Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/cNvBb2RRxSjoCAkb0wZvTJ3BY5k.roa
File: cNvBb2RRxSjoCAkb0wZvTJ3BY5k.roa (raw, json)
Hash identifier: oDSoGJIctW5p0rg5AbBoYa3L96DcMDhEp9yGbjF4AfU=
Subject key identifier: 70:DB:C1:6F:64:51:C5:28:E8:08:09:1B:D3:06:6F:4C:9D:C1:63:99
Certificate issuer: /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial: 019421442EC5FEFBF51C0D5E8C083348A514
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/cNvBb2RRxSjoCAkb0wZvTJ3BY5k.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215567
IP address blocks: 103.69.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2e:c5:fe:fb:f5:1c:0d:5e:8c:08:33:48:a5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70dbc16f6451c528e808091bd3066f4c9dc16399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:bb:76:df:49:11:06:85:0a:1f:c6:be:28:
8e:ad:66:c0:b7:25:e9:f9:bf:65:ea:bf:ac:b8:29:
84:ca:aa:9f:fb:0c:1c:c9:0e:d6:f0:91:bf:7d:1b:
af:d7:1b:f8:0b:93:22:f1:a8:35:73:a3:6a:0a:68:
56:a1:cb:c6:b7:e2:b8:5d:b7:34:88:01:7b:7e:99:
76:ee:15:e9:e5:a7:25:c7:f2:42:55:7e:36:9e:d8:
1f:ba:7e:31:1a:b0:06:63:88:3b:d1:fc:93:ee:a8:
1c:31:84:6f:6c:33:3b:48:0f:fc:6b:9e:3a:38:72:
d3:ce:fc:24:70:fd:a3:d5:39:94:65:0b:05:23:44:
f8:a4:65:a6:3b:aa:d8:5e:74:93:89:5d:06:1b:96:
72:49:11:65:8b:e6:54:e6:63:e0:02:c3:98:de:77:
0e:a2:4b:44:75:73:fe:65:85:69:79:af:03:5d:5e:
f2:99:09:12:32:ff:e0:5c:d0:04:cd:89:a0:5f:04:
0f:46:11:30:20:9a:c4:17:d1:51:b8:2c:61:e5:60:
e7:c3:9f:74:22:8c:ae:79:d0:5e:14:3c:8a:b6:95:
00:0a:62:9e:87:d4:e3:b8:fc:c9:0e:4a:60:74:cf:
68:28:9f:e4:25:46:ae:4c:0f:74:f6:b7:9a:a3:17:
ce:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DB:C1:6F:64:51:C5:28:E8:08:09:1B:D3:06:6F:4C:9D:C1:63:99
X509v3 Authority Key Identifier:
keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/cNvBb2RRxSjoCAkb0wZvTJ3BY5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.69.227.0/24
Signature Algorithm: sha256WithRSAEncryption
74:39:cf:56:e3:a0:c2:11:0b:f5:c7:99:00:69:b4:95:27:1b:
3c:28:58:35:f5:54:e0:ca:ae:a0:02:7d:e1:b1:da:ed:b1:0a:
52:a5:44:d4:06:2d:a0:7b:c9:17:05:04:1e:f1:d2:8e:94:e1:
be:cf:04:63:0e:d8:83:5d:97:e2:b2:d4:12:88:0e:68:b2:8e:
c1:55:c2:25:7e:f6:df:eb:86:f2:6b:e3:c5:32:4b:db:b0:4c:
81:73:22:e8:aa:45:a1:e2:e1:33:df:85:40:31:00:2a:6b:3d:
28:28:9a:06:89:67:3c:07:c9:35:30:b5:56:21:a8:9a:ab:72:
62:3c:22:b5:08:ff:df:b8:e1:e7:6a:8b:bc:23:e6:db:e2:f6:
e9:f1:93:ff:d1:63:05:83:70:45:85:dc:33:12:4d:cc:f6:c7:
07:4c:f4:3d:c8:75:45:28:bc:5f:c7:0f:75:dd:a0:40:d3:4b:
59:2a:52:86:a6:12:9c:01:ed:cf:dd:ce:76:80:0c:5c:f2:b8:
a6:5f:f3:00:da:6c:01:3b:a3:a2:eb:ed:2e:94:0b:48:fa:4a:
49:04:bb:0f:6d:e8:51:ce:4a:49:22:95:5e:e9:7f:1c:6d:ec:
a4:12:d3:57:75:48:89:50:ca:3d:1b:4d:8a:a9:12:b5:e8:0f:
4d:6d:97:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRC7F/vv1HA1ejAgzSKUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDczNGNmOTBjNzczNDI4ODA2Yjk2ODIwOTUxNWI5MTQ4
MzFhOWQwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRiYzE2ZjY0NTFjNTI4ZTgwODA5MWJkMzA2NmY0YzlkYzE2Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlm7dt9JEQaFCh/GviiOrWbAtyXp
+b9l6r+suCmEyqqf+wwcyQ7W8JG/fRuv1xv4C5Mi8ag1c6NqCmhWocvGt+K4Xbc0
iAF7fpl27hXp5aclx/JCVX42ntgfun4xGrAGY4g70fyT7qgcMYRvbDM7SA/8a546
OHLTzvwkcP2j1TmUZQsFI0T4pGWmO6rYXnSTiV0GG5ZySRFli+ZU5mPgAsOY3ncO
oktEdXP+ZYVpea8DXV7ymQkSMv/gXNAEzYmgXwQPRhEwIJrEF9FRuCxh5WDnw590
IoyuedBeFDyKtpUACmKeh9TjuPzJDkpgdM9oKJ/kJUauTA909reaoxfOJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDbwW9kUcUo6AgJG9MGb0ydwWOZMB8GA1UdIwQY
MBaAFDrXNM+Qx3NCiAa5aCCVFbkUgxqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMt
NzZhMWQ0ZDgzMTk3LzEvY052QmIyUlJ4U2pvQ0FrYjB3WnZUSjNCWTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMtNzZhMWQ0ZDgzMTk3
LzEvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0XjMA0G
CSqGSIb3DQEBCwUAA4IBAQB0Oc9W46DCEQv1x5kAabSVJxs8KFg19VTgyq6gAn3h
sdrtsQpSpUTUBi2ge8kXBQQe8dKOlOG+zwRjDtiDXZfistQSiA5oso7BVcIlfvbf
64bya+PFMkvbsEyBcyLoqkWh4uEz34VAMQAqaz0oKJoGiWc8B8k1MLVWIaiaq3Ji
PCK1CP/fuOHnaou8I+bb4vbp8ZP/0WMFg3BFhdwzEk3M9scHTPQ9yHVFKLxfxw91
3aBA00tZKlKGphKcAe3P3c52gAxc8rimX/MA2mwBO6Oi6+0ulAtI+kpJBLsPbehR
zkpJIpVe6X8cbeykEtNXdUiJUMo9G02KqRK16A9NbZeF
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:05:30 2025 by rpki-client