Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Bb2NbnyRthHjwrrdIDMuaVmws7E.roa
File: Bb2NbnyRthHjwrrdIDMuaVmws7E.roa (raw, json)
Hash identifier: /T4yq7SL+R3j8vgoZFiUid4qLfXH/oqUcaAeUdbtrkk=
Subject key identifier: 05:BD:8D:6E:7C:91:B6:11:E3:C2:BA:DD:20:33:2E:69:59:B0:B3:B1
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCD9F265E9AE3040CBE21DC22337BC
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Bb2NbnyRthHjwrrdIDMuaVmws7E.roa
Signing time: Thu 02 Jan 2025 07:48:35 +0000
ROA not before: Thu 02 Jan 2025 07:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7015
IP address blocks: 31.132.53.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:d9:f2:65:e9:ae:30:40:cb:e2:1d:c2:23:37:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05bd8d6e7c91b611e3c2badd20332e6959b0b3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:65:8c:23:9c:73:12:33:5f:9a:63:da:30:f3:
fe:0a:ae:78:1f:c0:d6:c3:36:12:3a:c0:09:8e:8f:
37:90:fe:8b:5f:5a:9d:0b:d3:3b:01:ef:22:b4:18:
a3:4f:f9:75:68:96:21:01:f8:71:fe:e1:08:6b:87:
be:0c:47:a9:88:b3:30:02:bd:1b:b4:5f:9a:b2:00:
b9:55:32:bb:79:86:76:55:49:fd:c3:c5:a0:6b:d2:
33:c0:f9:06:54:71:1b:fb:e0:a6:5e:f0:b1:6d:97:
91:89:01:10:d9:ca:9d:f9:a8:1b:4d:e0:6b:0f:49:
c3:cf:96:80:c9:eb:cf:61:29:2a:54:f4:d9:01:65:
c6:64:d3:0a:21:79:96:02:16:32:85:cc:62:31:1a:
c4:4d:8b:b1:03:60:1e:66:99:6b:a8:5b:8a:13:b9:
33:19:d2:8f:a7:89:18:58:50:de:4b:4b:5f:0b:68:
68:e8:74:3c:72:c9:6a:d4:a0:47:b8:80:ed:8d:79:
42:8b:81:b0:8b:48:a6:b1:34:3d:9f:e1:ef:15:a9:
29:cf:e9:d3:b6:f6:9e:50:3e:05:d6:b9:cb:ab:46:
74:18:02:87:b7:4f:3e:e5:d6:a6:f9:f8:52:0f:9c:
52:63:53:78:db:18:fc:e3:64:d2:89:21:5c:d9:4d:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BD:8D:6E:7C:91:B6:11:E3:C2:BA:DD:20:33:2E:69:59:B0:B3:B1
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Bb2NbnyRthHjwrrdIDMuaVmws7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.53.0/24
103.130.178.0/24
Signature Algorithm: sha256WithRSAEncryption
44:1e:11:14:7f:7d:0a:c3:34:4a:95:ec:4a:fb:1b:bc:74:04:
fa:50:8d:1d:5e:1f:ac:b6:d8:31:4a:6e:89:af:ec:06:06:94:
bb:55:29:93:ef:c9:2c:a7:28:a4:8b:15:fc:1b:fd:f6:de:61:
96:93:76:2e:ce:62:a0:06:22:f2:bd:d2:7b:28:23:dc:5a:b1:
de:17:ab:85:69:5b:7f:85:4c:10:2e:da:a5:0b:ef:10:75:97:
c2:c4:7b:3d:52:dc:94:97:bb:1f:19:ef:3b:14:f3:e0:b3:48:
9a:51:3d:92:c7:7a:f7:46:b5:37:bb:11:c5:de:df:63:31:5f:
fe:0a:89:57:ed:af:f7:88:72:32:a6:6d:fd:8b:a2:58:2d:bb:
7f:7c:50:55:06:36:a4:05:a2:32:2f:e4:b3:be:08:7a:3f:bd:
ea:21:88:ae:50:c0:60:41:9a:b9:e5:73:ca:3d:7a:7a:0d:30:
a5:b5:42:2c:04:cf:f6:0d:d2:1f:c3:8c:c7:6d:bc:ca:1e:f6:
dd:3c:4d:ca:4f:91:f8:60:0c:a1:ce:09:11:f6:54:78:f1:68:
38:e2:62:b9:5e:21:02:a4:e1:ca:d7:46:02:35:0b:57:74:07:
e5:3e:0a:12:ca:f9:9c:2d:48:35:0d:30:bb:bb:bd:f9:f4:8c:
d3:e9:cb:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/NnyZemuMEDL4h3CIze8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJkOGQ2ZTdjOTFiNjExZTNjMmJhZGQyMDMzMmU2OTU5YjBiM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WWMI5xzEjNfmmPaMPP+Cq54H8DW
wzYSOsAJjo83kP6LX1qdC9M7Ae8itBijT/l1aJYhAfhx/uEIa4e+DEepiLMwAr0b
tF+asgC5VTK7eYZ2VUn9w8Wga9IzwPkGVHEb++CmXvCxbZeRiQEQ2cqd+agbTeBr
D0nDz5aAyevPYSkqVPTZAWXGZNMKIXmWAhYyhcxiMRrETYuxA2AeZplrqFuKE7kz
GdKPp4kYWFDeS0tfC2ho6HQ8cslq1KBHuIDtjXlCi4Gwi0imsTQ9n+HvFakpz+nT
tvaeUD4F1rnLq0Z0GAKHt08+5dam+fhSD5xSY1N42xj842TSiSFc2U1GGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAW9jW58kbYR48K63SAzLmlZsLOxMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvQmIyTmJueVJ0aEhqd3JyZElETXVhVm13czdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH4Q1AwQA
Z4KyMA0GCSqGSIb3DQEBCwUAA4IBAQBEHhEUf30KwzRKlexK+xu8dAT6UI0dXh+s
ttgxSm6Jr+wGBpS7VSmT78kspyikixX8G/323mGWk3YuzmKgBiLyvdJ7KCPcWrHe
F6uFaVt/hUwQLtqlC+8QdZfCxHs9UtyUl7sfGe87FPPgs0iaUT2Sx3r3RrU3uxHF
3t9jMV/+ColX7a/3iHIypm39i6JYLbt/fFBVBjakBaIyL+Szvgh6P73qIYiuUMBg
QZq55XPKPXp6DTCltUIsBM/2DdIfw4zHbbzKHvbdPE3KT5H4YAyhzgkR9lR48Wg4
4mK5XiECpOHK10YCNQtXdAflPgoSyvmcLUg1DTC7u7359IzT6cvT
-----END CERTIFICATE-----
Generated at Wed Jan 22 17:25:37 2025 by rpki-client on console.sobornost.net