Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vzRMTHNnmVL3NH9svuIvtdX9CG8.roa
File: vzRMTHNnmVL3NH9svuIvtdX9CG8.roa (raw, json)
Hash identifier: IZsMLvqwVbRncP3gdh4mvZhPp2gQZHJWQtVaP5kKJZc=
Subject key identifier: BF:34:4C:4C:73:67:99:52:F7:34:7F:6C:BE:E2:2F:B5:D5:FD:08:6F
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018979C38FD19E5FCD00CD24540EC58AF179
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vzRMTHNnmVL3NH9svuIvtdX9CG8.roa
Signing time: Fri 21 Jul 2023 18:43:26 +0000
ROA not before: Fri 21 Jul 2023 18:43:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 103.47.56.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
14.102.226.0/24 maxlen: 24
14.102.229.0/24 maxlen: 24
14.102.230.0/24 maxlen: 24
14.102.231.0/24 maxlen: 24
14.102.228.0/22 maxlen: 24
14.102.228.0/24 maxlen: 24
14.102.237.0/24 maxlen: 24
14.102.238.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:79:c3:8f:d1:9e:5f:cd:00:cd:24:54:0e:c5:8a:f1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jul 21 18:43:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf344c4c73679952f7347f6cbee22fb5d5fd086f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:29:74:a0:d6:c0:1e:0c:8d:e3:5b:84:f0:cf:
93:69:64:f0:f3:ce:66:50:f4:14:e5:35:31:b6:06:
9e:8e:72:67:47:84:bf:af:9a:2e:25:80:a2:b2:c8:
c0:85:8e:47:ae:d6:4a:cb:21:a2:cc:87:78:d6:d9:
89:de:82:59:8b:b2:94:96:21:c5:89:74:d7:6d:d0:
3c:2a:65:eb:5b:f8:a8:44:ed:c2:2c:f1:83:4a:8d:
ea:3f:c3:da:53:b7:3e:5a:84:e5:f7:cd:75:db:e4:
a9:8e:39:c3:6c:61:0f:e3:bd:f2:35:1b:a4:83:44:
ec:73:6e:58:8a:88:bd:50:8b:bc:df:fd:72:d2:d1:
0b:62:8e:a7:6f:54:df:e3:95:79:7a:0d:db:73:ec:
68:22:0a:3d:97:30:35:a9:62:e5:a6:cd:68:cc:c2:
52:41:17:0d:79:71:58:e7:fa:b2:fe:f1:8e:f5:02:
47:c7:68:13:a0:8f:eb:aa:08:18:fc:b3:85:b5:61:
b3:5b:ca:cc:a8:e1:ef:95:ae:cc:41:8b:9f:93:ee:
d2:c2:86:73:99:7c:f4:74:8a:9d:f2:6a:3c:b8:ea:
eb:11:8e:31:2b:ef:81:be:a7:24:bb:7b:3a:e1:06:
0c:bc:6a:78:69:3c:50:c9:d8:17:61:24:47:c1:96:
ed:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:34:4C:4C:73:67:99:52:F7:34:7F:6C:BE:E2:2F:B5:D5:FD:08:6F
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vzRMTHNnmVL3NH9svuIvtdX9CG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/24
14.102.228.0/22
14.102.234.0/24
14.102.237.0-14.102.238.255
103.47.56.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
23:6b:99:58:54:ac:df:05:c9:5e:7c:b1:62:26:5d:d8:df:2f:
02:bf:c7:3c:ae:e8:36:30:95:12:8c:63:25:6a:81:c4:64:ef:
45:ed:a3:43:b5:b9:a3:57:22:af:ff:68:76:e0:9e:93:46:b3:
ec:bf:fb:b1:2b:30:6d:ff:23:db:49:96:0e:06:e5:1d:84:a4:
d3:90:21:6d:30:73:a6:d9:23:7e:52:fc:a5:6a:ae:43:16:4f:
da:cf:46:ff:81:4d:0d:b0:b1:8c:ac:f7:fc:e9:bd:dd:ca:4b:
a6:f3:d0:e9:79:8a:7d:90:ee:be:cd:0f:af:1d:72:f7:7e:02:
2f:b5:3a:ef:35:61:ff:cc:0b:30:54:b1:f9:88:f6:09:64:4e:
3d:0e:dd:ae:6e:77:35:f0:5c:7c:f8:2b:14:6b:b0:d2:28:06:
b7:7b:03:1c:eb:db:2e:82:18:57:dc:d7:d8:f9:ce:9f:3c:65:
66:c3:cf:29:35:c6:35:a3:b4:ac:f5:b9:6b:22:c9:4c:ea:9a:
bc:88:91:27:ad:45:82:16:c7:b1:5e:37:29:19:39:8a:35:78:
f0:fe:f0:3e:eb:ca:f7:8a:09:5a:a0:42:bc:51:c0:18:0c:8f:
f2:05:15:b2:4a:75:49:12:fa:fe:04:19:43:aa:b3:58:63:bb:
33:16:ca:0a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYl5w4/Rnl/NAM0kVA7FivF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwNzIxMTg0MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM0NGM0YzczNjc5OTUyZjczNDdmNmNiZWUyMmZiNWQ1ZmQwODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkil0oNbAHgyN41uE8M+TaWTw885m
UPQU5TUxtgaejnJnR4S/r5ouJYCissjAhY5HrtZKyyGizId41tmJ3oJZi7KUliHF
iXTXbdA8KmXrW/ioRO3CLPGDSo3qP8PaU7c+WoTl98112+SpjjnDbGEP473yNRuk
g0Tsc25Yioi9UIu83/1y0tELYo6nb1Tf45V5eg3bc+xoIgo9lzA1qWLlps1ozMJS
QRcNeXFY5/qy/vGO9QJHx2gToI/rqggY/LOFtWGzW8rMqOHvla7MQYufk+7SwoZz
mXz0dIqd8mo8uOrrEY4xK++Bvqcku3s64QYMvGp4aTxQydgXYSRHwZbt+QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFL80TExzZ5lS9zR/bL7iL7XV/QhvMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdnpSTVRITm5tVkwzTkg5c3Z1SXZ0ZFg5Q0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQADmbiAwQC
DmbkAwQADmbqMAwDBAAOZu0DBAAOZu4DBABnLzgDBABnLzswDQYJKoZIhvcNAQEL
BQADggEBACNrmVhUrN8FyV58sWImXdjfLwK/xzyu6DYwlRKMYyVqgcRk70Xto0O1
uaNXIq//aHbgnpNGs+y/+7ErMG3/I9tJlg4G5R2EpNOQIW0wc6bZI35S/KVqrkMW
T9rPRv+BTQ2wsYys9/zpvd3KS6bz0Ol5in2Q7r7ND68dcvd+Ai+1Ou81Yf/MCzBU
sfmI9glkTj0O3a5udzXwXHz4KxRrsNIoBrd7Axzr2y6CGFfc19j5zp88ZWbDzyk1
xjWjtKz1uWsiyUzqmryIkSetRYIWx7FeNykZOYo1ePD+8D7ryveKCVqgQrxRwBgM
j/IFFbJKdUkS+v4EGUOqs1hjuzMWygo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:46 2025 by rpki-client