Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/963192-9b60-4f5f-821e-2e686bc79c0e/1/ULOUH35H2YeB53n8RgUKfPQuprc.roa
File: ULOUH35H2YeB53n8RgUKfPQuprc.roa (raw, json)
Hash identifier: xg0JavN4Ysa7Nrp+HEvsSXmj8u2s3+IN2SHC5idyQRo=
Subject key identifier: 50:B3:94:1F:7E:47:D9:87:81:E7:79:FC:46:05:0A:7C:F4:2E:A6:B7
Certificate issuer: /CN=d592cb39d4f644e4cd0adfd299282e54c3995195
Certificate serial: 01856C93A118B059AB67F47F1F753970F36E
Authority key identifier: D5:92:CB:39:D4:F6:44:E4:CD:0A:DF:D2:99:28:2E:54:C3:99:51:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ZLLOdT2ROTNCt_SmSguVMOZUZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/963192-9b60-4f5f-821e-2e686bc79c0e/1/ULOUH35H2YeB53n8RgUKfPQuprc.roa
Signing time: Sun 01 Jan 2023 09:04:52 +0000
ROA not before: Sun 01 Jan 2023 09:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 185.240.242.0/24 maxlen: 24
185.240.242.0/23 maxlen: 23
185.240.243.0/24 maxlen: 24
185.240.241.0/24 maxlen: 24
84.252.122.0/24 maxlen: 24
84.252.123.0/24 maxlen: 24
84.252.120.0/24 maxlen: 24
84.252.121.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
185.230.163.0/24 maxlen: 24
185.230.161.0/24 maxlen: 24
185.230.162.0/24 maxlen: 24
2a0c:2500::/32 maxlen: 32
2a09:6302::/32 maxlen: 32
2a09:6301::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:a1:18:b0:59:ab:67:f4:7f:1f:75:39:70:f3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d592cb39d4f644e4cd0adfd299282e54c3995195
Validity
Not Before: Jan 1 09:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50b3941f7e47d98781e779fc46050a7cf42ea6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:99:7b:b1:24:62:ba:21:72:34:a5:a4:ae:e8:
10:44:18:3a:7c:2e:d7:a3:b0:f4:62:6d:e1:cd:ae:
42:1a:3a:4a:91:2b:1c:3f:f0:56:da:9f:6a:37:38:
83:94:ea:02:f0:46:61:03:b8:a5:cf:41:9e:6b:94:
88:4f:85:7d:fb:9b:8e:cc:46:4f:fa:4e:9e:17:e1:
63:30:34:26:64:77:99:a2:59:c0:de:06:62:32:cc:
fb:54:a9:1d:ed:60:8a:bc:4a:db:8c:91:1a:a6:82:
6b:a3:ac:ea:52:65:16:66:8e:38:d4:d5:41:59:f4:
85:94:2c:59:28:70:2a:62:7d:c0:69:35:2e:c5:56:
c8:60:83:4a:be:93:dd:a1:a9:9b:c7:f5:bc:c2:13:
98:48:ec:c3:ab:ee:67:d7:ab:d3:58:ea:8f:64:16:
82:43:38:d7:8a:af:b1:5c:52:b0:f0:e8:5a:7d:bb:
87:c0:60:d7:39:06:b9:77:d2:da:8e:c1:f3:10:fd:
46:c7:3d:27:0c:8c:f5:de:fc:22:96:51:7c:b7:2d:
9c:6b:2a:e2:36:b2:aa:0a:0d:34:aa:61:51:69:68:
53:75:32:34:ac:1d:e2:4a:de:d2:71:62:06:c4:05:
86:3a:e7:9d:46:e5:14:48:9f:40:f1:a8:83:f9:3c:
31:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B3:94:1F:7E:47:D9:87:81:E7:79:FC:46:05:0A:7C:F4:2E:A6:B7
X509v3 Authority Key Identifier:
keyid:D5:92:CB:39:D4:F6:44:E4:CD:0A:DF:D2:99:28:2E:54:C3:99:51:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ZLLOdT2ROTNCt_SmSguVMOZUZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/963192-9b60-4f5f-821e-2e686bc79c0e/1/ULOUH35H2YeB53n8RgUKfPQuprc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/963192-9b60-4f5f-821e-2e686bc79c0e/1/1ZLLOdT2ROTNCt_SmSguVMOZUZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.120.0/22
185.230.160.0/22
185.240.241.0-185.240.243.255
IPv6:
2a09:6301::-2a09:6302:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:2500::/32
Signature Algorithm: sha256WithRSAEncryption
9a:9a:cc:f6:70:0c:5e:23:67:5c:95:f1:00:63:e6:d3:9c:09:
57:60:c8:33:91:64:a0:a2:79:4d:b9:5c:94:55:bc:cd:23:bb:
07:4b:59:53:15:a7:b5:36:b9:78:47:c5:6e:92:68:64:64:13:
65:6e:19:f3:7e:7d:99:14:90:a1:e8:cb:d7:0b:64:98:f2:af:
5e:a3:bb:35:1a:bc:b6:51:99:90:f5:70:5a:a7:9e:0f:ec:0f:
03:d6:d0:40:62:25:24:06:37:af:df:d7:18:ad:a5:38:42:96:
99:60:56:50:9e:51:44:25:22:66:a7:0c:06:cc:2c:3a:4e:f0:
53:3a:37:03:23:18:bb:1e:2c:ab:c3:c7:5d:c1:69:7b:e4:55:
26:5a:cf:b0:76:b2:fd:7c:ba:5d:e3:8e:0c:32:66:fb:d4:6a:
89:c6:fd:ec:98:08:c2:80:e8:c5:a2:61:28:ce:96:6c:e7:b3:
f7:62:94:60:4d:d6:e3:61:85:87:15:b0:d6:46:e9:11:1a:6a:
f7:a9:a5:1b:32:df:82:03:d1:ea:f7:68:b4:d1:75:6f:13:78:
9a:84:be:ec:14:5e:c7:88:a7:e1:9d:c3:8b:18:b4:8b:e1:13:
eb:8b:d2:8a:31:7f:ba:b3:18:7c:74:03:a6:03:02:4f:5e:5c:
b5:8d:d0:1c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVsk6EYsFmrZ/R/H3U5cPNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OTJjYjM5ZDRmNjQ0ZTRjZDBhZGZkMjk5MjgyZTU0YzM5
OTUxOTUwHhcNMjMwMTAxMDkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGIzOTQxZjdlNDdkOTg3ODFlNzc5ZmM0NjA1MGE3Y2Y0MmVhNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5l7sSRiuiFyNKWkrugQRBg6fC7X
o7D0Ym3hza5CGjpKkSscP/BW2p9qNziDlOoC8EZhA7ilz0Gea5SIT4V9+5uOzEZP
+k6eF+FjMDQmZHeZolnA3gZiMsz7VKkd7WCKvErbjJEapoJro6zqUmUWZo441NVB
WfSFlCxZKHAqYn3AaTUuxVbIYINKvpPdoambx/W8whOYSOzDq+5n16vTWOqPZBaC
QzjXiq+xXFKw8OhafbuHwGDXOQa5d9LajsHzEP1Gxz0nDIz13vwillF8ty2cayri
NrKqCg00qmFRaWhTdTI0rB3iSt7ScWIGxAWGOuedRuUUSJ9A8aiD+TwxCwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFCzlB9+R9mHged5/EYFCnz0Lqa3MB8GA1UdIwQY
MBaAFNWSyznU9kTkzQrf0pkoLlTDmVGVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVpMTE9kVDJST1ROQ3RfU21TZ3VWTU9aVVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85NjMxOTItOWI2MC00ZjVmLTgyMWUt
MmU2ODZiYzc5YzBlLzEvVUxPVUgzNUgyWWVCNTNuOFJnVUtmUFF1cHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85NjMxOTItOWI2MC00ZjVmLTgyMWUtMmU2ODZiYzc5YzBl
LzEvMVpMTE9kVDJST1ROQ3RfU21TZ3VWTU9aVVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAgBAIAATAaAwQCVPx4AwQC
ueagMAwDBAC58PEDBAK58PAwHQQCAAIwFzAOAwUAKgljAQMFACoJYwIDBQAqDCUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCamsz2cAxeI2dclfEAY+bTnAlXYMgzkWSgonlN
uVyUVbzNI7sHS1lTFae1Nrl4R8VukmhkZBNlbhnzfn2ZFJCh6MvXC2SY8q9eo7s1
Gry2UZmQ9XBap54P7A8D1tBAYiUkBjev39cYraU4QpaZYFZQnlFEJSJmpwwGzCw6
TvBTOjcDIxi7Hiyrw8ddwWl75FUmWs+wdrL9fLpd444MMmb71GqJxv3smAjCgOjF
omEozpZs57P3YpRgTdbjYYWHFbDWRukRGmr3qaUbMt+CA9Hq92i00XVvE3iahL7s
FF7HiKfhncOLGLSL4RPri9KKMX+6sxh8dAOmAwJPXly1jdAc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org