Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/CuYmhn4HB5B89als0GbamWHOHYM.roa
File: CuYmhn4HB5B89als0GbamWHOHYM.roa (raw, json)
Hash identifier: NO8llq7GKwwp9FK9po76K8dw+owZfkJWOQwwkzEuxmg=
Subject key identifier: 0A:E6:26:86:7E:07:07:90:7C:F5:A9:6C:D0:66:DA:99:61:CE:1D:83
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 01911CEDAF400C2E46B9E318AB7221A2E941
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/CuYmhn4HB5B89als0GbamWHOHYM.roa
Signing time: Sun 04 Aug 2024 10:27:04 +0000
ROA not before: Sun 04 Aug 2024 10:27:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138968
IP address blocks: 103.76.85.0/24 maxlen: 24
103.76.87.0/24 maxlen: 24
116.206.92.0/22 maxlen: 24
116.206.94.0/24 maxlen: 24
203.189.232.0/23 maxlen: 24
2a0f:6700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1c:ed:af:40:0c:2e:46:b9:e3:18:ab:72:21:a2:e9:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Aug 4 10:27:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ae626867e0707907cf5a96cd066da9961ce1d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:00:72:7c:6c:40:c0:d4:68:37:c2:15:20:
8d:81:2a:5d:d2:8e:6d:59:50:0b:03:c9:a5:d7:49:
a9:d8:4b:6e:b2:cc:a4:ed:5d:e8:6c:dc:f8:36:ee:
e8:f8:c0:cb:c6:c8:84:73:9f:16:44:d7:1a:83:4b:
f8:f5:42:30:52:9f:2c:8e:5f:d4:7a:f2:69:83:d7:
ab:26:2e:a1:a3:5e:c5:ef:44:54:c9:64:17:91:90:
33:de:17:3a:fb:c8:70:ee:1e:51:86:59:56:46:6f:
0a:0b:a8:15:a7:3d:b2:3e:7f:fe:80:15:b3:ed:d0:
7f:05:72:c6:be:bd:aa:05:b0:87:93:a0:1a:59:60:
d2:7c:b6:27:d5:66:bb:27:db:e2:28:cc:17:f3:d8:
6e:bb:43:5c:f8:60:d9:3c:53:98:a0:13:83:32:cb:
86:a9:f5:ca:70:0e:ce:57:8d:69:b4:ba:d3:64:6c:
bb:7d:4c:3c:6a:b1:9f:5e:20:1d:98:15:e1:64:31:
67:95:96:48:d8:16:77:82:ba:bb:be:ed:bf:fc:5f:
49:68:28:e3:5c:bd:53:59:c5:82:4c:00:13:75:8c:
76:7d:55:33:82:15:b5:67:4a:aa:9a:eb:4b:4f:a5:
f1:a0:fe:08:4c:23:5e:c0:ff:6d:f1:a3:d6:fb:71:
46:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E6:26:86:7E:07:07:90:7C:F5:A9:6C:D0:66:DA:99:61:CE:1D:83
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/CuYmhn4HB5B89als0GbamWHOHYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.85.0/24
103.76.87.0/24
116.206.92.0/22
203.189.232.0/23
IPv6:
2a0f:6700::/29
Signature Algorithm: sha256WithRSAEncryption
bb:bd:61:70:32:8d:d0:0e:e9:33:77:04:68:00:c2:59:12:05:
36:3b:c5:24:bb:06:8f:0f:2e:6e:fc:a9:73:2f:03:03:b7:04:
09:cd:28:39:fc:60:81:52:a7:1f:b4:40:01:8a:9c:7b:ec:36:
0f:f9:ec:74:df:27:9f:17:06:29:5e:30:8c:1f:d6:09:b6:0b:
ab:73:00:e6:01:50:87:72:a9:c9:ec:a0:22:33:da:b7:0c:0d:
aa:0d:5a:47:1b:c5:0d:fc:eb:9d:86:67:25:20:da:19:0b:f4:
69:63:79:5d:79:a3:92:77:d7:f3:65:5a:97:4e:21:ec:88:a5:
4c:4b:67:d8:c3:b3:a8:ed:f5:0a:9a:af:29:c9:f6:2a:ed:b3:
0c:b5:57:4b:5a:9d:38:d2:13:74:83:c1:1d:9c:00:48:27:0c:
05:19:7e:5f:9d:3f:d7:5c:1a:68:1f:7f:c6:f7:2a:0d:e1:0d:
17:e1:b9:88:4b:1f:d0:de:59:5b:a9:47:1b:e9:67:4e:6a:c2:
5f:ae:fa:59:c7:1e:af:f4:4f:54:8a:1a:a8:5f:f7:04:55:81:
12:2b:3b:db:6f:21:d3:11:95:c7:e2:cb:fc:6f:82:d8:09:93:
38:e3:ed:5c:8a:e9:c2:6f:e0:bc:4d:a5:2f:78:c6:29:a3:16:
fc:6d:0e:4a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZEc7a9ADC5GueMYq3IhoulBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwODA0MTAyNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU2MjY4NjdlMDcwNzkwN2NmNWE5NmNkMDY2ZGE5OTYxY2UxZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnosAcnxsQMDUaDfCFSCNgSpd0o5t
WVALA8ml10mp2Etussyk7V3obNz4Nu7o+MDLxsiEc58WRNcag0v49UIwUp8sjl/U
evJpg9erJi6ho17F70RUyWQXkZAz3hc6+8hw7h5RhllWRm8KC6gVpz2yPn/+gBWz
7dB/BXLGvr2qBbCHk6AaWWDSfLYn1Wa7J9viKMwX89huu0Nc+GDZPFOYoBODMsuG
qfXKcA7OV41ptLrTZGy7fUw8arGfXiAdmBXhZDFnlZZI2BZ3grq7vu2//F9JaCjj
XL1TWcWCTAATdYx2fVUzghW1Z0qqmutLT6XxoP4ITCNewP9t8aPW+3FGWwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFArmJoZ+BweQfPWpbNBm2plhzh2DMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvQ3VZbWhuNEhCNUI4OWFsczBHYmFtV0hPSFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAZ0xVAwQA
Z0xXAwQCdM5cAwQBy73oMA0EAgACMAcDBQMqD2cAMA0GCSqGSIb3DQEBCwUAA4IB
AQC7vWFwMo3QDukzdwRoAMJZEgU2O8UkuwaPDy5u/KlzLwMDtwQJzSg5/GCBUqcf
tEABipx77DYP+ex03yefFwYpXjCMH9YJtgurcwDmAVCHcqnJ7KAiM9q3DA2qDVpH
G8UN/OudhmclINoZC/RpY3ldeaOSd9fzZVqXTiHsiKVMS2fYw7Oo7fUKmq8pyfYq
7bMMtVdLWp040hN0g8EdnABIJwwFGX5fnT/XXBpoH3/G9yoN4Q0X4bmISx/Q3llb
qUcb6WdOasJfrvpZxx6v9E9UihqoX/cEVYESKzvbbyHTEZXH4sv8b4LYCZM44+1c
iunCb+C8TaUveMYpoxb8bQ5K
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:09:57 2025 by rpki-client