Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/n72XnK2spze6GjNktnnIrSnNxTU.roa
File: n72XnK2spze6GjNktnnIrSnNxTU.roa (raw, json)
Hash identifier: j7OTm/wBecFlQYIShjf1rjiQ33aKMZIE9GE305oDqB8=
Subject key identifier: 9F:BD:97:9C:AD:AC:A7:37:BA:1A:33:64:B6:79:C8:AD:29:CD:C5:35
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018756F0EC6D0C9C6CDE0931442D8E6DAAAE
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/n72XnK2spze6GjNktnnIrSnNxTU.roa
Signing time: Thu 06 Apr 2023 14:20:42 +0000
ROA not before: Thu 06 Apr 2023 14:20:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.58.0/24 maxlen: 24
14.102.224.0/24 maxlen: 24
14.102.233.0/24 maxlen: 24
14.102.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:f0:ec:6d:0c:9c:6c:de:09:31:44:2d:8e:6d:aa:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 6 14:20:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fbd979cadaca737ba1a3364b679c8ad29cdc535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:af:2b:ab:b6:ec:ef:e0:64:5b:ce:3f:d4:92:
10:31:74:43:fb:be:99:dd:df:0b:d9:50:97:ce:ca:
b9:45:cb:f0:f2:74:28:4f:27:d0:77:49:52:f0:28:
b4:a6:20:cf:9a:60:f7:f7:f3:b9:dc:a3:1f:3f:c5:
ed:45:e6:81:b7:99:d9:94:64:3d:06:41:83:3e:e1:
f1:b7:c6:da:bb:8b:38:e4:b8:4c:24:1b:9e:d3:64:
5b:86:61:e8:43:1a:ca:ec:65:0b:20:68:1e:48:64:
26:7f:05:3f:8b:cb:51:e5:bc:88:35:e1:51:10:ac:
13:a9:b3:4e:3c:2c:82:62:7a:13:e5:42:f4:35:1f:
51:3b:82:05:a6:01:36:42:04:d2:7b:65:a4:de:bb:
33:b0:5e:19:81:5b:41:06:a7:5c:a7:46:fa:1f:75:
0e:07:18:c7:93:58:f7:84:61:71:28:eb:b3:c1:f5:
d0:d4:3a:da:66:15:9f:09:78:e3:1c:54:56:c3:0c:
32:c3:38:85:3e:ed:e7:f5:a6:34:82:68:4c:02:02:
f4:06:ad:62:47:7e:b5:9c:74:73:0f:1c:fc:c5:33:
30:8e:83:a2:90:50:ed:6e:da:af:91:11:15:6e:5a:
46:15:1b:c4:64:d0:c3:0d:d4:22:9b:3c:fb:42:62:
05:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BD:97:9C:AD:AC:A7:37:BA:1A:33:64:B6:79:C8:AD:29:CD:C5:35
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/n72XnK2spze6GjNktnnIrSnNxTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.224.0/24
14.102.233.0/24
14.102.235.0/24
103.47.58.0/24
Signature Algorithm: sha256WithRSAEncryption
79:71:d8:74:15:74:1f:80:0f:f9:f5:6e:91:7f:a7:42:47:ac:
0a:b0:ce:cd:d7:cd:a5:30:39:e5:d5:54:d8:8b:d1:b0:da:bf:
31:1f:01:72:40:31:8e:b6:90:41:87:75:3d:4e:06:0e:ff:a2:
8e:99:b7:94:48:d3:71:56:b7:54:16:da:dd:30:20:59:5e:3e:
17:e8:fb:0d:3d:32:3b:80:71:2b:b0:ab:b7:68:da:15:68:6c:
6a:cb:ab:a0:bc:c8:3e:58:0a:23:a4:d8:3c:71:ab:2d:7a:a8:
92:b4:c4:32:6a:b9:ff:39:98:70:54:cf:c2:6e:4b:3e:50:7d:
0c:6f:ea:f0:64:f9:56:46:ac:73:03:92:27:fc:e4:f3:bd:1f:
ee:4b:10:d6:de:53:c0:c8:65:3a:3f:f3:cb:15:50:09:12:b8:
2b:11:f4:ff:e4:68:cc:0e:5c:bd:b0:97:20:b3:e1:fb:d2:bd:
5d:99:af:bb:6c:39:eb:5b:04:03:68:f8:d0:dd:da:a5:3e:42:
9f:63:fa:e6:7f:e4:b8:b0:9c:ce:eb:d1:a1:f7:0e:43:94:34:
eb:c4:4e:8d:ac:47:66:f1:4a:03:d4:4a:fd:b6:68:51:6e:53:
52:ed:57:ac:f1:4d:e9:fa:16:7f:2d:50:3f:25:14:85:d0:76:
71:ef:83:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdW8OxtDJxs3gkxRC2ObaquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNDA2MTQyMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmJkOTc5Y2FkYWNhNzM3YmExYTMzNjRiNjc5YzhhZDI5Y2RjNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya8rq7bs7+BkW84/1JIQMXRD+76Z
3d8L2VCXzsq5Rcvw8nQoTyfQd0lS8Ci0piDPmmD39/O53KMfP8XtReaBt5nZlGQ9
BkGDPuHxt8bau4s45LhMJBue02RbhmHoQxrK7GULIGgeSGQmfwU/i8tR5byINeFR
EKwTqbNOPCyCYnoT5UL0NR9RO4IFpgE2QgTSe2Wk3rszsF4ZgVtBBqdcp0b6H3UO
BxjHk1j3hGFxKOuzwfXQ1DraZhWfCXjjHFRWwwwywziFPu3n9aY0gmhMAgL0Bq1i
R361nHRzDxz8xTMwjoOikFDtbtqvkREVblpGFRvEZNDDDdQimzz7QmIF6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ+9l5ytrKc3uhozZLZ5yK0pzcU1MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbjcyWG5LMnNwemU2R2pOa3RubklyU25OeFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQADmbgAwQA
DmbpAwQADmbrAwQAZy86MA0GCSqGSIb3DQEBCwUAA4IBAQB5cdh0FXQfgA/59W6R
f6dCR6wKsM7N182lMDnl1VTYi9Gw2r8xHwFyQDGOtpBBh3U9TgYO/6KOmbeUSNNx
VrdUFtrdMCBZXj4X6PsNPTI7gHErsKu3aNoVaGxqy6ugvMg+WAojpNg8casteqiS
tMQyarn/OZhwVM/Cbks+UH0Mb+rwZPlWRqxzA5In/OTzvR/uSxDW3lPAyGU6P/PL
FVAJErgrEfT/5GjMDly9sJcgs+H70r1dma+7bDnrWwQDaPjQ3dqlPkKfY/rmf+S4
sJzO69Gh9w5DlDTrxE6NrEdm8UoD1Er9tmhRblNS7Ves8U3p+hZ/LVA/JRSF0HZx
74Pv
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:15 2025 by rpki-client