Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/_0Uw1stsQ4v7lwhxDKHxojTTY4o.roa
File: _0Uw1stsQ4v7lwhxDKHxojTTY4o.roa (raw, json)
Hash identifier: 0okRVoOViCAoAZEZDSL+buUY3JpewwlHbkRRMtFfhsA=
Subject key identifier: FF:45:30:D6:CB:6C:43:8B:FB:97:08:71:0C:A1:F1:A2:34:D3:63:8A
Certificate issuer: /CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Certificate serial: 019011FB84DF41250C853E85685E16C0551E
Authority key identifier: A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/_0Uw1stsQ4v7lwhxDKHxojTTY4o.roa
Signing time: Thu 13 Jun 2024 14:23:34 +0000
ROA not before: Thu 13 Jun 2024 14:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 103.73.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:11:fb:84:df:41:25:0c:85:3e:85:68:5e:16:c0:55:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Validity
Not Before: Jun 13 14:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff4530d6cb6c438bfb9708710ca1f1a234d3638a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:09:11:7a:14:02:5d:03:99:79:90:04:24:97:
76:36:2e:92:55:46:cf:29:79:63:33:68:5f:4a:d4:
44:ec:b2:19:b9:6a:3a:46:17:5d:45:0c:55:d0:34:
de:05:e7:70:5d:61:ee:ca:b0:4c:14:d2:4b:48:52:
03:83:9b:d1:9c:69:93:fb:b0:f0:12:ab:e3:04:82:
e7:bd:6c:9b:eb:30:32:00:58:67:c8:ef:69:2f:b0:
62:fb:00:1e:14:b7:78:4c:66:45:4c:a1:eb:91:4e:
35:80:b8:8f:25:16:c9:8f:e3:52:87:fe:de:f0:95:
a4:1b:03:43:ce:d7:50:09:3e:19:cb:e5:fc:a5:65:
4c:b7:9b:c8:c9:38:22:d8:93:91:c7:b0:51:21:cb:
e4:41:86:2c:41:f1:4b:c7:b3:b6:65:6c:50:5c:ce:
df:e9:41:7b:77:1a:a8:c2:70:f3:82:42:d6:f0:6c:
6c:86:67:d5:47:ec:21:93:e1:76:31:25:6e:37:10:
79:33:b5:65:e0:84:42:f2:76:b7:9a:82:ac:e6:cf:
17:23:c1:d4:87:8a:ba:af:bc:6e:76:31:86:ca:1b:
d0:91:bc:b6:b7:7a:d9:98:d9:74:c4:eb:4e:91:b0:
51:98:4d:61:61:b3:0c:67:e2:c2:c4:28:d7:e5:fe:
75:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:45:30:D6:CB:6C:43:8B:FB:97:08:71:0C:A1:F1:A2:34:D3:63:8A
X509v3 Authority Key Identifier:
keyid:A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/_0Uw1stsQ4v7lwhxDKHxojTTY4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/qM-s4RTYzeptxeekmUPzIjRss10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.73.172.0/22
Signature Algorithm: sha256WithRSAEncryption
86:1e:fa:59:4d:8e:35:8e:a2:48:a9:14:64:28:45:67:af:e9:
2f:f8:02:f0:36:8e:74:26:80:2a:da:16:3b:99:6e:d6:a4:ae:
fb:b1:e2:e0:d5:50:bf:0a:f8:fa:b6:62:79:56:3e:dd:cb:a7:
0f:77:c6:cd:8b:02:2d:f1:ac:37:38:2c:ba:06:6f:42:4a:26:
76:9c:af:9f:e5:c4:4e:be:3a:1f:e0:90:f8:02:a3:d8:ec:ac:
cf:39:d6:7f:7a:2f:a1:87:8f:bc:fb:84:cb:2a:7e:3f:35:fa:
c6:3b:2f:c9:ca:10:c6:71:c3:f2:55:99:f8:1b:a7:b7:a2:b5:
3a:0c:40:d4:22:86:8c:5e:1a:78:34:da:c9:24:51:a0:4a:6d:
e7:a5:75:9e:96:dc:7f:96:f3:30:40:44:3c:9f:b1:55:68:1c:
46:e8:1d:ed:38:20:aa:4c:f5:a3:0d:70:de:60:f2:6f:b8:81:
bd:15:77:04:b7:ad:64:32:20:c2:05:e1:8b:60:c5:9e:eb:50:
b7:43:e2:8c:b8:58:b6:37:4b:51:02:bf:6c:1d:07:cf:ab:55:
d5:7e:49:87:66:b2:7c:b3:fe:97:58:d8:5e:16:c2:ec:69:58:
07:10:b1:23:83:0e:88:98:36:88:ec:f5:6e:8a:7f:21:45:ba:
25:b1:44:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAR+4TfQSUMhT6FaF4WwFUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4Y2ZhY2UxMTRkOGNkZWE2ZGM1ZTdhNDk5NDNmMzIyMzQ2
Y2IzNWQwHhcNMjQwNjEzMTQyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ1MzBkNmNiNmM0MzhiZmI5NzA4NzEwY2ExZjFhMjM0ZDM2MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQkRehQCXQOZeZAEJJd2Ni6SVUbP
KXljM2hfStRE7LIZuWo6RhddRQxV0DTeBedwXWHuyrBMFNJLSFIDg5vRnGmT+7Dw
EqvjBILnvWyb6zAyAFhnyO9pL7Bi+wAeFLd4TGZFTKHrkU41gLiPJRbJj+NSh/7e
8JWkGwNDztdQCT4Zy+X8pWVMt5vIyTgi2JORx7BRIcvkQYYsQfFLx7O2ZWxQXM7f
6UF7dxqownDzgkLW8GxshmfVR+whk+F2MSVuNxB5M7Vl4IRC8na3moKs5s8XI8HU
h4q6r7xudjGGyhvQkby2t3rZmNl0xOtOkbBRmE1hYbMMZ+LCxCjX5f51gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9FMNbLbEOL+5cIcQyh8aI002OKMB8GA1UdIwQY
MBaAFKjPrOEU2M3qbcXnpJlD8yI0bLNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEt
NjQ5NjQ5NzZmN2IzLzEvXzBVdzFzdHNRNHY3bHdoeERLSHhvalRUWTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEtNjQ5NjQ5NzZmN2Iz
LzEvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ0msMA0G
CSqGSIb3DQEBCwUAA4IBAQCGHvpZTY41jqJIqRRkKEVnr+kv+ALwNo50JoAq2hY7
mW7WpK77seLg1VC/Cvj6tmJ5Vj7dy6cPd8bNiwIt8aw3OCy6Bm9CSiZ2nK+f5cRO
vjof4JD4AqPY7KzPOdZ/ei+hh4+8+4TLKn4/NfrGOy/JyhDGccPyVZn4G6e3orU6
DEDUIoaMXhp4NNrJJFGgSm3npXWeltx/lvMwQEQ8n7FVaBxG6B3tOCCqTPWjDXDe
YPJvuIG9FXcEt61kMiDCBeGLYMWe61C3Q+KMuFi2N0tRAr9sHQfPq1XVfkmHZrJ8
s/6XWNheFsLsaVgHELEjgw6ImDaI7PVuin8hRbolsUSK
-----END CERTIFICATE-----
Generated at Thu May 1 17:12:57 2025 by rpki-client