Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/1-20wmgBIK0bK66W3UPaZXM6qnq0.roa
File: 1-20wmgBIK0bK66W3UPaZXM6qnq0.roa (raw, json)
Hash identifier: 0drcEYLIiubjWIzqFcZQfAN1iQlClFqovpVRGgzGpUY=
Subject key identifier: FB:6D:30:9A:00:48:2B:46:CA:EB:A5:B7:50:F6:99:5C:CE:AA:9E:AD
Certificate issuer: /CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Certificate serial: 018CC2DB11B8E018DD4F6DC81B0EB5ADB00C
Authority key identifier: 5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/1-20wmgBIK0bK66W3UPaZXM6qnq0.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12886
IP address blocks: 170.81.52.0/22 maxlen: 22
62.204.160.0/19 maxlen: 19
212.118.192.0/19 maxlen: 19
103.21.236.0/22 maxlen: 22
103.192.160.0/22 maxlen: 22
170.84.228.0/22 maxlen: 22
128.65.144.0/21 maxlen: 21
185.88.92.0/22 maxlen: 22
103.234.232.0/22 maxlen: 22
94.101.120.0/22 maxlen: 22
193.23.64.0/19 maxlen: 19
103.51.228.0/22 maxlen: 22
103.76.96.0/22 maxlen: 22
2a02:f90::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:11:b8:e0:18:dd:4f:6d:c8:1b:0e:b5:ad:b0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb6d309a00482b46caeba5b750f6995cceaa9ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8d:25:e9:e2:99:8d:91:fe:54:37:5d:39:56:
03:20:7e:88:6b:fc:ae:94:f2:f0:36:36:ef:ab:e2:
69:55:ad:3a:6d:4a:45:b5:f2:a1:37:a8:b6:2a:0b:
75:87:1e:9e:f9:57:04:8e:8e:2b:94:f8:63:69:19:
2d:32:6e:20:61:50:7a:86:53:74:d4:c8:89:91:ba:
aa:86:ab:8e:07:2f:70:34:e6:a5:43:69:6b:df:99:
18:71:24:b3:4a:0f:a8:f4:41:7b:1f:a6:9c:f5:b2:
cd:94:30:6b:5f:80:7a:20:85:f3:f7:89:62:ca:93:
e6:4a:7f:1d:02:0e:13:dd:38:8d:81:c4:0e:d6:ff:
cb:58:7e:a3:30:66:0b:75:de:43:04:15:12:51:a3:
e8:90:63:2e:a0:15:7e:79:2d:f8:bf:78:a0:34:8d:
db:9a:a9:2a:80:9d:af:ff:b9:89:1d:34:0c:1e:4b:
04:0a:cd:9b:bc:0d:86:d0:cd:57:c7:5e:13:12:33:
1b:8a:06:17:7d:6b:e4:fa:d3:c7:3a:72:5a:ff:a5:
bc:e6:d6:31:8b:ae:e8:42:79:35:8c:63:ce:bf:e4:
8d:9c:ca:e2:6a:e0:0b:6b:b7:2f:1b:5d:06:80:04:
49:cf:6b:9c:16:30:9d:d5:00:ec:d0:95:3f:cb:86:
f3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6D:30:9A:00:48:2B:46:CA:EB:A5:B7:50:F6:99:5C:CE:AA:9E:AD
X509v3 Authority Key Identifier:
keyid:5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/1-20wmgBIK0bK66W3UPaZXM6qnq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.160.0/19
94.101.120.0/22
103.21.236.0/22
103.51.228.0/22
103.76.96.0/22
103.192.160.0/22
103.234.232.0/22
128.65.144.0/21
170.81.52.0/22
170.84.228.0/22
185.88.92.0/22
193.23.64.0/19
212.118.192.0/19
IPv6:
2a02:f90::/32
Signature Algorithm: sha256WithRSAEncryption
47:57:0f:fc:f5:0d:0d:b1:0b:80:aa:d9:fa:2a:cf:42:af:ee:
b8:6b:d7:9f:a3:65:52:81:d3:4d:17:a5:02:f9:92:03:09:71:
2d:fd:56:a6:f5:35:a9:66:eb:db:58:8f:1f:8b:35:07:f2:38:
cb:67:44:06:36:18:d6:66:cd:8b:30:b4:be:d0:d8:60:5e:ea:
4d:bd:73:3e:ed:9c:3b:b5:a3:b8:4b:b1:16:71:27:df:ee:6d:
03:fe:de:48:b2:70:c0:dd:ac:5e:25:4e:e2:cd:be:e9:16:98:
b5:6a:8d:de:83:1c:78:f7:1f:2b:4c:31:ca:80:2f:2f:02:e9:
b6:68:47:6e:e7:38:11:9a:e9:12:9f:a2:1a:f1:72:24:77:b5:
60:40:35:40:3a:cb:c3:e2:7d:4c:89:ea:cf:f3:27:ec:5c:cb:
b2:17:65:4e:59:58:9c:d5:de:01:2c:3a:cc:5d:65:1b:8c:39:
4a:40:c7:5e:1c:8b:87:f6:3d:ce:91:e2:ae:e5:fa:23:b6:1e:
07:80:30:b0:67:71:29:8d:6a:97:c2:c6:48:d4:f4:56:54:d3:
cc:eb:c7:43:93:14:d9:3f:b1:82:4a:e4:c5:b7:b1:7d:76:83:
42:f6:81:f0:f8:58:51:3a:e7:97:99:78:9d:4b:73:53:f6:f0:
91:ff:1b:5c
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzC2xG44BjdT23IGw61rbAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNjExMDJlZDRkNjZkY2Q5NTJkZTAxMzA0ZTBhZmUxMzg0
ZDAwYmYwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZkMzA5YTAwNDgyYjQ2Y2FlYmE1Yjc1MGY2OTk1Y2NlYWE5ZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI0l6eKZjZH+VDddOVYDIH6Ia/yu
lPLwNjbvq+JpVa06bUpFtfKhN6i2Kgt1hx6e+VcEjo4rlPhjaRktMm4gYVB6hlN0
1MiJkbqqhquOBy9wNOalQ2lr35kYcSSzSg+o9EF7H6ac9bLNlDBrX4B6IIXz94li
ypPmSn8dAg4T3TiNgcQO1v/LWH6jMGYLdd5DBBUSUaPokGMuoBV+eS34v3igNI3b
mqkqgJ2v/7mJHTQMHksECs2bvA2G0M1Xx14TEjMbigYXfWvk+tPHOnJa/6W85tYx
i67oQnk1jGPOv+SNnMriauALa7cvG10GgARJz2ucFjCd1QDs0JU/y4bzfQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPttMJoASCtGyuult1D2mVzOqp6tMB8GA1UdIwQY
MBaAFFphEC7U1m3NlS3gEwTgr+E4TQC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV21FUUx0VFdiYzJWTGVBVEJPQ3Y0VGhOQUw4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85NWU3OGEtNTdlNy00YTU4LTkzMTYt
Mjg4YmQ2YjllMDkyLzEvMS0yMHdtZ0JJSzBiSzY2VzNVUGFaWE02cW5xMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDIvOTVlNzhhLTU3ZTctNGE1OC05MzE2LTI4OGJkNmI5ZTA5
Mi8xL1dtRVFMdFRXYmMyVkxlQVRCT0N2NFRoTkFMOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB2BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEBT7MoAME
Al5leAMEAmcV7AMEAmcz5AMEAmdMYAMEAmfAoAMEAmfq6AMEA4BBkAMEAqpRNAME
AqpU5AMEArlYXAMEBcEXQAMEBdR2wDANBAIAAjAHAwUAKgIPkDANBgkqhkiG9w0B
AQsFAAOCAQEAR1cP/PUNDbELgKrZ+irPQq/uuGvXn6NlUoHTTRelAvmSAwlxLf1W
pvU1qWbr21iPH4s1B/I4y2dEBjYY1mbNizC0vtDYYF7qTb1zPu2cO7WjuEuxFnEn
3+5tA/7eSLJwwN2sXiVO4s2+6RaYtWqN3oMcePcfK0wxyoAvLwLptmhHbuc4EZrp
Ep+iGvFyJHe1YEA1QDrLw+J9TInqz/Mn7FzLshdlTllYnNXeASw6zF1lG4w5SkDH
XhyLh/Y9zpHiruX6I7YeB4AwsGdxKY1ql8LGSNT0VlTTzOvHQ5MU2T+xgkrkxbex
fXaDQvaB8PhYUTrnl5l4nUtzU/bwkf8bXA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 17:44:20 2025 by rpki-client