Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/8iFfk8E1aZxOlAXgpT-5bivJ1-c.roa
File: 8iFfk8E1aZxOlAXgpT-5bivJ1-c.roa (raw, json)
Hash identifier: NIXHMkyqRVzEtPiryIHkc42UmH17UQwEZwO1BYh42WU=
Subject key identifier: F2:21:5F:93:C1:35:69:9C:4E:94:05:E0:A5:3F:B9:6E:2B:C9:D7:E7
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 01941FFA543A87F2715F5EF8A4BBBC614AB0
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/8iFfk8E1aZxOlAXgpT-5bivJ1-c.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43289
IP address blocks: 103.197.148.0/22 maxlen: 24
178.17.160.0/20 maxlen: 24
178.175.128.0/19 maxlen: 24
178.175.160.0/20 maxlen: 24
2a00:1dc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:54:3a:87:f2:71:5f:5e:f8:a4:bb:bc:61:4a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2215f93c135699c4e9405e0a53fb96e2bc9d7e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d3:e8:7a:8e:f2:c2:f6:74:7b:6e:d1:ee:9a:
ca:eb:8b:42:98:48:75:8b:c3:f9:6f:7b:5f:26:23:
0e:bd:5c:69:72:e6:34:3a:4d:86:40:34:63:45:86:
a5:14:13:f0:62:59:4c:82:bf:58:29:4f:bb:99:2f:
00:db:7a:a1:13:36:18:fa:a0:ca:15:15:43:93:c1:
4d:ae:18:96:cd:9c:26:be:3a:4b:38:52:92:e9:1b:
99:30:f1:b1:da:33:b3:c9:42:49:cc:04:44:c6:b7:
16:4a:95:0f:d2:15:f1:a3:b9:c7:17:0d:9d:02:04:
33:47:a5:83:29:12:ed:4e:4d:ef:07:fa:4d:16:0a:
23:91:de:08:bc:9d:3e:2c:42:e7:a8:bb:01:fb:e8:
b2:55:ce:d0:d7:e0:d5:d7:7c:84:7f:8b:43:b1:56:
f0:4f:fb:4c:0a:c2:27:63:ef:df:72:10:b8:25:e8:
b7:80:5d:cf:0f:5f:3f:db:65:fe:0f:c5:91:19:a6:
a4:8c:93:51:00:c8:74:87:37:f6:12:0c:2c:a8:9e:
0d:62:66:eb:1a:66:14:80:95:0d:d5:21:a3:dc:96:
78:52:4a:da:37:37:41:ed:06:46:dc:a9:41:e8:23:
6b:78:13:a4:8a:f6:d7:02:ff:ba:58:96:9a:42:22:
ec:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:21:5F:93:C1:35:69:9C:4E:94:05:E0:A5:3F:B9:6E:2B:C9:D7:E7
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/8iFfk8E1aZxOlAXgpT-5bivJ1-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.197.148.0/22
178.17.160.0/20
178.175.128.0-178.175.175.255
IPv6:
2a00:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:28:a9:c1:ae:1d:79:20:ef:69:40:f5:14:0b:02:34:37:0b:
07:dd:a3:50:fc:9d:ca:a2:b0:59:2a:30:1b:e1:74:72:c0:21:
1f:32:b0:c8:ef:95:12:31:2c:23:d5:1d:1d:0c:e5:35:94:de:
e0:7f:02:db:24:bb:48:72:ad:48:32:40:02:3f:92:85:d8:14:
1d:a4:17:ec:a2:9c:8d:56:70:09:7a:a3:67:40:c5:a8:ef:5c:
42:2c:e0:01:d0:7b:b7:78:8e:d4:db:91:b7:bc:71:13:57:47:
93:09:ed:a2:c4:26:28:57:7f:1e:cf:fd:ed:ea:e0:cc:55:90:
29:6a:bc:a6:ad:6e:78:bc:0d:39:94:0e:f3:6a:1b:84:33:4a:
ef:74:20:ba:90:8b:64:fe:d6:ee:c8:27:73:4d:6f:cd:54:a4:
55:de:3b:5e:69:04:8e:37:4b:46:c9:93:1b:82:78:92:0c:0e:
d0:9c:96:6a:18:b3:aa:51:e2:5b:83:0f:28:77:14:f9:f9:6e:
71:ee:be:1e:b4:55:4f:11:ab:26:54:7e:55:fb:a5:82:9f:ad:
2f:66:d9:a6:c7:d7:32:f4:ed:70:20:dc:ea:2f:e9:ca:1d:9e:
77:7e:8f:75:42:59:19:d4:19:b4:63:3c:99:ce:2f:5b:39:cb:
44:58:65:56
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQf+lQ6h/JxX174pLu8YUqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIxNWY5M2MxMzU2OTljNGU5NDA1ZTBhNTNmYjk2ZTJiYzlkN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dPoeo7ywvZ0e27R7prK64tCmEh1
i8P5b3tfJiMOvVxpcuY0Ok2GQDRjRYalFBPwYllMgr9YKU+7mS8A23qhEzYY+qDK
FRVDk8FNrhiWzZwmvjpLOFKS6RuZMPGx2jOzyUJJzARExrcWSpUP0hXxo7nHFw2d
AgQzR6WDKRLtTk3vB/pNFgojkd4IvJ0+LELnqLsB++iyVc7Q1+DV13yEf4tDsVbw
T/tMCsInY+/fchC4Jei3gF3PD18/22X+D8WRGaakjJNRAMh0hzf2EgwsqJ4NYmbr
GmYUgJUN1SGj3JZ4UkraNzdB7QZG3KlB6CNreBOkivbXAv+6WJaaQiLsDwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPIhX5PBNWmcTpQF4KU/uW4rydfnMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvOGlGZms4RTFhWnhPbEFYZ3BULTViaXZKMS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCZ8WUAwQE
shGgMAwDBAeyr4ADBASyr6AwDQQCAAIwBwMFAyoAHcAwDQYJKoZIhvcNAQELBQAD
ggEBAD0oqcGuHXkg72lA9RQLAjQ3Cwfdo1D8ncqisFkqMBvhdHLAIR8ysMjvlRIx
LCPVHR0M5TWU3uB/Atsku0hyrUgyQAI/koXYFB2kF+yinI1WcAl6o2dAxajvXEIs
4AHQe7d4jtTbkbe8cRNXR5MJ7aLEJihXfx7P/e3q4MxVkClqvKatbni8DTmUDvNq
G4QzSu90ILqQi2T+1u7IJ3NNb81UpFXeO15pBI43S0bJkxuCeJIMDtCclmoYs6pR
4luDDyh3FPn5bnHuvh60VU8RqyZUflX7pYKfrS9m2abH1zL07XAg3Oov6codnnd+
j3VCWRnUGbRjPJnOL1s5y0RYZVY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:32 2025 by rpki-client