Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/HABzsmEXoTX-9F80tlefBrIojpE.roa
File: HABzsmEXoTX-9F80tlefBrIojpE.roa (raw, json)
Hash identifier: 52kUggTy9NYk2U3Bjz9hs7uyoLjfvw/NlnF/Z95I8C4=
Subject key identifier: 1C:00:73:B2:61:17:A1:35:FE:F4:5F:34:B6:57:9F:06:B2:28:8E:91
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 01942067E5FC65458414B5F44DB94C7E516B
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/HABzsmEXoTX-9F80tlefBrIojpE.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 103.53.82.0/24 maxlen: 24
103.53.83.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e5:fc:65:45:84:14:b5:f4:4d:b9:4c:7e:51:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c0073b26117a135fef45f34b6579f06b2288e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:85:76:28:32:48:59:32:78:53:d2:f0:65:1c:
28:39:24:73:09:6f:80:b2:e9:f9:d8:ab:28:47:99:
66:e6:25:b5:96:8d:4d:9b:27:1e:73:92:8e:fa:14:
43:50:2b:45:9d:32:bd:0c:40:e3:7d:d2:c1:93:83:
2b:b8:33:10:e7:a3:9d:5a:ea:10:70:e7:de:99:e8:
61:15:82:cf:df:f7:2d:0a:12:8c:fe:33:88:c5:89:
31:45:ca:69:54:f4:04:0d:f8:74:8d:23:af:44:33:
f2:3d:52:a8:a0:66:c1:e8:fd:62:e8:30:8c:aa:0e:
e5:6c:f6:be:76:84:85:c5:c4:27:bc:a2:92:cd:1e:
6c:7b:29:00:a7:db:67:c5:28:fc:68:eb:41:aa:68:
01:a3:e3:79:ac:82:e9:e1:9a:42:f4:56:73:ed:63:
18:23:b8:67:f9:6f:64:15:b1:ce:07:44:09:d7:ca:
1a:b9:6e:00:63:81:74:60:9d:c6:b9:be:8d:51:69:
32:93:44:e6:e1:f8:c3:18:1d:06:96:0b:04:3b:7d:
f3:69:58:bd:9b:38:74:fc:70:87:e7:4a:b1:ca:44:
60:ea:c0:2f:52:e0:d0:d3:03:a2:07:c2:cc:dc:15:
c5:7b:d3:0c:85:6f:0d:55:d8:75:0f:7c:68:57:24:
31:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:00:73:B2:61:17:A1:35:FE:F4:5F:34:B6:57:9F:06:B2:28:8E:91
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/HABzsmEXoTX-9F80tlefBrIojpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.53.82.0/23
Signature Algorithm: sha256WithRSAEncryption
03:e8:dd:86:a5:d0:83:3d:c3:57:c6:2b:b7:b1:cb:71:2c:ce:
02:4a:c4:c0:cb:1f:50:13:5a:7e:eb:0b:0c:66:5f:61:71:fc:
bf:f6:bf:d6:1c:72:ae:89:09:f1:16:df:f7:73:23:f5:08:d0:
a6:c3:4b:8f:8a:a1:5e:57:1b:76:9b:bb:7e:35:5e:82:a6:2b:
e2:cc:7e:4f:5e:ae:77:89:65:30:92:80:b0:3d:51:ed:a5:5c:
5c:85:d8:b1:3e:d6:0e:08:9f:22:25:f1:e9:fe:18:b5:ff:a3:
60:6b:d3:f3:69:15:1a:14:9d:93:7b:cd:ff:80:01:ab:bb:9d:
91:fb:38:91:d1:2f:81:01:38:c7:52:81:6f:7e:4d:40:cf:68:
2c:ee:64:16:91:4f:a5:e9:16:95:6f:17:0d:3b:01:08:02:0f:
0a:49:27:fb:56:7a:58:6e:ef:ca:79:8f:ab:4e:92:ca:2e:fc:
dc:03:18:a4:6a:15:c8:c0:b7:aa:e4:9f:51:96:09:be:e6:eb:
4c:77:24:67:fe:56:b4:51:78:c9:a8:b8:6e:78:b3:a3:41:9a:
fa:70:42:54:cb:91:82:4d:e3:a1:3e:32:35:36:35:ef:6d:f9:
71:14:aa:57:66:1d:89:89:21:b3:24:b0:54:46:6c:39:72:7d:
91:1e:b3:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+X8ZUWEFLX0TblMflFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAwNzNiMjYxMTdhMTM1ZmVmNDVmMzRiNjU3OWYwNmIyMjg4ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4V2KDJIWTJ4U9LwZRwoOSRzCW+A
sun52KsoR5lm5iW1lo1Nmycec5KO+hRDUCtFnTK9DEDjfdLBk4MruDMQ56OdWuoQ
cOfemehhFYLP3/ctChKM/jOIxYkxRcppVPQEDfh0jSOvRDPyPVKooGbB6P1i6DCM
qg7lbPa+doSFxcQnvKKSzR5seykAp9tnxSj8aOtBqmgBo+N5rILp4ZpC9FZz7WMY
I7hn+W9kFbHOB0QJ18oauW4AY4F0YJ3Gub6NUWkyk0Tm4fjDGB0GlgsEO33zaVi9
mzh0/HCH50qxykRg6sAvUuDQ0wOiB8LM3BXFe9MMhW8NVdh1D3xoVyQxBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwAc7JhF6E1/vRfNLZXnwayKI6RMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvSEFCenNtRVhvVFgtOUY4MHRsZWZCcklvanBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZzVSMA0G
CSqGSIb3DQEBCwUAA4IBAQAD6N2GpdCDPcNXxiu3sctxLM4CSsTAyx9QE1p+6wsM
Zl9hcfy/9r/WHHKuiQnxFt/3cyP1CNCmw0uPiqFeVxt2m7t+NV6CpivizH5PXq53
iWUwkoCwPVHtpVxchdixPtYOCJ8iJfHp/hi1/6Nga9PzaRUaFJ2Te83/gAGru52R
+ziR0S+BATjHUoFvfk1Az2gs7mQWkU+l6RaVbxcNOwEIAg8KSSf7VnpYbu/KeY+r
TpLKLvzcAxikahXIwLeq5J9Rlgm+5utMdyRn/la0UXjJqLhueLOjQZr6cEJUy5GC
TeOhPjI1NjXvbflxFKpXZh2JiSGzJLBURmw5cn2RHrMN
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:41:34 2025 by rpki-client