Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/jY6rzV24DSHBqF83mDHyDcxT9_Y.roa
File: jY6rzV24DSHBqF83mDHyDcxT9_Y.roa (raw, json)
Hash identifier: awVGf7u9AukzChaDLKH/KdOFbhrkdA+Lgwe8PkUBz8c=
Subject key identifier: 8D:8E:AB:CD:5D:B8:0D:21:C1:A8:5F:37:98:31:F2:0D:CC:53:F7:F6
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01960B30D4AE0F37A2018211578A01B1A8D3
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/jY6rzV24DSHBqF83mDHyDcxT9_Y.roa
Signing time: Sun 06 Apr 2025 13:01:11 +0000
ROA not before: Sun 06 Apr 2025 13:01:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50113
IP address blocks: 103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0b:30:d4:ae:0f:37:a2:01:82:11:57:8a:01:b1:a8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 6 13:01:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d8eabcd5db80d21c1a85f379831f20dcc53f7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a6:1d:f3:dc:75:52:22:3b:0c:1e:09:bf:d2:
ee:20:2a:bd:fe:1d:2b:28:92:0c:80:8b:03:ab:f3:
c9:7c:f7:56:38:76:df:6e:be:39:9c:c9:34:6c:22:
29:48:21:53:9d:80:78:f9:0b:71:8f:d6:15:9a:46:
6b:5c:e2:53:de:53:03:7f:45:47:bc:44:9b:5d:43:
6b:23:f3:c7:46:73:c7:ba:64:2a:ad:7f:ee:de:c8:
e0:5f:14:e5:7c:e9:d0:ef:df:be:70:cc:33:dd:26:
ee:c8:43:18:a0:3e:a4:33:4e:50:0f:af:87:b8:dd:
9c:03:a6:ac:80:0f:e9:0f:98:ef:dc:bb:07:7c:7b:
14:2f:af:62:fc:15:a8:6e:c7:ff:a2:b7:f5:fc:0b:
25:15:86:f2:1f:77:42:59:e3:c7:1b:80:02:72:9a:
77:16:b3:e8:5e:48:82:10:f3:43:17:39:2b:f1:9c:
a8:ca:b1:a4:d2:15:7f:02:46:02:8c:c4:d2:99:90:
8a:05:5a:14:8a:d2:3b:ce:26:e1:7c:97:89:dc:7a:
82:86:32:7b:7a:54:1a:20:b2:cd:27:03:e8:e5:d7:
20:11:09:ed:f5:2e:58:43:b5:ed:3d:4e:5f:87:2d:
2a:20:fa:ff:ce:cc:50:01:b2:f4:45:ad:19:dd:32:
4a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8E:AB:CD:5D:B8:0D:21:C1:A8:5F:37:98:31:F2:0D:CC:53:F7:F6
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/jY6rzV24DSHBqF83mDHyDcxT9_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.71.20.0/23
Signature Algorithm: sha256WithRSAEncryption
60:14:06:12:38:aa:39:b9:5b:e6:e4:26:a0:99:cb:05:ed:04:
13:22:1f:3a:36:67:61:75:29:85:71:48:bc:24:10:95:f2:3d:
88:f4:5b:4f:eb:c4:17:64:b2:93:4b:71:4b:c4:b0:d8:c5:bc:
14:15:87:44:31:0f:22:3e:84:f8:48:e0:f8:81:3c:bf:d4:09:
61:e8:8f:33:1f:9f:2b:b8:15:31:4e:25:62:6f:21:4f:cc:e2:
30:93:9d:fd:db:4f:c4:4d:aa:4f:a1:c2:05:a9:0a:7f:8d:de:
e6:aa:3a:e0:71:ff:4b:e8:34:37:91:58:b2:de:14:18:22:29:
aa:7a:68:41:f8:f7:20:13:2f:34:7a:49:85:ad:f4:2a:7a:58:
40:35:bb:d8:fe:8d:c0:99:b6:03:0e:a3:d1:4b:52:17:a3:a5:
1c:a7:bf:4d:d6:43:82:2d:fe:22:0e:16:4e:e0:57:a8:ee:4e:
05:48:6c:98:65:50:c9:f6:02:20:7a:d7:35:f4:5c:01:cb:04:
65:4c:52:a1:96:80:81:5c:c4:63:04:ce:99:5a:23:be:f4:49:
a0:24:cb:a8:92:29:af:89:4c:b4:bb:c8:de:d1:16:bc:c5:e0:
45:0d:81:59:5b:61:00:01:85:df:7e:2a:ff:3d:a8:e7:d5:ad:
55:f7:26:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYLMNSuDzeiAYIRV4oBsajTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNDA2MTMwMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhlYWJjZDVkYjgwZDIxYzFhODVmMzc5ODMxZjIwZGNjNTNmN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaYd89x1UiI7DB4Jv9LuICq9/h0r
KJIMgIsDq/PJfPdWOHbfbr45nMk0bCIpSCFTnYB4+Qtxj9YVmkZrXOJT3lMDf0VH
vESbXUNrI/PHRnPHumQqrX/u3sjgXxTlfOnQ79++cMwz3SbuyEMYoD6kM05QD6+H
uN2cA6asgA/pD5jv3LsHfHsUL69i/BWobsf/orf1/AslFYbyH3dCWePHG4ACcpp3
FrPoXkiCEPNDFzkr8ZyoyrGk0hV/AkYCjMTSmZCKBVoUitI7zibhfJeJ3HqChjJ7
elQaILLNJwPo5dcgEQnt9S5YQ7XtPU5fhy0qIPr/zsxQAbL0Ra0Z3TJKFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2Oq81duA0hwahfN5gx8g3MU/f2MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvalk2cnpWMjREU0hCcUY4M21ESHlEY3hUOV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ0cUMA0G
CSqGSIb3DQEBCwUAA4IBAQBgFAYSOKo5uVvm5CagmcsF7QQTIh86NmdhdSmFcUi8
JBCV8j2I9FtP68QXZLKTS3FLxLDYxbwUFYdEMQ8iPoT4SOD4gTy/1Alh6I8zH58r
uBUxTiVibyFPzOIwk53920/ETapPocIFqQp/jd7mqjrgcf9L6DQ3kViy3hQYIimq
emhB+PcgEy80ekmFrfQqelhANbvY/o3AmbYDDqPRS1IXo6Ucp79N1kOCLf4iDhZO
4Feo7k4FSGyYZVDJ9gIgetc19FwBywRlTFKhloCBXMRjBM6ZWiO+9EmgJMuokimv
iUy0u8je0Ra8xeBFDYFZW2EAAYXffir/Pajn1a1V9yaL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net