Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/2MDQPyhSJp_gSAmLMI-_KxQAzu0.roa
File: 2MDQPyhSJp_gSAmLMI-_KxQAzu0.roa (raw, json)
Hash identifier: ZHB+0zD2aMWqWR/Yj0ci8/Q7aeBSyqU9p8EjbNB0Hf4=
Subject key identifier: D8:C0:D0:3F:28:52:26:9F:E0:48:09:8B:30:8F:BF:2B:14:00:CE:ED
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01952A8F811F0B330BF5B3C48B0CC002C630
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/2MDQPyhSJp_gSAmLMI-_KxQAzu0.roa
Signing time: Fri 21 Feb 2025 22:10:02 +0000
ROA not before: Fri 21 Feb 2025 22:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 43.239.88.0/22 maxlen: 22
91.210.64.0/22 maxlen: 22
103.206.232.0/22 maxlen: 22
107.181.156.0/22 maxlen: 22
155.254.40.0/22 maxlen: 22
155.254.44.0/22 maxlen: 22
155.254.50.0/23 maxlen: 23
155.254.52.0/22 maxlen: 22
155.254.56.0/22 maxlen: 22
185.135.212.0/22 maxlen: 22
198.105.96.0/22 maxlen: 22
198.105.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2a:8f:81:1f:0b:33:0b:f5:b3:c4:8b:0c:c0:02:c6:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Feb 21 22:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8c0d03f2852269fe048098b308fbf2b1400ceed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f2:b4:40:0e:69:ac:2f:cf:1b:4d:78:c5:10:
9e:91:4f:2b:f6:26:2a:17:d2:f1:50:bf:1b:4b:86:
58:86:2f:82:22:27:cd:a6:db:68:72:69:32:01:86:
58:93:bb:18:32:17:32:2f:39:42:98:a3:8a:2c:bc:
5a:28:c5:16:63:23:c7:4f:cc:7b:43:4f:50:dc:72:
97:de:f4:49:f4:cf:58:17:bb:ed:0a:65:1a:aa:85:
0a:8e:7a:45:6f:6e:32:30:b2:8e:0b:3a:b7:6d:d1:
a3:0f:fa:1a:8a:08:f0:d8:9d:d7:9c:b6:72:f4:56:
72:1e:8c:66:8d:7b:4e:ef:0b:d9:3b:94:d4:4d:9e:
a9:54:3e:98:2e:34:4b:d8:9d:e3:e8:2f:64:fb:11:
b3:65:1c:91:d5:f5:d5:ce:e5:45:fc:7a:89:83:18:
e8:8c:aa:bd:5d:75:6b:41:71:a2:3c:3d:f0:03:60:
ea:8c:c1:8b:08:7d:2d:de:b6:6b:99:b3:15:38:78:
f6:83:85:b2:cf:44:71:bf:35:c3:7f:a3:24:df:0b:
e4:9b:04:f4:e7:a2:43:a6:59:ca:33:ae:12:98:08:
5b:c3:b8:36:04:e2:fa:57:17:ad:14:e7:b1:40:67:
37:e2:18:5f:0a:3b:2d:90:67:44:cd:eb:15:a0:cf:
a5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C0:D0:3F:28:52:26:9F:E0:48:09:8B:30:8F:BF:2B:14:00:CE:ED
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/2MDQPyhSJp_gSAmLMI-_KxQAzu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
91.210.64.0/22
103.206.232.0/22
107.181.156.0/22
155.254.40.0/21
155.254.50.0-155.254.59.255
185.135.212.0/22
198.105.96.0/22
198.105.104.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:c4:44:eb:00:7d:8a:63:4d:ba:c6:0e:58:c8:c5:0b:5b:4a:
f3:fe:7d:bc:ef:69:0b:c8:1d:7d:22:ac:b4:e3:51:24:3b:c2:
10:7f:dc:b4:d9:1c:42:e2:61:79:6f:2d:d6:1d:29:3b:06:8b:
fc:86:c8:4d:2e:e7:d2:26:7b:d7:fe:9c:cd:06:48:df:8c:a3:
d6:79:7e:b8:c4:30:2e:98:c6:2e:cd:e8:e8:59:59:93:cf:36:
b4:50:8a:00:6b:e0:12:3d:ea:6a:04:f4:13:2f:08:4c:6e:64:
7f:b8:84:5c:e2:97:c7:f1:e5:bf:77:b3:1b:48:d0:11:35:ec:
ff:66:cb:96:dc:f5:e3:69:22:d5:e2:04:17:99:f4:8e:7f:cb:
90:e0:18:ba:0f:e7:f1:e1:a8:d3:a3:ee:08:8f:ac:1a:8b:ac:
4c:95:7e:da:93:6b:40:eb:05:17:bb:34:20:b3:15:e9:77:cc:
da:4b:07:61:1c:cd:9c:85:70:ae:f2:1c:93:83:23:6a:25:5a:
ec:41:aa:d3:44:a5:40:95:13:64:48:0d:d4:47:41:93:28:a2:
5d:4f:d8:00:8b:fd:ae:a2:04:8d:9c:6a:5d:16:c1:5b:c9:02:
49:75:4b:64:2e:b3:be:58:58:8d:64:45:5d:5a:3d:fd:b7:af:
1e:03:ce:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZUqj4EfCzML9bPEiwzAAsYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMjIxMjIxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMwZDAzZjI4NTIyNjlmZTA0ODA5OGIzMDhmYmYyYjE0MDBjZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/K0QA5prC/PG014xRCekU8r9iYq
F9LxUL8bS4ZYhi+CIifNpttocmkyAYZYk7sYMhcyLzlCmKOKLLxaKMUWYyPHT8x7
Q09Q3HKX3vRJ9M9YF7vtCmUaqoUKjnpFb24yMLKOCzq3bdGjD/oaigjw2J3XnLZy
9FZyHoxmjXtO7wvZO5TUTZ6pVD6YLjRL2J3j6C9k+xGzZRyR1fXVzuVF/HqJgxjo
jKq9XXVrQXGiPD3wA2DqjMGLCH0t3rZrmbMVOHj2g4Wyz0RxvzXDf6Mk3wvkmwT0
56JDplnKM64SmAhbw7g2BOL6VxetFOexQGc34hhfCjstkGdEzesVoM+lzwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNjA0D8oUiaf4EgJizCPvysUAM7tMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvMk1EUVB5aFNKcF9nU0FtTE1JLV9LeFFBenUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCK+9YAwQC
W9JAAwQCZ87oAwQCa7WcAwQDm/4oMAwDBAGb/jIDBAKb/jgDBAK5h9QDBALGaWAD
BALGaWgwDQYJKoZIhvcNAQELBQADggEBAHzEROsAfYpjTbrGDljIxQtbSvP+fbzv
aQvIHX0irLTjUSQ7whB/3LTZHELiYXlvLdYdKTsGi/yGyE0u59Ime9f+nM0GSN+M
o9Z5frjEMC6Yxi7N6OhZWZPPNrRQigBr4BI96moE9BMvCExuZH+4hFzil8fx5b93
sxtI0BE17P9my5bc9eNpItXiBBeZ9I5/y5DgGLoP5/HhqNOj7giPrBqLrEyVftqT
a0DrBRe7NCCzFel3zNpLB2EczZyFcK7yHJODI2olWuxBqtNEpUCVE2RIDdRHQZMo
ol1P2ACL/a6iBI2cal0WwVvJAkl1S2Qus75YWI1kRV1aPf23rx4Dzhs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:05:19 2025 by rpki-client