Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/CsyUpJN1cOHvAJY0PN49LDiGBrw.roa
File: CsyUpJN1cOHvAJY0PN49LDiGBrw.roa (raw, json)
Hash identifier: BZ+vd3RIlZsHppbNW5THcIplfhrprGKrX5ZYfW/7l68=
Subject key identifier: 0A:CC:94:A4:93:75:70:E1:EF:00:96:34:3C:DE:3D:2C:38:86:06:BC
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 16F91CED
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/CsyUpJN1cOHvAJY0PN49LDiGBrw.roa
Signing time: Fri 17 Jun 2022 19:44:47 +0000
ROA not before: Fri 17 Jun 2022 19:44:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48950
IP address blocks: 104.160.2.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
104.160.5.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
158.222.3.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385424621 (0x16f91ced)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jun 17 19:44:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0acc94a4937570e1ef0096343cde3d2c388606bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:84:19:cd:0c:84:a5:09:a2:57:fa:27:5d:f4:
32:1a:5f:af:01:42:fa:54:dc:ab:ae:82:fe:e9:cf:
b5:11:6f:9a:b8:f9:c8:57:1c:f4:c8:71:25:93:9c:
72:90:18:c2:da:13:50:a2:8e:50:04:c3:06:d2:3e:
83:90:2c:6c:ff:7a:ed:2d:17:49:fb:c8:2e:f9:50:
31:f1:50:97:1f:41:01:2e:75:a5:53:b7:d2:d4:8a:
b7:77:2c:1b:49:96:60:fb:cd:75:34:21:a7:c2:5e:
97:2d:9a:70:f2:a0:2c:2f:18:28:d3:85:bd:b8:7f:
57:da:c0:39:9e:c5:00:bb:3d:31:90:df:05:d0:bb:
81:2f:e6:ed:a8:4e:51:d9:ff:1b:c9:c6:93:6c:64:
f0:d0:da:cd:f5:fc:0e:dc:aa:be:e6:b6:53:d8:21:
e6:e0:6f:42:ad:15:bd:7a:27:32:8b:72:7d:59:38:
5e:32:67:fe:d8:36:6d:23:ac:4e:81:9c:40:32:59:
6f:06:cc:1e:5c:34:f5:2e:70:ef:d5:06:6e:a3:9d:
db:d9:34:27:a7:34:d9:f3:79:53:6e:a4:fe:cf:b3:
b3:e3:a9:64:51:3a:29:57:83:65:fc:19:bd:e2:b3:
80:c0:43:04:4c:2a:ff:bf:0d:a2:85:5c:52:28:fb:
75:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CC:94:A4:93:75:70:E1:EF:00:96:34:3C:DE:3D:2C:38:86:06:BC
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/CsyUpJN1cOHvAJY0PN49LDiGBrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.21.0/24
104.160.2.0/24
104.160.5.0-104.160.6.255
104.160.10.0/24
158.222.3.0/24
158.222.5.0/24
158.222.7.0/24
Signature Algorithm: sha256WithRSAEncryption
26:60:13:0b:fb:17:04:cc:f6:4d:1e:e4:13:35:b1:26:9d:41:
f0:d3:2d:08:26:53:c7:9f:5e:91:4e:63:48:1c:95:39:3b:6b:
a3:8c:57:ed:d0:85:16:0a:c6:fc:e6:44:b4:2c:00:20:02:ab:
a7:4f:3a:74:e4:e5:dd:90:c9:29:83:1e:9b:b5:04:d2:af:92:
f3:a0:4c:e1:af:30:6e:b7:90:08:ce:fc:f9:0d:d3:41:4f:f7:
41:09:5c:93:39:cd:f3:85:66:85:cd:ba:40:9a:f7:f9:20:b7:
f9:50:df:fb:51:40:0b:53:ee:61:34:d1:40:d0:31:ae:d7:fb:
7a:c2:9b:40:6c:3b:58:f0:1e:b2:b7:7b:f5:8b:4a:b7:c9:ab:
0a:f8:57:43:d3:48:49:d5:04:ea:c2:ff:b3:55:22:b9:09:71:
ab:33:97:f0:c3:2d:fb:1e:2b:70:53:22:12:84:bc:c3:8e:5e:
ce:b9:5b:3a:3a:fc:b3:0c:5f:16:3f:20:d5:e9:97:ee:a0:04:
56:4c:cd:5b:3e:79:65:e5:c0:0e:dd:87:c2:8a:c6:4c:9e:94:
95:47:90:fc:7f:f3:8a:90:d1:21:64:77:bc:63:cf:40:7b:50:
63:6a:44:c1:00:00:4c:cd:40:b4:e2:ee:ce:0e:6b:05:b1:4a:
20:7b:c3:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEFvkc7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGYzNzZkZjVmOWVmNDg3YzgyYjMxYTg3NWM2YTQ5NmQ3OWNhMGQ3MB4XDTIyMDYx
NzE5NDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFjYzk0YTQ5Mzc1
NzBlMWVmMDA5NjM0M2NkZTNkMmMzODg2MDZiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKEGc0MhKUJolf6J130MhpfrwFC+lTcq66C/unPtRFvmrj5
yFcc9MhxJZOccpAYwtoTUKKOUATDBtI+g5AsbP967S0XSfvILvlQMfFQlx9BAS51
pVO30tSKt3csG0mWYPvNdTQhp8Jely2acPKgLC8YKNOFvbh/V9rAOZ7FALs9MZDf
BdC7gS/m7ahOUdn/G8nGk2xk8NDazfX8Dtyqvua2U9gh5uBvQq0VvXonMotyfVk4
XjJn/tg2bSOsToGcQDJZbwbMHlw09S5w79UGbqOd29k0J6c02fN5U26k/s+zs+Op
ZFE6KVeDZfwZveKzgMBDBEwq/78NooVcUij7dS8CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBQKzJSkk3Vw4e8AljQ83j0sOIYGvDAfBgNVHSMEGDAWgBSA83bfX570h8gr
Mah1xqSW15yg1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dQTjIzMS1lOUlmSUt6R29kY2FrbHRlY29OYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvNzk1ZGVkLWZjZGYtNDdjZi1hZjgzLWE0YmMyODE2NjQzYS8x
L0NzeVVwSk4xY09IdkFKWTBQTjQ5TERpR0Jydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Nzk1ZGVkLWZjZGYtNDdjZi1hZjgzLWE0YmMyODE2NjQzYS8xL2dQTjIzMS1lOUlm
SUt6R29kY2FrbHRlY29OYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAAWdFQMEAGigAjAMAwQAaKAFAwQA
aKAGAwQAaKAKAwQAnt4DAwQAnt4FAwQAnt4HMA0GCSqGSIb3DQEBCwUAA4IBAQAm
YBML+xcEzPZNHuQTNbEmnUHw0y0IJlPHn16RTmNIHJU5O2ujjFft0IUWCsb85kS0
LAAgAqunTzp05OXdkMkpgx6btQTSr5LzoEzhrzBut5AIzvz5DdNBT/dBCVyTOc3z
hWaFzbpAmvf5ILf5UN/7UUALU+5hNNFA0DGu1/t6wptAbDtY8B6yt3v1i0q3yasK
+FdD00hJ1QTqwv+zVSK5CXGrM5fwwy37HitwUyIShLzDjl7OuVs6OvyzDF8WPyDV
6ZfuoARWTM1bPnll5cAO3YfCisZMnpSVR5D8f/OKkNEhZHe8Y89Ae1BjakTBAABM
zUC04u7ODmsFsUoge8Or
-----END CERTIFICATE-----
Generated at Sun May 11 20:08:31 2025 by rpki-client