Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/HcL7L-FYzprvgKENpSNFeeuIvGA.roa
File: HcL7L-FYzprvgKENpSNFeeuIvGA.roa (raw, json)
Hash identifier: HRd3in3TvuyiT4+S8Tm/boxHkVFAKt2cXmklVUN3eXc=
Subject key identifier: 1D:C2:FB:2F:E1:58:CE:9A:EF:80:A1:0D:A5:23:45:79:EB:88:BC:60
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0195402A35C685BE5FBDDE6FAE7F061E4B98
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/HcL7L-FYzprvgKENpSNFeeuIvGA.roa
Signing time: Wed 26 Feb 2025 02:51:02 +0000
ROA not before: Wed 26 Feb 2025 02:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396077
IP address blocks: 103.84.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:40:2a:35:c6:85:be:5f:bd:de:6f:ae:7f:06:1e:4b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 26 02:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dc2fb2fe158ce9aef80a10da5234579eb88bc60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:83:45:2e:70:0e:9d:5c:86:f3:20:69:ee:
24:b8:e3:6a:70:95:ef:f8:4d:56:52:36:f2:bc:99:
37:19:70:38:f5:a8:e3:9d:94:88:9e:b0:d3:4b:5c:
3d:89:06:ad:be:5f:87:0e:95:e9:33:1c:7d:67:28:
af:b8:b3:4a:84:d1:84:06:45:cc:87:99:ef:b1:03:
22:52:70:88:ea:fb:74:39:95:32:05:13:dd:60:d7:
47:52:84:3c:8e:a4:30:f2:3e:cf:44:a2:19:bc:de:
a9:94:20:22:a2:af:92:83:bc:f3:95:58:55:d9:0f:
bc:1a:61:e7:6f:d6:a0:97:57:55:8b:df:95:1b:3b:
9f:76:9f:c2:ee:ad:f8:04:fd:4d:5f:5e:35:ae:15:
80:40:6f:bd:e5:2f:41:50:f1:84:b4:0a:b4:f3:fa:
51:20:54:7a:c8:97:a6:83:a4:26:3e:1f:4d:50:a3:
a1:82:c6:df:73:2a:d3:ad:b0:c9:ee:bb:3d:03:48:
e8:89:ba:3e:e5:75:fc:16:94:a6:12:8f:2f:e4:14:
ef:b5:21:a3:22:f9:f6:fe:95:94:57:a7:3e:33:18:
e4:8e:0d:b4:b4:f8:80:c3:6c:8e:8a:fe:9f:1c:c3:
94:bd:8d:3a:36:81:40:98:01:9d:5b:7d:bf:ba:c6:
6c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C2:FB:2F:E1:58:CE:9A:EF:80:A1:0D:A5:23:45:79:EB:88:BC:60
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/HcL7L-FYzprvgKENpSNFeeuIvGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.84.212.0/24
Signature Algorithm: sha256WithRSAEncryption
38:90:24:84:7f:90:31:76:fd:bb:62:bc:95:3c:c0:73:62:e0:
61:8b:ce:b8:37:0d:38:e0:d4:69:2b:8c:96:a0:e0:51:eb:a7:
57:c6:9b:b6:89:a6:05:69:b1:4a:f6:11:20:a0:74:c3:1c:d9:
ee:e9:90:5a:a2:69:ce:00:c6:a9:10:f8:08:9b:17:09:27:71:
2f:d4:c9:9d:21:d3:ff:14:61:02:b0:f6:6f:c3:e6:0e:64:42:
15:f6:cf:d2:3c:19:3c:99:42:96:71:a6:46:2c:ed:cd:21:f2:
e3:da:4e:a7:f7:c5:1f:90:87:d2:25:44:e4:43:ec:fd:8d:fd:
5d:54:cc:ed:88:44:d6:21:21:b6:6a:19:6f:23:ab:56:b9:ac:
da:9e:71:d1:14:dc:47:3a:77:29:64:0a:46:d1:d5:91:59:48:
74:6a:3a:a3:95:7c:59:5a:11:80:76:41:64:f1:55:28:59:67:
1e:2f:79:b9:45:79:eb:d6:30:ef:76:30:87:b5:c8:5c:17:cb:
02:d4:7d:00:58:df:73:05:b0:37:86:9a:aa:17:7e:5a:c3:41:
4d:2e:00:f5:8f:17:95:01:ea:a6:ed:af:a6:b6:39:a2:6c:08:
13:96:a2:43:ef:4d:e4:bc:a0:f5:f2:31:4f:9d:71:6c:e9:d6:
8a:20:54:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVAKjXGhb5fvd5vrn8GHkuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMjI2MDI1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGMyZmIyZmUxNThjZTlhZWY4MGExMGRhNTIzNDU3OWViODhiYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOqDRS5wDp1chvMgae4kuONqcJXv
+E1WUjbyvJk3GXA49ajjnZSInrDTS1w9iQatvl+HDpXpMxx9ZyivuLNKhNGEBkXM
h5nvsQMiUnCI6vt0OZUyBRPdYNdHUoQ8jqQw8j7PRKIZvN6plCAioq+Sg7zzlVhV
2Q+8GmHnb9agl1dVi9+VGzufdp/C7q34BP1NX141rhWAQG+95S9BUPGEtAq08/pR
IFR6yJemg6QmPh9NUKOhgsbfcyrTrbDJ7rs9A0joibo+5XX8FpSmEo8v5BTvtSGj
Ivn2/pWUV6c+Mxjkjg20tPiAw2yOiv6fHMOUvY06NoFAmAGdW32/usZsCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3C+y/hWM6a74ChDaUjRXnriLxgMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvSGNMN0wtRll6cHJ2Z0tFTnBTTkZlZXVJdkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1TUMA0G
CSqGSIb3DQEBCwUAA4IBAQA4kCSEf5Axdv27YryVPMBzYuBhi864Nw044NRpK4yW
oOBR66dXxpu2iaYFabFK9hEgoHTDHNnu6ZBaomnOAMapEPgImxcJJ3Ev1MmdIdP/
FGECsPZvw+YOZEIV9s/SPBk8mUKWcaZGLO3NIfLj2k6n98UfkIfSJUTkQ+z9jf1d
VMztiETWISG2ahlvI6tWuazannHRFNxHOncpZApG0dWRWUh0ajqjlXxZWhGAdkFk
8VUoWWceL3m5RXnr1jDvdjCHtchcF8sC1H0AWN9zBbA3hpqqF35aw0FNLgD1jxeV
Aeqm7a+mtjmibAgTlqJD703kvKD18jFPnXFs6daKIFT2
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:38:50 2025 by rpki-client