Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/K7f8bb7shpTcoKMUV0n08jHWJv0.roa
File: K7f8bb7shpTcoKMUV0n08jHWJv0.roa (raw, json)
Hash identifier: ZGm5MKLK6eGIehs3w6abSngznGOPhqInC5ogQPbmzuE=
Subject key identifier: 2B:B7:FC:6D:BE:EC:86:94:DC:A0:A3:14:57:49:F4:F2:31:D6:26:FD
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01955FF60BB0DC8DA9071A3509C8D2FBC14E
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/K7f8bb7shpTcoKMUV0n08jHWJv0.roa
Signing time: Tue 04 Mar 2025 07:01:55 +0000
ROA not before: Tue 04 Mar 2025 07:01:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.61.0/24 maxlen: 24
14.102.62.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5f:f6:0b:b0:dc:8d:a9:07:1a:35:09:c8:d2:fb:c1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 4 07:01:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bb7fc6dbeec8694dca0a3145749f4f231d626fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:df:6e:05:9a:43:74:c6:39:2b:69:6e:c2:85:
4a:7a:48:3a:93:c0:ee:2a:6d:df:49:15:57:6f:cb:
2e:4f:b0:84:74:4b:50:53:77:01:9a:b2:1e:49:81:
7f:ad:39:4b:ce:90:b7:ba:01:6e:4c:62:0f:e1:7d:
06:b6:f3:4c:27:1c:be:d7:87:96:f7:46:5e:a6:d1:
70:44:2b:36:43:47:ab:a8:bf:7d:4d:41:8d:a9:1a:
d4:eb:fe:0e:e2:f6:d6:77:1b:d3:fd:e5:bc:73:44:
7e:2d:fd:03:06:a4:54:2f:bc:5a:85:72:4e:8b:b5:
a2:23:51:3c:20:c6:4f:36:60:56:6e:13:1d:fd:8b:
6f:ee:83:ec:2c:28:e7:46:bf:65:06:82:54:69:6c:
23:ec:4e:b1:51:82:26:f7:b8:93:74:88:43:94:3f:
5e:dc:8c:71:e1:99:63:30:f8:fa:42:5f:77:90:9f:
03:34:e1:47:96:92:f5:2f:8d:ca:89:8c:d6:22:1a:
db:f9:30:5f:47:d3:51:cb:01:4a:dc:66:77:e4:75:
ce:15:e5:2c:bc:c5:4a:df:16:34:ee:df:dc:a2:28:
65:0a:53:d8:cb:fc:aa:a5:f4:0f:d6:89:f0:03:62:
a7:41:3b:a1:43:ff:eb:d4:c5:35:01:ee:cd:93:0a:
39:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B7:FC:6D:BE:EC:86:94:DC:A0:A3:14:57:49:F4:F2:31:D6:26:FD
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/K7f8bb7shpTcoKMUV0n08jHWJv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.61.0-14.102.62.255
14.102.84.0/24
14.102.86.0/24
62.169.128.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
170.62.238.0/24
192.253.209.0/24
192.253.211.0/24
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
203.188.182.0-203.188.191.255
212.32.48.0/22
212.32.70.0/23
212.32.73.0/24
212.32.76.0/22
212.56.52.0/22
213.254.163.0/24
213.254.172.0/23
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:f1:e5:4c:bf:3b:3c:29:15:d7:d5:06:39:f2:03:62:5c:0f:
0d:cb:66:8e:5c:e4:7c:43:31:14:f6:1e:86:f9:2b:ab:d5:1c:
05:b0:2d:8e:17:ba:d1:76:34:f8:7b:5d:ee:42:a2:f6:45:4c:
71:cc:3a:49:f6:2d:00:b8:03:c7:9f:b9:84:51:7e:da:6d:a0:
0f:e5:1a:bf:3f:47:41:e5:2e:5c:e5:29:a5:28:ff:d3:fb:11:
56:e1:4f:76:9f:4d:66:07:d4:88:d8:a3:fd:e6:71:de:ec:8c:
4d:29:79:1d:f5:29:54:db:15:85:45:6c:7d:8a:83:af:0c:08:
c8:51:79:32:9d:0c:57:12:31:9f:20:31:7a:01:19:73:f9:b4:
ee:7c:60:8c:02:cf:38:cf:15:e3:eb:69:3d:40:4a:3f:44:0d:
08:1f:ff:0b:13:16:97:e2:d9:6e:b8:1f:c3:59:64:98:e3:d3:
da:8b:c2:0f:79:99:fc:3e:65:32:85:02:5c:8f:39:1d:8f:62:
11:85:96:5b:a2:d6:7a:b0:03:ac:d6:74:a1:db:6e:1a:f5:38:
3e:da:f7:a0:78:25:8c:cb:5d:87:a1:47:08:2a:4f:d4:d5:ee:
57:70:a7:46:69:16:b9:47:a1:d9:ed:b1:98:ac:b5:fd:75:14:
45:b4:58:b1
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZVf9guw3I2pBxo1CcjS+8FOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzA0MDcwMTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmI3ZmM2ZGJlZWM4Njk0ZGNhMGEzMTQ1NzQ5ZjRmMjMxZDYyNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t9uBZpDdMY5K2luwoVKekg6k8Du
Km3fSRVXb8suT7CEdEtQU3cBmrIeSYF/rTlLzpC3ugFuTGIP4X0GtvNMJxy+14eW
90ZeptFwRCs2Q0erqL99TUGNqRrU6/4O4vbWdxvT/eW8c0R+Lf0DBqRUL7xahXJO
i7WiI1E8IMZPNmBWbhMd/Ytv7oPsLCjnRr9lBoJUaWwj7E6xUYIm97iTdIhDlD9e
3Ixx4ZljMPj6Ql93kJ8DNOFHlpL1L43KiYzWIhrb+TBfR9NRywFK3GZ35HXOFeUs
vMVK3xY07t/coihlClPYy/yqpfQP1onwA2KnQTuhQ//r1MU1Ae7Nkwo5FwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFCu3/G2+7IaU3KCjFFdJ9PIx1ib9MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSzdmOGJiN3NocFRjb0tNVVYwbjA4akhXSnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwwDAME
AA5mPQMEAA5mPgMEAA5mVAMEAA5mVgMEAD6pgAMEAGc9xAMEAGeKTgMEAKegHAME
AKo+7gMEAMD90QMEAMD90wMEAMY3HwMEAMu8pjAMAwQBy7yuAwQAy7y0MAwDBAHL
vLYDBAbLvIADBALUIDADBAHUIEYDBADUIEkDBALUIEwDBALUODQDBADV/qMDBAHV
/qwDBADV/q8wDQYJKoZIhvcNAQELBQADggEBAKzx5Uy/OzwpFdfVBjnyA2JcDw3L
Zo5c5HxDMRT2Hob5K6vVHAWwLY4XutF2NPh7Xe5CovZFTHHMOkn2LQC4A8efuYRR
ftptoA/lGr8/R0HlLlzlKaUo/9P7EVbhT3afTWYH1IjYo/3mcd7sjE0peR31KVTb
FYVFbH2Kg68MCMhReTKdDFcSMZ8gMXoBGXP5tO58YIwCzzjPFePraT1ASj9EDQgf
/wsTFpfi2W64H8NZZJjj09qLwg95mfw+ZTKFAlyPOR2PYhGFllui1nqwA6zWdKHb
bhr1OD7a96B4JYzLXYehRwgqT9TV7ldwp0ZpFrlHodntsZistf11FEW0WLE=
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:45:15 2025 by rpki-client