Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/QDltpbfC9LHvGeypmtEDq5-eNDk.roa
File: QDltpbfC9LHvGeypmtEDq5-eNDk.roa (raw, json)
Hash identifier: mLu9Q/AyoHWZ1majfMg11bs0X1ILlO157hjCBeHk5o0=
Subject key identifier: 40:39:6D:A5:B7:C2:F4:B1:EF:19:EC:A9:9A:D1:03:AB:9F:9E:34:39
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 0193EE4CF025059A452D1330C8802457BD2A
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/QDltpbfC9LHvGeypmtEDq5-eNDk.roa
Signing time: Sun 22 Dec 2024 12:17:19 +0000
ROA not before: Sun 22 Dec 2024 12:17:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49596
IP address blocks: 103.231.136.0/24 maxlen: 24
103.231.137.0/24 maxlen: 24
103.231.138.0/24 maxlen: 24
103.231.139.0/24 maxlen: 24
185.137.108.0/22 maxlen: 22
185.137.108.0/24 maxlen: 24
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
2a07:380::/29 maxlen: 29
2a07:387::/32 maxlen: 32
2a0a:40c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ee:4c:f0:25:05:9a:45:2d:13:30:c8:80:24:57:bd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Dec 22 12:17:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40396da5b7c2f4b1ef19eca99ad103ab9f9e3439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:07:9a:15:7a:d3:da:a1:80:4c:d2:81:46:f1:
c5:ab:f8:ca:c1:e1:c0:d2:8e:2f:67:a6:50:0c:63:
1f:b2:76:87:77:c9:0e:43:d4:88:39:12:c7:32:f4:
f0:50:04:b0:87:20:63:b3:49:05:0c:ee:64:a9:f8:
ca:30:12:59:e2:d2:4a:93:00:24:55:d0:8e:54:2e:
4e:5b:cc:0c:e3:9d:6b:46:4c:fd:7b:aa:ad:fb:3f:
9f:c2:74:a9:aa:0c:83:69:b2:b6:44:42:70:8d:6b:
5a:5a:40:9d:a5:50:2e:e4:4c:14:42:06:7c:bd:54:
72:1e:4f:53:3e:9a:d2:da:07:e5:94:cb:48:d2:f4:
68:47:6c:d5:5d:65:e1:c6:e2:c1:12:40:c2:d0:00:
6e:22:6a:d7:89:eb:f3:79:f0:0e:ee:eb:24:0e:8e:
7a:bc:02:c7:f2:70:76:b5:d1:2d:9b:56:ae:af:64:
b9:5a:1a:cd:ad:8b:b5:ea:76:99:12:2b:0d:4b:70:
0b:80:05:a5:4d:09:68:da:22:69:9a:47:8c:6f:7f:
5c:46:83:a6:71:85:89:b4:a0:e5:dd:f4:76:5c:11:
15:63:6c:e4:e2:40:d1:4f:02:e3:33:59:24:7b:af:
f4:c4:1d:1f:61:5e:37:04:45:48:16:e4:9a:10:ab:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:39:6D:A5:B7:C2:F4:B1:EF:19:EC:A9:9A:D1:03:AB:9F:9E:34:39
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/QDltpbfC9LHvGeypmtEDq5-eNDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.136.0/22
185.137.108.0/22
IPv6:
2a07:380::/29
2a0a:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:52:84:11:d8:39:21:0a:fb:fb:f4:64:56:fe:d9:ea:eb:b0:
27:55:f2:95:8a:5a:d5:93:c7:68:60:6b:a7:06:29:e6:e7:ed:
ed:38:ca:a1:07:a9:b8:53:bc:3b:92:50:0e:1d:5c:56:04:b4:
c5:e2:c7:4f:56:4e:13:9a:c1:22:10:43:12:40:6a:c5:2f:f4:
6f:1c:7d:dc:28:e2:a9:21:13:c7:cc:a8:84:25:74:76:ca:e6:
f0:8b:ed:e1:30:27:29:2a:42:08:80:bd:2e:ea:66:c0:52:66:
90:d9:da:c0:89:8f:c9:81:79:c7:47:4c:11:0c:e9:04:8e:b0:
07:dd:2e:db:3e:ae:63:b1:ab:41:26:98:cc:51:af:5e:37:ee:
8b:77:c7:6a:78:a5:74:8e:ac:10:6a:96:54:20:04:75:3c:e5:
15:57:4c:2b:66:49:d0:87:67:42:ee:89:15:a5:07:3c:f6:1e:
de:d2:90:ef:d6:bc:3b:3b:29:74:60:52:42:a9:e5:11:76:3a:
5e:7f:eb:d7:e7:3a:5f:3e:e4:13:65:87:05:02:9b:61:54:96:
00:75:08:43:fc:8f:92:aa:d9:67:e5:df:d2:6c:1a:54:85:b1:
16:ee:a8:6c:a9:43:a4:5e:5d:99:fd:f3:e1:2f:0f:86:fa:2b:
5a:73:1c:0d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZPuTPAlBZpFLRMwyIAkV70qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjQxMjIyMTIxNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDM5NmRhNWI3YzJmNGIxZWYxOWVjYTk5YWQxMDNhYjlmOWUzNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5weaFXrT2qGATNKBRvHFq/jKweHA
0o4vZ6ZQDGMfsnaHd8kOQ9SIORLHMvTwUASwhyBjs0kFDO5kqfjKMBJZ4tJKkwAk
VdCOVC5OW8wM451rRkz9e6qt+z+fwnSpqgyDabK2REJwjWtaWkCdpVAu5EwUQgZ8
vVRyHk9TPprS2gfllMtI0vRoR2zVXWXhxuLBEkDC0ABuImrXievzefAO7uskDo56
vALH8nB2tdEtm1aur2S5WhrNrYu16naZEisNS3ALgAWlTQlo2iJpmkeMb39cRoOm
cYWJtKDl3fR2XBEVY2zk4kDRTwLjM1kke6/0xB0fYV43BEVIFuSaEKs85wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEA5baW3wvSx7xnsqZrRA6ufnjQ5MB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvUURsdHBiZkM5TEh2R2V5cG10RURxNS1lTkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCZ+eIAwQC
uYlsMBQEAgACMA4DBQMqBwOAAwUDKgpAwDANBgkqhkiG9w0BAQsFAAOCAQEAQFKE
Edg5IQr7+/RkVv7Z6uuwJ1XylYpa1ZPHaGBrpwYp5uft7TjKoQepuFO8O5JQDh1c
VgS0xeLHT1ZOE5rBIhBDEkBqxS/0bxx93CjiqSETx8yohCV0dsrm8Ivt4TAnKSpC
CIC9LupmwFJmkNnawImPyYF5x0dMEQzpBI6wB90u2z6uY7GrQSaYzFGvXjfui3fH
anildI6sEGqWVCAEdTzlFVdMK2ZJ0IdnQu6JFaUHPPYe3tKQ79a8OzspdGBSQqnl
EXY6Xn/r1+c6Xz7kE2WHBQKbYVSWAHUIQ/yPkqrZZ+Xf0mwaVIWxFu6obKlDpF5d
mf3z4S8PhvorWnMcDQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:02 2024 by rpki-client on console.sobornost.net