Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-7kbwsm5LdtmQsHD68f_9QyqgzQ.roa
File: 1-7kbwsm5LdtmQsHD68f_9QyqgzQ.roa (raw, json)
Hash identifier: IllrMNiEzlQM6gHCcDU8IAFJHdoiItoRJX3fCjTBsao=
Subject key identifier: FB:B9:1B:C2:C9:B9:2D:DB:66:42:C1:C3:EB:C7:FF:F5:0C:AA:83:34
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0195D4F65B7F2F63676651DF1BDCE6A6A7FC
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-7kbwsm5LdtmQsHD68f_9QyqgzQ.roa
Signing time: Thu 27 Mar 2025 00:17:49 +0000
ROA not before: Thu 27 Mar 2025 00:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211252
IP address blocks: 103.20.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d4:f6:5b:7f:2f:63:67:66:51:df:1b:dc:e6:a6:a7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 27 00:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbb91bc2c9b92ddb6642c1c3ebc7fff50caa8334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:99:55:50:24:35:0f:f6:c0:ff:3d:24:d4:a3:
54:bc:f4:2a:fb:9b:ae:14:85:00:95:05:28:44:0a:
22:e8:46:7d:e6:b5:6e:31:9c:c2:99:8d:5d:e7:2c:
a0:ba:5a:f6:f4:74:dd:c5:11:e5:1c:80:2e:1f:48:
08:24:aa:c2:7c:9b:06:3a:68:fa:51:ea:34:3c:2f:
41:23:58:7d:3a:31:9f:ae:ac:0b:4d:84:88:bc:ac:
95:e6:33:77:e9:43:24:31:0e:44:7e:64:13:d5:b1:
41:c5:fd:75:99:54:77:f2:46:df:dc:a0:f3:14:1f:
17:44:d4:02:94:b5:62:fa:61:ed:35:b4:01:24:64:
06:0d:21:04:38:d9:28:4c:c8:e5:34:7a:55:08:24:
0b:a0:f0:a5:5f:64:29:f8:d8:5d:1f:c3:ed:2e:bd:
d7:39:1c:bc:ff:80:98:c6:7d:0b:46:63:4e:2c:ad:
fb:42:25:97:86:57:4c:dd:a0:c7:cb:21:6d:a1:48:
83:00:25:5e:e8:83:5d:38:dd:17:61:08:1c:38:0c:
01:c3:40:25:30:f9:f3:e0:e3:92:35:a0:a5:f2:4f:
da:d7:1e:9d:8a:6e:de:fc:04:89:ca:8f:ab:ac:31:
a9:41:88:62:a3:6d:df:5e:1f:a9:56:ab:03:39:71:
3c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B9:1B:C2:C9:B9:2D:DB:66:42:C1:C3:EB:C7:FF:F5:0C:AA:83:34
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1-7kbwsm5LdtmQsHD68f_9QyqgzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.20.36.0/22
Signature Algorithm: sha256WithRSAEncryption
96:5f:0a:60:95:a1:02:d8:d3:87:ea:21:1b:b4:44:bc:69:c1:
3b:19:f0:da:28:59:74:e9:01:ed:2b:be:8c:73:24:17:0f:96:
ee:df:be:e0:1c:b9:89:10:21:b2:ee:d5:b0:03:3f:2d:c9:96:
23:d2:1c:ce:5a:bd:3e:47:4a:5d:76:82:89:34:a5:e8:ed:ed:
95:5a:58:3d:f3:df:91:f7:c4:57:18:45:0f:e9:8c:93:90:a4:
fe:77:a8:f8:81:00:5d:43:04:f4:d4:be:f9:33:1b:64:b7:37:
a0:9a:5f:6a:0e:ce:2e:ad:1c:b8:64:fb:ec:7f:35:4d:0c:f0:
7b:c0:63:08:dd:4d:b5:26:05:b0:41:f8:68:e8:0f:52:5c:2d:
5a:4e:2e:d0:b8:d8:b2:56:0e:9e:dc:c8:eb:49:cd:3f:8a:b5:
c6:c7:ff:99:e1:2d:5b:73:88:24:b3:d9:95:f9:41:41:ed:30:
16:bf:a9:30:d9:a5:f8:f6:d1:b7:3f:4d:09:f7:52:44:21:ea:
00:37:3a:2d:df:5f:40:da:c1:f8:0a:97:eb:eb:1e:77:26:ef:
a5:9c:ba:36:1c:22:a0:58:97:49:78:8b:a4:e1:33:92:6d:1a:
e9:a4:6e:63:bc:7e:b7:5c:19:6b:a4:03:01:91:27:d9:98:f7:
5a:f6:2c:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXU9lt/L2NnZlHfG9zmpqf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMzI3MDAxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmI5MWJjMmM5YjkyZGRiNjY0MmMxYzNlYmM3ZmZmNTBjYWE4MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJlVUCQ1D/bA/z0k1KNUvPQq+5uu
FIUAlQUoRAoi6EZ95rVuMZzCmY1d5yygulr29HTdxRHlHIAuH0gIJKrCfJsGOmj6
Ueo0PC9BI1h9OjGfrqwLTYSIvKyV5jN36UMkMQ5EfmQT1bFBxf11mVR38kbf3KDz
FB8XRNQClLVi+mHtNbQBJGQGDSEEONkoTMjlNHpVCCQLoPClX2Qp+NhdH8PtLr3X
ORy8/4CYxn0LRmNOLK37QiWXhldM3aDHyyFtoUiDACVe6INdON0XYQgcOAwBw0Al
MPnz4OOSNaCl8k/a1x6dim7e/ASJyo+rrDGpQYhio23fXh+pVqsDOXE8EwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPu5G8LJuS3bZkLBw+vH//UMqoM0MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMS03a2J3c201TGR0bVFzSEQ2OGZfOVF5cWd6US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1
Ni8xL0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcUJDAN
BgkqhkiG9w0BAQsFAAOCAQEAll8KYJWhAtjTh+ohG7REvGnBOxnw2ihZdOkB7Su+
jHMkFw+W7t++4By5iRAhsu7VsAM/LcmWI9Iczlq9PkdKXXaCiTSl6O3tlVpYPfPf
kffEVxhFD+mMk5Ck/neo+IEAXUME9NS++TMbZLc3oJpfag7OLq0cuGT77H81TQzw
e8BjCN1NtSYFsEH4aOgPUlwtWk4u0LjYslYOntzI60nNP4q1xsf/meEtW3OIJLPZ
lflBQe0wFr+pMNml+PbRtz9NCfdSRCHqADc6Ld9fQNrB+AqX6+sedybvpZy6Nhwi
oFiXSXiLpOEzkm0a6aRuY7x+t1wZa6QDAZEn2Zj3WvYsHQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:56:27 2025 by rpki-client