Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bNKxGgwICXmgoZeMiM9LD5LW8gE.roa
File: bNKxGgwICXmgoZeMiM9LD5LW8gE.roa (raw, json)
Hash identifier: xo5bKdLrjiP+kchcQXT280SWHO+56AL8JiMJHZPP64Y=
Subject key identifier: 6C:D2:B1:1A:0C:08:09:79:A0:A1:97:8C:88:CF:4B:0F:92:D6:F2:01
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01873FCE8F0445A61968688BA9AD59801190
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bNKxGgwICXmgoZeMiM9LD5LW8gE.roa
Signing time: Sun 02 Apr 2023 02:31:54 +0000
ROA not before: Sun 02 Apr 2023 02:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.58.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
14.102.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3f:ce:8f:04:45:a6:19:68:68:8b:a9:ad:59:80:11:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 2 02:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd2b11a0c080979a0a1978c88cf4b0f92d6f201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f0:4e:2a:ad:e3:de:7b:f1:f6:70:a5:fd:ff:
a3:cc:82:68:5b:95:4f:9c:cb:6e:60:74:80:27:03:
72:01:7f:15:e4:f8:17:60:a5:d7:54:ad:58:bf:f2:
64:23:9f:8e:12:2f:f7:bb:a1:13:07:f6:67:aa:53:
9f:fe:4d:03:fe:72:d1:4b:13:43:9c:ad:da:5a:a7:
5d:e8:e1:3d:08:b2:ac:0c:38:1a:05:ca:75:33:f2:
bf:67:b9:89:1b:20:6c:4c:26:ee:1f:0a:7b:2a:b0:
e5:77:8f:63:09:f0:bf:19:ab:57:df:15:01:81:fc:
11:b1:36:29:af:6d:57:38:cc:1a:eb:8b:4b:32:6a:
1a:5b:0f:b7:e4:f8:c8:24:72:a4:14:75:d6:64:86:
61:ad:6c:33:79:7f:26:25:36:74:b2:32:84:7a:5a:
48:07:b5:02:0a:d2:63:c6:4b:39:fa:6a:58:e6:94:
68:37:53:79:b2:69:60:a9:84:ba:26:07:3b:96:ae:
3d:6b:2a:aa:a4:a9:6e:39:88:73:fc:a7:fe:99:53:
23:da:bb:8c:81:bf:b2:4c:91:89:3a:6e:d9:98:e8:
82:21:25:4b:22:54:c1:e8:11:fd:ad:e3:16:8b:8c:
b2:03:9b:a4:f7:71:db:0b:87:21:14:02:7a:89:82:
04:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D2:B1:1A:0C:08:09:79:A0:A1:97:8C:88:CF:4B:0F:92:D6:F2:01
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bNKxGgwICXmgoZeMiM9LD5LW8gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.233.0/24
103.47.58.0/23
Signature Algorithm: sha256WithRSAEncryption
dd:67:68:5d:99:b7:bc:01:7b:fd:77:a2:89:e7:50:46:36:c4:
da:78:0a:23:d6:af:23:bf:f8:44:01:49:24:5f:47:fe:fa:d2:
26:df:d0:36:74:9d:86:f1:46:18:77:39:49:a4:5c:6d:27:9a:
63:82:a5:47:3b:59:93:5b:a5:13:ff:3f:34:cc:97:93:99:2e:
eb:3f:eb:85:fa:fc:cf:47:61:7f:4b:84:46:73:c7:98:b3:42:
c6:08:16:75:e3:a3:01:83:71:90:40:49:57:45:6d:8c:56:e6:
26:dc:1a:49:30:6e:4c:7e:f3:59:9b:75:3e:6b:a7:7c:ab:9f:
0c:b1:2d:a7:a2:6e:b7:02:a0:6d:09:0f:33:df:31:5d:af:df:
d6:45:3f:ec:3c:2a:21:0b:41:61:14:13:f0:7f:3d:5c:4d:05:
ab:2c:5f:07:6a:66:d3:d8:32:08:d0:91:b5:fa:38:65:e2:32:
a7:58:1e:e0:48:68:00:cc:d8:5e:4a:ba:e1:06:72:01:a7:14:
bd:35:ed:14:43:7b:f1:10:f3:c9:b9:99:c2:38:8f:a0:cf:77:
67:8f:60:10:06:a2:3d:41:17:5b:5a:5a:e5:38:e1:73:01:60:
59:78:23:96:68:2d:9e:a0:89:9f:ec:01:95:e1:fa:a8:b8:2e:
d4:54:91:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYc/zo8ERaYZaGiLqa1ZgBGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNDAyMDIzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2QyYjExYTBjMDgwOTc5YTBhMTk3OGM4OGNmNGIwZjkyZDZmMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/BOKq3j3nvx9nCl/f+jzIJoW5VP
nMtuYHSAJwNyAX8V5PgXYKXXVK1Yv/JkI5+OEi/3u6ETB/ZnqlOf/k0D/nLRSxND
nK3aWqdd6OE9CLKsDDgaBcp1M/K/Z7mJGyBsTCbuHwp7KrDld49jCfC/GatX3xUB
gfwRsTYpr21XOMwa64tLMmoaWw+35PjIJHKkFHXWZIZhrWwzeX8mJTZ0sjKEelpI
B7UCCtJjxks5+mpY5pRoN1N5smlgqYS6Jgc7lq49ayqqpKluOYhz/Kf+mVMj2ruM
gb+yTJGJOm7ZmOiCISVLIlTB6BH9reMWi4yyA5uk93HbC4chFAJ6iYIEowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGzSsRoMCAl5oKGXjIjPSw+S1vIBMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYk5LeEdnd0lDWG1nb1plTWlNOUxENUxXOGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbpAwQB
Zy86MA0GCSqGSIb3DQEBCwUAA4IBAQDdZ2hdmbe8AXv9d6KJ51BGNsTaeAoj1q8j
v/hEAUkkX0f++tIm39A2dJ2G8UYYdzlJpFxtJ5pjgqVHO1mTW6UT/z80zJeTmS7r
P+uF+vzPR2F/S4RGc8eYs0LGCBZ146MBg3GQQElXRW2MVuYm3BpJMG5MfvNZm3U+
a6d8q58MsS2nom63AqBtCQ8z3zFdr9/WRT/sPCohC0FhFBPwfz1cTQWrLF8HambT
2DII0JG1+jhl4jKnWB7gSGgAzNheSrrhBnIBpxS9Ne0UQ3vxEPPJuZnCOI+gz3dn
j2AQBqI9QRdbWlrlOOFzAWBZeCOWaC2eoImf7AGV4fqouC7UVJHL
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:17 2025 by rpki-client