Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/3Av1qKvXtMFx-_ftceLl4HC5jp8.roa
File: 3Av1qKvXtMFx-_ftceLl4HC5jp8.roa (raw, json)
Hash identifier: ttrYBO9JHFJh5zPM9cAVJplLR9oQojGCfKd3kfQr0F0=
Subject key identifier: DC:0B:F5:A8:AB:D7:B4:C1:71:FB:F7:ED:71:E2:E5:E0:70:B9:8E:9F
Certificate issuer: /CN=0abeafd556595e8840ca8ebd19bbd2ac591b4ca8
Certificate serial: 018570707AF684969366EC418C62BD854880
Authority key identifier: 0A:BE:AF:D5:56:59:5E:88:40:CA:8E:BD:19:BB:D2:AC:59:1B:4C:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cr6v1VZZXohAyo69GbvSrFkbTKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/3Av1qKvXtMFx-_ftceLl4HC5jp8.roa
Signing time: Mon 02 Jan 2023 03:04:57 +0000
ROA not before: Mon 02 Jan 2023 03:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57567
IP address blocks: 103.39.41.0/24 maxlen: 24
103.39.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:7a:f6:84:96:93:66:ec:41:8c:62:bd:85:48:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0abeafd556595e8840ca8ebd19bbd2ac591b4ca8
Validity
Not Before: Jan 2 03:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0bf5a8abd7b4c171fbf7ed71e2e5e070b98e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:23:2a:a4:3b:e4:f6:a0:38:42:54:04:0f:b5:
4e:58:2d:9c:27:1a:71:53:31:cd:1f:73:7f:24:1e:
03:c6:98:1a:f8:f0:d8:64:4a:61:58:64:1b:ef:26:
ce:0b:27:2c:4d:39:77:e5:ca:3a:df:3c:77:01:c8:
94:69:a2:8e:1f:57:fa:1c:38:64:ac:f2:95:79:2c:
f3:9c:2e:eb:71:2c:3e:8a:4f:47:9b:07:da:be:a8:
05:22:be:34:49:70:11:cf:af:87:fb:f0:c1:fc:c3:
02:8a:5b:fc:94:d9:4b:ea:88:ae:3d:17:af:8f:8b:
e1:0d:22:d7:7f:54:a9:df:03:6c:b3:a8:15:7b:18:
69:cd:da:25:27:7f:5e:8e:ea:66:7a:b5:97:8c:19:
1c:45:69:6e:ad:a6:9c:66:29:4b:ab:df:5b:82:1b:
a0:3e:fa:d3:ba:8c:89:71:27:2b:23:7a:c1:fb:a3:
8e:84:4c:b0:a4:e4:91:04:97:b0:e5:32:88:ba:a1:
24:59:2f:00:8d:9f:9a:cc:38:41:93:08:6e:3b:a4:
d0:40:2c:22:8a:ea:dd:85:0c:12:f8:04:63:06:64:
a9:e6:ba:36:e3:8b:d0:d2:74:39:1d:0f:d9:21:da:
10:7a:1b:41:7d:6d:0c:9a:6d:12:1f:bc:14:d5:ee:
17:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0B:F5:A8:AB:D7:B4:C1:71:FB:F7:ED:71:E2:E5:E0:70:B9:8E:9F
X509v3 Authority Key Identifier:
keyid:0A:BE:AF:D5:56:59:5E:88:40:CA:8E:BD:19:BB:D2:AC:59:1B:4C:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cr6v1VZZXohAyo69GbvSrFkbTKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/3Av1qKvXtMFx-_ftceLl4HC5jp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/921536-ee46-4e80-a51f-b667ec0d6d0f/1/Cr6v1VZZXohAyo69GbvSrFkbTKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.39.40.0/23
Signature Algorithm: sha256WithRSAEncryption
78:c7:21:d2:ff:98:8c:df:ed:48:08:3f:ff:a4:a8:96:d7:45:
45:14:15:e9:02:9f:98:bb:4f:d9:e4:d6:f7:cd:c3:dd:4f:02:
62:69:5c:5e:53:31:71:b5:71:a9:12:31:d4:1f:25:0d:5d:6b:
74:c3:a8:36:bb:45:f6:17:9f:f9:ba:43:ce:de:b8:e0:1b:fb:
a8:b5:6f:7f:7a:59:2b:ce:99:a2:14:ae:a4:54:4e:7f:f9:6d:
16:af:aa:df:92:f0:5c:80:7e:16:48:fa:10:5a:11:f8:a5:0e:
8a:a4:43:e6:63:05:7f:46:88:2f:eb:df:f5:98:72:8e:15:c5:
6f:4e:23:7e:34:eb:71:c4:c5:67:44:5b:42:1a:96:ce:f4:8e:
ff:97:4a:fc:e1:d0:53:f3:24:7d:72:9a:5a:17:7d:a5:a5:5f:
b3:b1:e4:f5:38:9e:d8:5b:d7:82:da:b1:d4:07:9e:5b:8c:da:
3e:95:5f:ff:15:b9:9c:bd:d9:44:48:b5:a4:75:c2:df:38:e5:
2e:1a:40:8b:30:02:c0:92:45:d6:69:d7:0d:2b:82:27:fa:1f:
22:d4:f4:4e:09:4f:13:ca:bb:aa:a1:19:db:7e:88:a7:1a:d6:
41:0e:d2:3c:19:a4:8c:84:53:dd:55:38:e3:f2:32:54:03:5d:
91:12:c0:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHr2hJaTZuxBjGK9hUiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYmVhZmQ1NTY1OTVlODg0MGNhOGViZDE5YmJkMmFjNTkx
YjRjYTgwHhcNMjMwMTAyMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBiZjVhOGFiZDdiNGMxNzFmYmY3ZWQ3MWUyZTVlMDcwYjk4ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSMqpDvk9qA4QlQED7VOWC2cJxpx
UzHNH3N/JB4Dxpga+PDYZEphWGQb7ybOCycsTTl35co63zx3AciUaaKOH1f6HDhk
rPKVeSzznC7rcSw+ik9HmwfavqgFIr40SXARz6+H+/DB/MMCilv8lNlL6oiuPRev
j4vhDSLXf1Sp3wNss6gVexhpzdolJ39ejupmerWXjBkcRWluraacZilLq99bghug
PvrTuoyJcScrI3rB+6OOhEywpOSRBJew5TKIuqEkWS8AjZ+azDhBkwhuO6TQQCwi
iurdhQwS+ARjBmSp5ro244vQ0nQ5HQ/ZIdoQehtBfW0Mmm0SH7wU1e4XSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwL9air17TBcfv37XHi5eBwuY6fMB8GA1UdIwQY
MBaAFAq+r9VWWV6IQMqOvRm70qxZG0yoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3I2djFWWlpYb2hBeW82OUdidlNyRmtiVEtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85MjE1MzYtZWU0Ni00ZTgwLWE1MWYt
YjY2N2VjMGQ2ZDBmLzEvM0F2MXFLdlh0TUZ4LV9mdGNlTGw0SEM1anA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85MjE1MzYtZWU0Ni00ZTgwLWE1MWYtYjY2N2VjMGQ2ZDBm
LzEvQ3I2djFWWlpYb2hBeW82OUdidlNyRmtiVEtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZycoMA0G
CSqGSIb3DQEBCwUAA4IBAQB4xyHS/5iM3+1ICD//pKiW10VFFBXpAp+Yu0/Z5Nb3
zcPdTwJiaVxeUzFxtXGpEjHUHyUNXWt0w6g2u0X2F5/5ukPO3rjgG/uotW9/elkr
zpmiFK6kVE5/+W0Wr6rfkvBcgH4WSPoQWhH4pQ6KpEPmYwV/Rogv69/1mHKOFcVv
TiN+NOtxxMVnRFtCGpbO9I7/l0r84dBT8yR9cppaF32lpV+zseT1OJ7YW9eC2rHU
B55bjNo+lV//FbmcvdlESLWkdcLfOOUuGkCLMALAkkXWadcNK4In+h8i1PROCU8T
yruqoRnbfoinGtZBDtI8GaSMhFPdVTjj8jJUA12REsD0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:11 2025 by rpki-client