
IPv6:
2a02:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
65:7d:92:cb:7f:9b:66:23:14:04:d0:96:85:ae:ea:a7:32:41:
70:81:04:ab:5f:2b:f9:e4:8a:3f:53:34:5c:3a:3f:3d:ca:2b:
65:37:93:1f:b0:c8:1f:ea:45:da:e0:03:63:e9:6e:c1:69:2a:
b1:c1:c4:f6:32:4a:8a:95:32:b6:f5:09:ea:0d:36:5a:60:da:
ae:bd:80:98:9e:6b:d8:8d:3d:0d:6c:96:34:03:5b:ef:fa:a2:
31:7a:91:fe:95:70:ea:fc:45:07:be:15:e8:b9:5d:9d:33:d2:
a6:45:5a:a7:97:03:08:59:96:12:e1:30:f6:5b:1b:33:fd:88:
9b:88:53:67:b4:d0:d1:13:d7:26:b2:31:dd:99:96:72:1d:eb:
d8:b1:a5:d7:22:44:3d:0c:39:55:28:93:3d:f8:f2:0c:0d:7e:
a7:6e:7f:6e:49:49:98:79:20:d4:ec:3f:ed:ae:08:1a:0e:58:
e7:90:03:32:df:8e:40:9d:c7:22:45:94:6c:3e:ba:ea:a4:37:
80:3c:ed:fa:88:90:37:14:a8:d2:47:e6:df:dc:68:8f:94:f4:
28:a5:70:e4:8e:fd:05:21:72:58:7b:4d:18:06:90:19:92:ac:
f2:0d:ec:fa:22:d3:b7:02:6b:08:46:a7:78:89:f0:3c:ed:c9:
ad:93:e8:41
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQhRDNYjs7NjgSuLz7+6HMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MWEwZmVmMWVmYmFlZWRiM2QyOGQ0MzlmM2Q1Y2NmYWRm
ZDg4NzMwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRjYTNjZjk5MjE5MzAxNzRiYTlmZDIyYWRiZjgzYTFlYWQzYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp7HxQPnHGdx1p9XylsxVnYOBU49
JdEFty0W8b9LCuXotiP8rIxg+gmHOwJaP0BsaqK8b1ORvVQQmgKvjcMHVoqq5p2w
qgRrox1baX4+0rYNavWVAh0JpxBYqYWizKPJCy4FDhvLWi0kAz7WZLcU9ivTron4
jVgiafP+4c44RX/KCR16KfSzEn+XTJLgnIUxL3nhGQGomUWz72eyvdF+idQbMvvV
6s8F+I8d4o+g7PJ6vkxrAo1j4vYWBj8NaNNx/pJUJjTjr5SA3UrI4qFQn/jjxeyU
jd1Bn+KuQkXhzpbSnwqbMQ1cNop+3oidVWxYSkTYpU7LNc4166PVyGrjpQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFC1Mo8+ZIZMBdLqf0irb+DoerTu0MB8GA1UdIwQY
MBaAFFkaD+8e+67ts9KNQ589XM+t/YhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1JvUDd4NzdydTJ6MG8xRG56MWN6NjM5aUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMTdiZWUtY2FiNi00MjJmLTg4Y2Mt
YzI2NjRlMzdjMzI3LzEvTFV5ano1a2hrd0YwdXBfU0t0djRPaDZ0TzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMTdiZWUtY2FiNi00MjJmLTg4Y2MtYzI2NjRlMzdjMzI3
LzEvV1JvUDd4NzdydTJ6MG8xRG56MWN6NjM5aUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwMABWcDAwAF
ugMEAyV68AMEBC4VIAMDAE0hAwQGTo9AAwQFUEdAAwQHUNAAAwQHUNEAAwQGV2gA
AwQGWe/AAwQCucoIAwQF1LKgMA0EAgACMAcDBQAqAhfAMA0GCSqGSIb3DQEBCwUA
A4IBAQBlfZLLf5tmIxQE0JaFruqnMkFwgQSrXyv55Io/UzRcOj89yitlN5MfsMgf
6kXa4ANj6W7BaSqxwcT2MkqKlTK29QnqDTZaYNquvYCYnmvYjT0NbJY0A1vv+qIx
epH+lXDq/EUHvhXouV2dM9KmRVqnlwMIWZYS4TD2Wxsz/YibiFNntNDRE9cmsjHd
mZZyHevYsaXXIkQ9DDlVKJM9+PIMDX6nbn9uSUmYeSDU7D/trggaDljnkAMy345A
ncciRZRsPrrqpDeAPO36iJA3FKjSR+bf3GiPlPQopXDkjv0FIXJYe00YBpAZkqzy
Dez6ItO3AmsIRqd4ifA87cmtk+hB
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:53 2025 by rpki-client