Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/dfSJ8CpP5n40DWBhbtxKKOpFn7Q.roa
File: dfSJ8CpP5n40DWBhbtxKKOpFn7Q.roa (raw, json)
Hash identifier: IxDm+AjY1/5cDyqDlWvCPIIwjt1JYcczVFP00HqRnOg=
Subject key identifier: 75:F4:89:F0:2A:4F:E6:7E:34:0D:60:61:6E:DC:4A:28:EA:45:9F:B4
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019424B39AD9AC137A1B704B0C67E887049B
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/dfSJ8CpP5n40DWBhbtxKKOpFn7Q.roa
Signing time: Thu 02 Jan 2025 01:48:57 +0000
ROA not before: Thu 02 Jan 2025 01:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24875
IP address blocks: 103.240.148.0/22 maxlen: 24
160.238.64.0/24 maxlen: 24
160.238.65.0/24 maxlen: 24
160.238.67.0/24 maxlen: 24
185.245.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9a:d9:ac:13:7a:1b:70:4b:0c:67:e8:87:04:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 01:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75f489f02a4fe67e340d60616edc4a28ea459fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d2:70:c6:39:d5:97:9a:38:d8:c6:5f:c0:fc:
31:15:19:27:a5:0f:59:04:7c:22:87:d4:aa:16:1f:
b5:b9:74:3c:d2:62:6d:93:f2:74:9e:dd:57:cc:46:
08:e6:3b:03:34:a3:62:3a:55:75:2c:3a:46:83:4d:
c2:8f:e4:f2:8c:2f:98:ae:28:3b:c1:50:79:96:f2:
bf:50:ad:b2:3b:0c:c9:5e:22:3b:c6:71:d8:15:5f:
50:f6:6e:3b:7e:04:28:09:35:c7:b3:22:39:f5:64:
93:77:1a:e6:d2:e6:35:42:d0:d4:ea:be:7b:7d:4b:
4b:6d:ca:74:44:c6:68:35:70:11:73:fa:27:ec:8f:
80:07:dc:f0:91:a5:6a:f5:d0:ac:70:14:83:08:f4:
ce:43:2a:f8:ac:e1:47:af:d2:46:42:d0:21:26:a3:
db:35:93:c9:39:4a:92:3d:f8:0a:16:47:79:62:9a:
80:bf:8e:9a:c8:53:ca:42:1e:aa:14:1c:f0:0e:bf:
6e:2b:0b:27:0a:62:88:ee:93:24:b4:f3:a7:44:ac:
3b:7b:de:14:86:a2:0c:42:3c:7c:e1:94:44:cc:18:
ce:0f:31:87:9c:73:66:04:4c:a8:2a:f7:61:9e:ed:
8c:56:e8:eb:25:96:f1:4e:ac:29:0f:f6:59:46:d1:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F4:89:F0:2A:4F:E6:7E:34:0D:60:61:6E:DC:4A:28:EA:45:9F:B4
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/dfSJ8CpP5n40DWBhbtxKKOpFn7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.240.148.0/22
160.238.64.0/23
160.238.67.0/24
185.245.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:7a:c6:74:db:6a:68:0b:32:43:45:b9:0b:e2:bc:cb:ed:d2:
f1:c9:b7:1b:eb:7a:b6:e4:49:38:8d:c6:d6:33:3d:67:eb:1d:
68:cd:55:1e:a1:89:34:fc:3c:38:62:b6:99:02:8f:20:51:a1:
4e:54:ee:6d:e5:a5:54:6e:19:72:64:bd:1a:93:68:76:6a:11:
9b:71:c5:1e:21:de:cb:25:ef:76:ff:a3:11:ea:82:8f:af:d3:
68:eb:0f:af:6e:03:3d:c2:23:e8:6c:b6:32:ff:8e:67:ad:ca:
05:de:c9:66:65:82:0e:d2:ba:64:65:ce:d6:05:98:9c:73:e0:
b0:2b:56:e6:b1:0f:e4:39:7a:08:e0:8e:87:58:e2:dd:b4:5e:
13:ac:e6:d2:f2:dc:5a:90:b5:6e:20:e3:ab:a0:7e:87:e6:5a:
53:9b:15:fd:7b:fb:26:80:f1:f6:43:bd:39:b2:20:f7:64:45:
a0:49:00:bc:bb:23:f9:28:a6:98:44:2e:af:4b:87:57:cf:cd:
b0:c9:7e:4f:ce:e2:4d:f4:46:7f:c2:f9:3a:80:ed:5b:a3:45:
6b:8b:4e:7f:00:2c:f9:80:f7:f7:e7:87:f3:88:48:61:c7:3f:
c7:bf:15:e6:68:fa:27:c4:0c:8e:93:bd:02:39:26:2c:a3:fe:
f2:7e:4e:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQks5rZrBN6G3BLDGfohwSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMTAyMDE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWY0ODlmMDJhNGZlNjdlMzQwZDYwNjE2ZWRjNGEyOGVhNDU5ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9JwxjnVl5o42MZfwPwxFRknpQ9Z
BHwih9SqFh+1uXQ80mJtk/J0nt1XzEYI5jsDNKNiOlV1LDpGg03Cj+TyjC+Yrig7
wVB5lvK/UK2yOwzJXiI7xnHYFV9Q9m47fgQoCTXHsyI59WSTdxrm0uY1QtDU6r57
fUtLbcp0RMZoNXARc/on7I+AB9zwkaVq9dCscBSDCPTOQyr4rOFHr9JGQtAhJqPb
NZPJOUqSPfgKFkd5YpqAv46ayFPKQh6qFBzwDr9uKwsnCmKI7pMktPOnRKw7e94U
hqIMQjx84ZREzBjODzGHnHNmBEyoKvdhnu2MVujrJZbxTqwpD/ZZRtEtXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHX0ifAqT+Z+NA1gYW7cSijqRZ+0MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvZGZTSjhDcFA1bjQwRFdCaGJ0eEtLT3BGbjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCZ/CUAwQB
oO5AAwQAoO5DAwQAufUDMA0GCSqGSIb3DQEBCwUAA4IBAQCLesZ022poCzJDRbkL
4rzL7dLxybcb63q25Ek4jcbWMz1n6x1ozVUeoYk0/Dw4YraZAo8gUaFOVO5t5aVU
bhlyZL0ak2h2ahGbccUeId7LJe92/6MR6oKPr9No6w+vbgM9wiPobLYy/45nrcoF
3slmZYIO0rpkZc7WBZicc+CwK1bmsQ/kOXoI4I6HWOLdtF4TrObS8txakLVuIOOr
oH6H5lpTmxX9e/smgPH2Q705siD3ZEWgSQC8uyP5KKaYRC6vS4dXz82wyX5PzuJN
9EZ/wvk6gO1bo0Vri05/ACz5gPf354fziEhhxz/HvxXmaPonxAyOk70COSYso/7y
fk5S
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:28:00 2025 by rpki-client