Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/Cvjl2Bt7rKx7721_Gkq0GHjdYQM.roa
File: Cvjl2Bt7rKx7721_Gkq0GHjdYQM.roa (raw, json)
Hash identifier: 3aAciS9S9SkGBxw1DW9Xutmese0bqO1v/6B8YnOiuR4=
Subject key identifier: 0A:F8:E5:D8:1B:7B:AC:AC:7B:EF:6D:7F:1A:4A:B4:18:78:DD:61:03
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 018CF87A67CAF2B71435FF09865BB2E015D4
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/Cvjl2Bt7rKx7721_Gkq0GHjdYQM.roa
Signing time: Thu 11 Jan 2024 12:23:40 +0000
ROA not before: Thu 11 Jan 2024 12:23:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.166.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.172.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/24 maxlen: 24
151.236.176.0/24 maxlen: 24
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.173.0/24 maxlen: 24
151.236.174.0/24 maxlen: 24
151.236.175.0/24 maxlen: 24
151.236.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:7a:67:ca:f2:b7:14:35:ff:09:86:5b:b2:e0:15:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Jan 11 12:23:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0af8e5d81b7bacac7bef6d7f1a4ab41878dd6103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1d:33:9f:35:2e:25:07:ae:c6:c7:e6:7e:aa:
47:0b:5a:c5:bf:84:a9:cf:4c:a3:5e:6f:12:10:cc:
a5:35:19:47:56:b2:a8:81:e2:e1:00:bd:47:28:43:
c7:3f:1c:d1:e9:16:37:6f:48:28:5e:90:d7:74:a3:
f4:65:01:c2:12:e8:b1:ba:ff:57:f1:ca:0d:dc:b0:
dc:09:06:d4:bc:99:84:57:d0:0b:c1:a8:39:9a:48:
1e:9b:cf:f2:44:b2:73:56:62:55:1b:05:39:fa:c5:
fb:da:0d:90:17:d9:b0:f4:1b:5e:60:6a:44:f5:b9:
b7:05:4a:a0:6d:8c:58:c4:b0:80:f3:62:b2:6b:44:
b8:9f:a3:e2:8c:58:2f:b4:07:8c:f9:71:37:1e:9c:
db:8f:67:96:e5:22:61:11:c0:1a:b5:0b:4b:d6:b3:
a1:44:80:02:48:f2:d0:6d:54:5a:64:7d:6b:3b:82:
0b:f2:53:06:de:82:c4:b2:5a:ea:bc:4a:1e:14:ba:
54:b6:56:f7:d4:3e:17:85:f8:8a:c2:82:cb:d8:a7:
35:d7:66:54:b1:39:4a:39:4d:1d:44:ad:c4:1c:d0:
c5:f1:95:af:ec:06:83:7b:00:7d:4c:7b:f9:20:23:
ae:ea:17:52:46:0a:5b:89:17:43:0e:80:98:f0:04:
97:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F8:E5:D8:1B:7B:AC:AC:7B:EF:6D:7F:1A:4A:B4:18:78:DD:61:03
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/Cvjl2Bt7rKx7721_Gkq0GHjdYQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.236.160.0-151.236.169.255
151.236.172.0-151.236.176.255
151.236.178.0/23
151.236.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:42:58:c5:5b:6e:cb:55:f6:f4:12:12:eb:de:aa:24:63:cc:
4e:a0:d1:34:fc:8b:7d:1f:ff:63:df:8f:0b:d1:2d:4a:a6:7c:
b3:80:66:c5:4e:e4:7c:33:56:9c:a8:ab:73:cb:db:12:94:76:
a8:0f:f5:d7:63:de:71:5c:f3:ee:92:aa:cc:a4:dd:0e:b2:ee:
01:7e:eb:dd:c7:2d:ba:d9:9b:73:e9:e4:4e:a4:30:26:3c:d2:
9d:53:60:f5:de:f0:19:1a:85:d7:fb:0a:96:e6:07:2e:5e:fa:
d3:aa:04:7f:5d:2f:13:7d:25:14:65:77:45:25:fa:70:04:30:
69:4c:b9:57:45:ff:3b:5d:a9:b1:43:2c:c7:eb:83:d0:65:f8:
40:a8:4e:1a:19:f0:7b:5e:aa:4e:2a:03:46:91:b7:52:d7:62:
71:fe:34:d8:63:85:60:01:fb:e7:87:8c:8f:ea:dd:67:e7:9d:
bf:d3:ff:7b:b9:b0:80:02:9d:de:87:4c:43:24:e4:05:ac:c6:
8a:84:39:02:e5:fe:06:75:23:4d:e4:43:93:5f:25:7e:85:1c:
33:ef:35:ca:ab:ce:4c:2b:1c:f8:7c:d3:54:5b:76:f9:9e:f4:
6d:29:06:4f:a9:ff:a4:ae:3d:87:5e:5b:e4:47:64:f5:7d:ba:
4d:91:b6:60
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYz4emfK8rcUNf8Jhluy4BXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjQwMTExMTIyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY4ZTVkODFiN2JhY2FjN2JlZjZkN2YxYTRhYjQxODc4ZGQ2MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR0znzUuJQeuxsfmfqpHC1rFv4Sp
z0yjXm8SEMylNRlHVrKogeLhAL1HKEPHPxzR6RY3b0goXpDXdKP0ZQHCEuixuv9X
8coN3LDcCQbUvJmEV9ALwag5mkgem8/yRLJzVmJVGwU5+sX72g2QF9mw9BteYGpE
9bm3BUqgbYxYxLCA82Kya0S4n6PijFgvtAeM+XE3Hpzbj2eW5SJhEcAatQtL1rOh
RIACSPLQbVRaZH1rO4IL8lMG3oLEslrqvEoeFLpUtlb31D4XhfiKwoLL2Kc112ZU
sTlKOU0dRK3EHNDF8ZWv7AaDewB9THv5ICOu6hdSRgpbiRdDDoCY8ASXBQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAr45dgbe6yse+9tfxpKtBh43WEDMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvQ3ZqbDJCdDdyS3g3NzIxX0drcTBHSGpkWVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAWX7KAD
BAGX7KgwDAMEApfsrAMEAJfssAMEAZfssgMEAJfstTANBgkqhkiG9w0BAQsFAAOC
AQEATEJYxVtuy1X29BIS696qJGPMTqDRNPyLfR//Y9+PC9EtSqZ8s4BmxU7kfDNW
nKirc8vbEpR2qA/112PecVzz7pKqzKTdDrLuAX7r3cctutmbc+nkTqQwJjzSnVNg
9d7wGRqF1/sKluYHLl7606oEf10vE30lFGV3RSX6cAQwaUy5V0X/O12psUMsx+uD
0GX4QKhOGhnwe16qTioDRpG3Utdicf402GOFYAH754eMj+rdZ+edv9P/e7mwgAKd
3odMQyTkBazGioQ5AuX+BnUjTeRDk18lfoUcM+81yqvOTCsc+HzTVFt2+Z70bSkG
T6n/pK49h15b5Edk9X26TZG2YA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:16 2025 by rpki-client