Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/cvq_bcxgkbdGiNiyVZLgcQhtBIw.roa
File: cvq_bcxgkbdGiNiyVZLgcQhtBIw.roa (raw, json)
Hash identifier: tHHBrVKk450gxC24+vVRTlH/n6cUVBiKKtA6qD/IblA=
Subject key identifier: 72:FA:BF:6D:CC:60:91:B7:46:88:D8:B2:55:92:E0:71:08:6D:04:8C
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 0193AC1C6581C2E6FBFB786CBDED0B3919AC
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/cvq_bcxgkbdGiNiyVZLgcQhtBIw.roa
Signing time: Mon 09 Dec 2024 15:49:22 +0000
ROA not before: Mon 09 Dec 2024 15:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136620
IP address blocks: 103.105.48.0/24 maxlen: 24
103.105.49.0/24 maxlen: 24
103.105.50.0/24 maxlen: 24
103.105.51.0/24 maxlen: 24
195.191.54.0/23 maxlen: 23
195.191.56.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:1c:65:81:c2:e6:fb:fb:78:6c:bd:ed:0b:39:19:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Dec 9 15:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72fabf6dcc6091b74688d8b25592e071086d048c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:93:2b:e6:61:af:c5:89:6a:6b:29:5a:e7:a0:
99:ee:fd:c4:65:c5:79:52:a5:25:66:45:99:6c:16:
39:43:10:14:e0:0e:45:54:d5:79:2f:3e:a3:29:bb:
fb:84:8c:bc:13:ad:7f:91:0b:f2:3f:6d:ba:d2:53:
3f:d8:c5:5e:fe:f1:eb:06:7e:07:bd:19:4a:95:39:
fb:2e:3d:3a:88:f6:d5:fc:8c:94:65:2b:e0:68:e1:
ca:f3:22:8d:c3:bb:a2:a2:ad:af:ae:65:61:cd:f0:
e6:02:b5:7d:20:1f:82:d4:77:47:79:cb:57:d7:01:
b7:ed:b7:9d:46:fd:e3:1e:bb:9d:e6:87:7b:75:31:
20:d0:22:7f:1d:d5:08:d0:05:bf:4a:88:38:30:e8:
97:cc:60:b3:9a:3d:ad:0c:b4:d3:f5:53:be:d9:90:
22:39:50:97:ef:97:bd:65:43:69:75:c4:26:f2:c6:
f9:47:ec:c0:17:88:90:81:8b:90:ba:40:e3:69:3c:
25:df:b3:20:7d:57:7c:91:0b:c8:3e:ca:38:9c:26:
85:24:d2:6f:33:a6:0a:5e:79:32:92:b3:f1:f3:dd:
8e:c1:76:ed:34:9b:83:c5:1d:3b:7a:7c:ec:2d:34:
a5:38:af:89:af:d9:b9:a4:02:2b:06:00:0a:45:ed:
29:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FA:BF:6D:CC:60:91:B7:46:88:D8:B2:55:92:E0:71:08:6D:04:8C
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/cvq_bcxgkbdGiNiyVZLgcQhtBIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.105.48.0/22
195.191.54.0-195.191.57.255
Signature Algorithm: sha256WithRSAEncryption
27:09:65:01:88:fc:af:0f:63:aa:24:bb:60:75:48:ca:8f:e7:
24:74:dd:7f:ed:ac:29:95:be:f4:8b:38:bd:30:2b:df:b9:00:
8c:a1:37:e9:c3:32:d3:bc:f5:8a:29:27:9d:de:3d:d4:59:0f:
75:75:80:81:c4:b8:43:17:36:24:6b:6d:76:31:24:33:3b:a1:
3c:84:c8:c4:be:16:b6:b1:9c:9c:7e:47:42:74:e9:ee:4c:17:
90:8c:ed:fb:a2:8f:9c:6f:26:24:82:de:1b:e7:e7:61:98:32:
3a:08:3e:1a:58:0c:32:29:0e:0f:70:a9:89:a7:8b:b9:d7:82:
a2:47:f1:95:85:31:b0:1d:4d:32:39:bb:38:1b:db:cd:61:89:
b0:a2:5c:3e:ea:64:6d:5f:97:bc:03:fd:ac:23:fd:c1:0c:20:
c1:8b:e2:f6:d1:39:5c:4e:f1:98:b8:b2:e5:b2:e2:18:93:e4:
5e:21:bd:6a:df:33:f2:e0:0d:86:96:ad:b2:2a:04:24:96:e5:
33:f3:59:fc:85:3f:eb:0e:11:ac:53:96:66:7e:ca:28:d1:90:
37:fb:8f:46:07:27:cc:5a:58:22:70:19:ef:1d:30:18:ee:97:
1e:ce:7c:f6:d3:f7:48:7a:6e:30:f0:fd:c2:fa:16:c3:04:64:
d7:62:3b:1d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZOsHGWBwub7+3hsve0LORmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWZjOGM4Mjk4NjMxMGM1ZjZhOWI1NmZiNzZiNmJkOTg3
N2ZjYzAwHhcNMjQxMjA5MTU0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZhYmY2ZGNjNjA5MWI3NDY4OGQ4YjI1NTkyZTA3MTA4NmQwNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5Mr5mGvxYlqayla56CZ7v3EZcV5
UqUlZkWZbBY5QxAU4A5FVNV5Lz6jKbv7hIy8E61/kQvyP2260lM/2MVe/vHrBn4H
vRlKlTn7Lj06iPbV/IyUZSvgaOHK8yKNw7uioq2vrmVhzfDmArV9IB+C1HdHectX
1wG37bedRv3jHrud5od7dTEg0CJ/HdUI0AW/Sog4MOiXzGCzmj2tDLTT9VO+2ZAi
OVCX75e9ZUNpdcQm8sb5R+zAF4iQgYuQukDjaTwl37MgfVd8kQvIPso4nCaFJNJv
M6YKXnkykrPx892OwXbtNJuDxR07enzsLTSlOK+Jr9m5pAIrBgAKRe0pnwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHL6v23MYJG3RojYslWS4HEIbQSMMB8GA1UdIwQY
MBaAFPgfyMgphjEMX2qbVvt2tr2Yd/zAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CX0l5Q21HTVF4ZmFwdFctM2EydlpoM19NQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFk
LTUxM2NhOGU2Y2VjZS8xL2N2cV9iY3hna2JkR2lOaXlWWkxnY1FodEJJdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFkLTUxM2NhOGU2Y2Vj
ZS8xLzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQDBAJnaTAw
DAMEAcO/NgMEAcO/ODANBgkqhkiG9w0BAQsFAAOCAQEAJwllAYj8rw9jqiS7YHVI
yo/nJHTdf+2sKZW+9Is4vTAr37kAjKE36cMy07z1iiknnd491FkPdXWAgcS4Qxc2
JGttdjEkMzuhPITIxL4WtrGcnH5HQnTp7kwXkIzt+6KPnG8mJILeG+fnYZgyOgg+
GlgMMikOD3CpiaeLudeCokfxlYUxsB1NMjm7OBvbzWGJsKJcPupkbV+XvAP9rCP9
wQwgwYvi9tE5XE7xmLiy5bLiGJPkXiG9at8z8uANhpatsioEJJblM/NZ/IU/6w4R
rFOWZn7KKNGQN/uPRgcnzFpYInAZ7x0wGO6XHs589tP3SHpuMPD9wvoWwwRk12I7
HQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:27 2024 by rpki-client on console.sobornost.net