Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/cUNS68SUxXpcmouzXkUnm5UI9x0.roa
File: cUNS68SUxXpcmouzXkUnm5UI9x0.roa (raw, json)
Hash identifier: IkyRHDJLkWC6cgKF5/JdVeAGdQWM+bPsz94h4SfaqEw=
Subject key identifier: 71:43:52:EB:C4:94:C5:7A:5C:9A:8B:B3:5E:45:27:9B:95:08:F7:1D
Certificate issuer: /CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Certificate serial: 02A74A20
Authority key identifier: 5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/cUNS68SUxXpcmouzXkUnm5UI9x0.roa
Signing time: Wed 16 Mar 2022 10:50:04 +0000
ROA not before: Wed 16 Mar 2022 10:50:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12886
IP address blocks: 170.81.52.0/22 maxlen: 22
62.204.160.0/19 maxlen: 19
212.118.192.0/19 maxlen: 19
103.192.160.0/22 maxlen: 22
170.84.228.0/22 maxlen: 22
128.65.144.0/21 maxlen: 21
185.88.92.0/22 maxlen: 22
103.234.232.0/22 maxlen: 22
94.101.120.0/22 maxlen: 22
193.23.64.0/19 maxlen: 19
103.51.228.0/22 maxlen: 22
103.76.96.0/22 maxlen: 22
2a02:f90::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44517920 (0x2a74a20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Validity
Not Before: Mar 16 10:50:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=714352ebc494c57a5c9a8bb35e45279b9508f71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:93:e1:32:2f:7b:d9:c9:9f:41:65:4d:2a:9b:
a0:10:22:cd:ea:4b:2a:b5:72:19:58:2d:0a:d2:c8:
7b:52:b9:d2:78:07:d5:3e:43:7e:8b:e7:e5:76:f2:
2b:f7:8c:ff:16:10:5e:1c:86:ce:ba:5f:95:12:e6:
6d:3d:ea:30:e9:bd:03:b8:2e:77:88:91:5f:51:63:
f6:c6:6d:e9:3d:1d:ba:32:1f:e5:a8:59:f3:e5:95:
74:30:18:ba:7d:c9:8a:4a:b6:aa:47:c5:4e:4f:3f:
df:03:06:e8:6d:1d:a8:04:75:92:cc:98:62:4a:bf:
58:2f:46:20:4f:d4:78:27:8d:56:e3:fe:ee:27:8e:
21:86:29:c0:ef:c0:03:ab:00:4f:27:04:6d:9b:4d:
bc:1c:54:25:99:4a:2e:f2:da:a6:11:6d:8d:5c:8c:
e0:16:f1:d1:19:19:e2:38:b4:26:2b:e2:e6:8e:c9:
ff:64:bf:18:99:0b:13:e0:9a:0e:e4:13:ed:6a:fd:
49:40:0d:72:e4:59:2c:3e:17:f6:e9:b3:78:19:6b:
c2:ad:05:9e:64:cc:a7:c7:cd:bc:46:4b:a5:92:2e:
b6:17:cc:31:8f:1c:66:71:0a:c1:05:95:76:c3:97:
2b:05:3d:5c:b8:87:e9:59:64:07:e5:96:07:37:67:
e3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:52:EB:C4:94:C5:7A:5C:9A:8B:B3:5E:45:27:9B:95:08:F7:1D
X509v3 Authority Key Identifier:
keyid:5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/cUNS68SUxXpcmouzXkUnm5UI9x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.160.0/19
94.101.120.0/22
103.51.228.0/22
103.76.96.0/22
103.192.160.0/22
103.234.232.0/22
128.65.144.0/21
170.81.52.0/22
170.84.228.0/22
185.88.92.0/22
193.23.64.0/19
212.118.192.0/19
IPv6:
2a02:f90::/32
Signature Algorithm: sha256WithRSAEncryption
95:85:da:32:29:9a:68:aa:fe:b4:ae:73:cf:13:16:ef:3b:e2:
00:d8:21:15:61:4e:fd:85:e0:ae:bb:8f:82:4f:53:15:ea:f6:
12:48:23:b5:3d:d9:5d:34:ea:8c:35:2d:ab:fc:c6:e6:8a:fb:
54:fe:18:60:6f:b6:18:6f:db:94:a6:ce:3d:f0:b8:1b:ba:d9:
3c:b2:20:bc:89:39:57:f6:60:a4:2d:25:df:bb:28:44:48:cc:
25:f6:91:24:35:40:03:44:6e:a5:9e:db:fb:cf:c2:e9:30:d9:
65:dd:19:ba:c8:5a:12:76:85:06:ed:bd:24:b3:ee:3d:d9:7b:
43:09:37:70:7c:c0:74:98:e4:11:99:fb:b8:e5:6b:64:67:f9:
98:ab:09:56:d5:fe:a5:d9:e7:07:76:e9:9c:a2:12:ac:5b:9b:
57:39:8a:b1:cf:fb:8a:41:d9:1f:44:b3:d0:58:fc:b4:9b:50:
a6:88:aa:6e:48:1f:7f:06:bd:2a:4d:1f:e0:74:f9:2f:07:fd:
08:13:1c:09:a9:19:f1:9c:83:48:93:ae:38:00:d1:a3:69:f9:
54:2f:74:cf:f7:02:18:b3:b4:42:8f:02:68:9d:c6:9d:52:c5:
27:a7:82:2a:88:4b:dc:eb:0a:25:9d:af:f9:f8:23:6e:2b:34:
09:5f:b3:9a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEAqdKIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTYxMTAyZWQ0ZDY2ZGNkOTUyZGUwMTMwNGUwYWZlMTM4NGQwMGJmMB4XDTIyMDMx
NjEwNTAwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0MzUyZWJjNDk0
YzU3YTVjOWE4YmIzNWU0NTI3OWI5NTA4ZjcxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaT4TIve9nJn0FlTSqboBAizepLKrVyGVgtCtLIe1K50ngH
1T5Dfovn5XbyK/eM/xYQXhyGzrpflRLmbT3qMOm9A7gud4iRX1Fj9sZt6T0dujIf
5ahZ8+WVdDAYun3Jikq2qkfFTk8/3wMG6G0dqAR1ksyYYkq/WC9GIE/UeCeNVuP+
7ieOIYYpwO/AA6sATycEbZtNvBxUJZlKLvLaphFtjVyM4Bbx0RkZ4ji0Jivi5o7J
/2S/GJkLE+CaDuQT7Wr9SUANcuRZLD4X9umzeBlrwq0FnmTMp8fNvEZLpZIuthfM
MY8cZnEKwQWVdsOXKwU9XLiH6VlkB+WWBzdn4xMCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBRxQ1LrxJTFelyai7NeRSeblQj3HTAfBgNVHSMEGDAWgBRaYRAu1NZtzZUt
4BME4K/hOE0AvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtRVFMdFRXYmMyVkxlQVRCT0N2NFRoTkFMOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvOTVlNzhhLTU3ZTctNGE1OC05MzE2LTI4OGJkNmI5ZTA5Mi8x
L2NVTlM2OFNVeFhwY21vdXpYa1VubTVVSTl4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
OTVlNzhhLTU3ZTctNGE1OC05MzE2LTI4OGJkNmI5ZTA5Mi8xL1dtRVFMdFRXYmMy
VkxlQVRCT0N2NFRoTkFMOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEBT7MoAMEAl5leAMEAmcz5AMEAmdM
YAMEAmfAoAMEAmfq6AMEA4BBkAMEAqpRNAMEAqpU5AMEArlYXAMEBcEXQAMEBdR2
wDANBAIAAjAHAwUAKgIPkDANBgkqhkiG9w0BAQsFAAOCAQEAlYXaMimaaKr+tK5z
zxMW7zviANghFWFO/YXgrruPgk9TFer2EkgjtT3ZXTTqjDUtq/zG5or7VP4YYG+2
GG/blKbOPfC4G7rZPLIgvIk5V/ZgpC0l37soREjMJfaRJDVAA0RupZ7b+8/C6TDZ
Zd0ZushaEnaFBu29JLPuPdl7Qwk3cHzAdJjkEZn7uOVrZGf5mKsJVtX+pdnnB3bp
nKISrFubVzmKsc/7ikHZH0Sz0Fj8tJtQpoiqbkgffwa9Kk0f4HT5Lwf9CBMcCakZ
8ZyDSJOuOADRo2n5VC90z/cCGLO0Qo8CaJ3GnVLFJ6eCKohL3OsKJZ2v+fgjbis0
CV+zmg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 17:39:33 2025 by rpki-client