Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/HaOpzJMZyGr1VwIN0yxcsvqMx_k.roa
File: HaOpzJMZyGr1VwIN0yxcsvqMx_k.roa (raw, json)
Hash identifier: FGjU24P26y4GfKNamGPK1MiLr1Hu7PhFhnVoCJb38j8=
Subject key identifier: 1D:A3:A9:CC:93:19:C8:6A:F5:57:02:0D:D3:2C:5C:B2:FA:8C:C7:F9
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01948CEB1F3F5C8FA1C63DC4734271DF4734
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/HaOpzJMZyGr1VwIN0yxcsvqMx_k.roa
Signing time: Wed 22 Jan 2025 07:30:06 +0000
ROA not before: Wed 22 Jan 2025 07:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7015
IP address blocks: 31.132.53.0/24 maxlen: 24
36.255.213.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
103.210.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8c:eb:1f:3f:5c:8f:a1:c6:3d:c4:73:42:71:df:47:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 22 07:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1da3a9cc9319c86af557020dd32c5cb2fa8cc7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d5:19:b6:0c:81:25:a8:b3:58:87:b0:f1:08:
e2:cd:e0:57:e1:95:1a:3e:26:4f:72:a6:e8:df:fb:
c2:83:16:2d:27:44:ef:2e:89:d1:23:63:4b:4f:ed:
94:a9:f1:45:26:b3:62:d1:d2:af:03:63:d4:57:82:
ff:38:63:85:08:11:9e:29:f4:70:01:4a:d0:c0:c7:
5e:ce:4f:3c:92:99:da:57:5c:9e:67:54:08:7d:cf:
2c:27:28:ba:dc:29:65:37:6d:b7:00:fd:66:fa:f6:
2f:00:2d:41:c9:3d:90:98:cb:5b:fd:dd:a0:78:6d:
7c:fd:c6:9c:19:c7:64:be:25:87:15:0a:62:40:f2:
25:3d:a9:c0:6c:11:18:9d:22:d6:3a:a7:c3:f4:17:
99:fd:33:58:9e:5b:86:fe:ff:92:cc:1d:75:00:ff:
b0:73:b9:77:3c:0b:a3:d8:66:d1:a4:19:a1:88:5e:
9f:76:75:fa:c5:73:71:f6:8a:ef:b0:26:f9:87:f2:
ee:ad:7d:72:f7:a4:3e:38:23:34:85:1f:e7:88:77:
bd:85:68:5e:7f:06:f6:cc:80:fd:cd:24:69:37:3c:
f4:10:4f:53:30:0f:56:94:01:b0:45:83:b9:1a:cf:
d2:80:77:36:42:65:1b:0b:1f:66:aa:db:c1:b3:df:
64:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A3:A9:CC:93:19:C8:6A:F5:57:02:0D:D3:2C:5C:B2:FA:8C:C7:F9
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/HaOpzJMZyGr1VwIN0yxcsvqMx_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.53.0/24
36.255.213.0/24
103.130.178.0/24
103.210.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:74:94:a5:31:28:c3:28:d4:b2:3f:42:f5:1e:10:d8:a5:c7:
2c:c9:02:4f:b7:54:49:41:36:9e:40:45:09:35:5b:11:3f:fd:
e7:c9:c3:11:10:86:b9:15:dc:5b:a5:96:00:86:4e:6c:e9:b9:
eb:6f:e9:9a:ea:7c:9e:c0:fa:a9:78:27:b2:ab:b5:00:ab:91:
89:41:fe:a6:41:9e:5d:c4:87:77:a4:36:4c:aa:33:49:3b:e6:
a4:4d:ae:71:6b:a8:44:69:d2:3f:b0:7d:5d:70:dd:da:0b:30:
21:ad:14:63:a8:99:62:46:6f:de:bb:7f:04:8d:15:b3:8f:10:
9b:34:ba:ea:da:4b:ea:dd:d7:b1:34:f4:7e:68:fc:f3:db:70:
9a:27:e5:18:f3:9f:49:75:2b:9f:2b:10:70:77:0a:0d:f9:b0:
95:11:21:91:64:63:38:66:ac:59:cb:5c:ce:9f:cc:d4:86:31:
f7:ca:fe:80:d7:38:6f:9c:3a:ad:06:6d:e5:4b:c1:88:b3:c2:
11:9e:04:16:6f:6d:3a:8d:07:f0:4e:dd:ab:4c:b7:e5:f4:f7:
62:cd:71:94:06:0d:eb:d2:66:da:10:d9:12:d0:1d:09:82:56:
9e:3a:14:4a:e4:14:b7:f9:b8:51:b9:ed:d4:0c:df:ad:b9:28:
8d:2a:30:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSM6x8/XI+hxj3Ec0Jx30c0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTIyMDczMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEzYTljYzkzMTljODZhZjU1NzAyMGRkMzJjNWNiMmZhOGNjN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NUZtgyBJaizWIew8QjizeBX4ZUa
PiZPcqbo3/vCgxYtJ0TvLonRI2NLT+2UqfFFJrNi0dKvA2PUV4L/OGOFCBGeKfRw
AUrQwMdezk88kpnaV1yeZ1QIfc8sJyi63CllN223AP1m+vYvAC1ByT2QmMtb/d2g
eG18/cacGcdkviWHFQpiQPIlPanAbBEYnSLWOqfD9BeZ/TNYnluG/v+SzB11AP+w
c7l3PAuj2GbRpBmhiF6fdnX6xXNx9orvsCb5h/LurX1y96Q+OCM0hR/niHe9hWhe
fwb2zID9zSRpNzz0EE9TMA9WlAGwRYO5Gs/SgHc2QmUbCx9mqtvBs99k8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB2jqcyTGchq9VcCDdMsXLL6jMf5MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSGFPcHpKTVp5R3IxVndJTjB5eGNzdnFNeF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH4Q1AwQA
JP/VAwQAZ4KyAwQAZ9IMMA0GCSqGSIb3DQEBCwUAA4IBAQBLdJSlMSjDKNSyP0L1
HhDYpccsyQJPt1RJQTaeQEUJNVsRP/3nycMREIa5FdxbpZYAhk5s6bnrb+ma6nye
wPqpeCeyq7UAq5GJQf6mQZ5dxId3pDZMqjNJO+akTa5xa6hEadI/sH1dcN3aCzAh
rRRjqJliRm/eu38EjRWzjxCbNLrq2kvq3dexNPR+aPzz23CaJ+UY859JdSufKxBw
dwoN+bCVESGRZGM4ZqxZy1zOn8zUhjH3yv6A1zhvnDqtBm3lS8GIs8IRngQWb206
jQfwTt2rTLfl9PdizXGUBg3r0mbaENkS0B0JglaeOhRK5BS3+bhRue3UDN+tuSiN
KjD3
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:40:26 2025 by rpki-client