Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mKfa440zuy991Nc6pvScCxVoPac.roa
File: mKfa440zuy991Nc6pvScCxVoPac.roa (raw, json)
Hash identifier: bkRbNpsrLd1G7mtBxrefgN3ZQ8/u56NVOkq/Hrv4b40=
Subject key identifier: 98:A7:DA:E3:8D:33:BB:2F:7D:D4:D7:3A:A6:F4:9C:0B:15:68:3D:A7
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01937351A27138E3C5A3D9D23239D8FD1863
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mKfa440zuy991Nc6pvScCxVoPac.roa
Signing time: Thu 28 Nov 2024 15:09:10 +0000
ROA not before: Thu 28 Nov 2024 15:09:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:51:a2:71:38:e3:c5:a3:d9:d2:32:39:d8:fd:18:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Nov 28 15:09:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a7dae38d33bb2f7dd4d73aa6f49c0b15683da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:a1:31:a4:4b:d1:f8:ff:71:20:6e:87:3d:
38:37:33:d9:69:40:80:4a:1d:10:ff:fb:f9:4c:c3:
94:50:96:31:12:9d:49:22:56:73:89:bc:c8:dc:b4:
fd:1d:f6:f7:17:f6:da:a5:ea:73:a2:ab:09:46:50:
40:22:15:46:2e:68:73:5a:a9:74:6f:88:16:a0:c0:
57:c4:29:42:4a:d5:02:dd:b1:5b:a1:27:98:6d:d1:
43:62:13:66:6f:8a:77:cb:bb:3c:c1:0b:6c:78:70:
fb:ac:19:9d:82:b4:18:88:09:76:fa:57:05:ac:0a:
ba:70:71:57:38:f0:09:c9:8b:63:a1:19:34:00:44:
fd:4b:94:6f:fa:e5:0c:6c:9d:36:76:3f:82:94:c3:
3e:b7:31:bb:1d:33:36:e5:96:e2:77:33:7e:5b:5c:
d2:e6:21:ab:9e:23:1a:15:e9:8a:e1:5f:6b:f0:ff:
53:a9:05:fd:ec:f6:f6:45:bb:35:ee:d3:2f:71:2f:
03:32:ec:93:8b:62:60:5e:da:fe:c7:ee:d0:18:8f:
d7:40:af:57:1c:96:58:8d:55:a4:16:fd:e1:ca:e5:
a5:f2:21:94:53:a1:5e:42:cc:94:34:73:db:45:1f:
7c:94:98:24:74:ff:1b:92:78:1c:d4:ea:2a:5c:e8:
6a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A7:DA:E3:8D:33:BB:2F:7D:D4:D7:3A:A6:F4:9C:0B:15:68:3D:A7
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/mKfa440zuy991Nc6pvScCxVoPac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:40:94:c5:05:3a:7f:12:5a:76:69:0d:87:9c:66:4c:d3:54:
de:93:b0:20:41:11:7f:b1:ad:44:01:c0:e2:0f:4a:4c:70:e3:
73:59:62:ec:c6:21:a6:c9:d8:88:9d:0b:5d:f1:c7:08:af:08:
3e:a9:cf:ef:57:5a:f8:72:49:21:df:f8:7f:a8:97:ce:a2:eb:
32:02:a4:69:5a:86:d2:bc:04:37:df:83:64:20:6f:ae:e3:b9:
d4:40:48:5e:27:95:13:17:6c:cd:3e:49:04:51:6b:1d:53:eb:
a3:81:3b:3e:64:90:2a:68:cf:bd:98:a9:4e:f0:00:dd:9a:6f:
d2:39:0e:f2:37:2f:80:3f:7e:ff:04:90:69:8b:fc:c7:43:93:
8f:f7:1e:5e:7a:50:57:e6:34:f7:6c:50:87:1a:fc:1e:16:8d:
45:29:43:da:70:67:24:db:3c:03:8b:a2:9b:0b:3a:9e:9a:cc:
de:9f:09:44:10:22:3a:e0:c1:18:97:21:88:62:73:7f:45:11:
5a:39:76:14:51:bc:10:29:d5:0c:ae:fc:86:3f:fd:6f:e9:5c:
46:e3:72:8b:aa:34:3b:de:1e:60:e5:80:a2:c2:22:6f:f5:7c:
0f:e1:1a:a7:ac:93:84:2c:4c:67:d1:9c:2b:53:be:e9:26:5d:
77:73:5c:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNzUaJxOOPFo9nSMjnY/RhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQxMTI4MTUwOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE3ZGFlMzhkMzNiYjJmN2RkNGQ3M2FhNmY0OWMwYjE1NjgzZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutqhMaRL0fj/cSBuhz04NzPZaUCA
Sh0Q//v5TMOUUJYxEp1JIlZzibzI3LT9Hfb3F/bapepzoqsJRlBAIhVGLmhzWql0
b4gWoMBXxClCStUC3bFboSeYbdFDYhNmb4p3y7s8wQtseHD7rBmdgrQYiAl2+lcF
rAq6cHFXOPAJyYtjoRk0AET9S5Rv+uUMbJ02dj+ClMM+tzG7HTM25ZbidzN+W1zS
5iGrniMaFemK4V9r8P9TqQX97Pb2Rbs17tMvcS8DMuyTi2JgXtr+x+7QGI/XQK9X
HJZYjVWkFv3hyuWl8iGUU6FeQsyUNHPbRR98lJgkdP8bkngc1OoqXOhqVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJin2uONM7svfdTXOqb0nAsVaD2nMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvbUtmYTQ0MHp1eTk5MU5jNnB2U2NDeFZvUGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBK/uiMA0G
CSqGSIb3DQEBCwUAA4IBAQBLQJTFBTp/Elp2aQ2HnGZM01Tek7AgQRF/sa1EAcDi
D0pMcONzWWLsxiGmydiInQtd8ccIrwg+qc/vV1r4ckkh3/h/qJfOousyAqRpWobS
vAQ334NkIG+u47nUQEheJ5UTF2zNPkkEUWsdU+ujgTs+ZJAqaM+9mKlO8ADdmm/S
OQ7yNy+AP37/BJBpi/zHQ5OP9x5eelBX5jT3bFCHGvweFo1FKUPacGck2zwDi6Kb
CzqemszenwlEECI64MEYlyGIYnN/RRFaOXYUUbwQKdUMrvyGP/1v6VxG43KLqjQ7
3h5g5YCiwiJv9XwP4RqnrJOELExn0ZwrU77pJl13c1wa
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:32:08 2025 by rpki-client