Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/k7Uhxcf1dLyLbabkMZGt9dayq9s.roa
File: k7Uhxcf1dLyLbabkMZGt9dayq9s.roa (raw, json)
Hash identifier: gFVryfVaKzHzs9H28hxg6aO05RnxqjKmSXgUNR+b4kg=
Subject key identifier: 93:B5:21:C5:C7:F5:74:BC:8B:6D:A6:E4:31:91:AD:F5:D6:B2:AB:DB
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0194222013FC6275B27743A69337BE04F1EA
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/k7Uhxcf1dLyLbabkMZGt9dayq9s.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63859
IP address blocks: 151.249.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:13:fc:62:75:b2:77:43:a6:93:37:be:04:f1:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93b521c5c7f574bc8b6da6e43191adf5d6b2abdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3d:f7:ba:3b:33:50:83:9f:a5:35:66:e7:14:
86:d9:05:e6:81:b6:02:bd:8a:76:8d:96:19:01:f7:
4b:70:3c:6b:fc:ec:99:93:30:55:3d:b5:46:b7:d8:
c2:08:57:e0:09:48:cb:6e:8a:b0:0d:a5:61:96:62:
82:dd:b2:e7:71:cb:e5:6d:94:ef:d1:f7:ba:07:0a:
a5:1c:ad:1f:30:9a:c4:8a:cb:7f:b8:56:51:aa:b3:
c9:86:2d:2a:4e:ef:d1:e9:0c:7b:58:67:51:4d:51:
0c:24:c7:d2:bb:98:f7:23:c1:fc:6c:0c:3d:36:29:
e4:03:8f:bb:a0:de:45:6e:c1:1e:56:4b:b3:07:93:
90:5e:84:59:29:16:c6:ed:ce:af:54:0d:cf:91:67:
e7:87:3e:ad:a4:a7:cd:66:c7:64:d3:15:c0:16:4d:
40:a2:26:a0:fe:0d:a5:1e:61:ea:16:c9:b3:4f:15:
17:bf:b2:fe:8e:d5:de:82:f7:99:30:35:98:8a:ea:
37:86:7f:9a:c2:84:f3:5b:c3:ef:79:aa:23:2b:44:
85:55:c4:28:6f:15:9a:7f:c2:83:47:c3:f5:bd:22:
40:87:94:29:cf:bb:96:95:e9:a9:9f:28:19:56:7f:
c3:33:28:fd:b9:3e:74:5c:f9:81:e7:62:24:67:fa:
27:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B5:21:C5:C7:F5:74:BC:8B:6D:A6:E4:31:91:AD:F5:D6:B2:AB:DB
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/k7Uhxcf1dLyLbabkMZGt9dayq9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.95.0/24
Signature Algorithm: sha256WithRSAEncryption
19:3d:5b:cc:9e:b2:6d:06:99:5f:bf:91:d9:fa:af:1b:81:8b:
c9:26:fc:34:56:1f:46:d1:6e:f7:72:19:14:eb:fd:72:4f:cb:
21:7c:b6:23:d5:ad:74:e1:6a:d3:5f:5c:56:e0:8a:7e:86:55:
0f:a2:d3:4e:a9:dd:7b:60:32:b7:c4:f9:6b:3f:7d:be:29:d9:
80:4c:a8:4e:b9:a8:51:bd:33:20:9e:6e:64:26:7f:22:3a:76:
65:09:30:9b:f8:7a:bf:78:9d:d6:d0:2a:00:76:ca:85:e7:18:
aa:7d:87:82:4c:22:ad:bf:49:0e:05:d5:c9:ad:e3:ca:18:a5:
b9:5b:3a:31:2b:e5:36:ca:b6:93:f1:3a:be:35:9e:04:80:3e:
47:d7:e9:39:76:8b:98:aa:81:a3:8e:3f:a1:1c:1e:4a:5c:ae:
0b:6e:76:c9:35:a8:9c:3a:76:a5:f9:49:96:b1:85:7b:d3:9b:
69:c0:90:2e:73:58:fa:23:41:a0:d1:af:b2:54:d5:dc:4e:b2:
dd:78:95:73:a8:f2:25:74:68:bf:2b:79:d4:35:f9:18:01:8b:
94:2e:9a:a9:de:08:59:f0:5b:df:68:3e:1c:8d:1e:1e:5b:3f:
2b:5e:c7:85:52:af:b2:2f:63:26:4e:ff:13:41:d2:83:6e:25:
10:09:56:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBP8YnWyd0Omkze+BPHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2I1MjFjNWM3ZjU3NGJjOGI2ZGE2ZTQzMTkxYWRmNWQ2YjJhYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4j33ujszUIOfpTVm5xSG2QXmgbYC
vYp2jZYZAfdLcDxr/OyZkzBVPbVGt9jCCFfgCUjLboqwDaVhlmKC3bLnccvlbZTv
0fe6BwqlHK0fMJrEist/uFZRqrPJhi0qTu/R6Qx7WGdRTVEMJMfSu5j3I8H8bAw9
NinkA4+7oN5FbsEeVkuzB5OQXoRZKRbG7c6vVA3PkWfnhz6tpKfNZsdk0xXAFk1A
oiag/g2lHmHqFsmzTxUXv7L+jtXegveZMDWYiuo3hn+awoTzW8PveaojK0SFVcQo
bxWaf8KDR8P1vSJAh5Qpz7uWlempnygZVn/DMyj9uT50XPmB52IkZ/oneQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJO1IcXH9XS8i22m5DGRrfXWsqvbMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvazdVaHhjZjFkTHlMYmFia01aR3Q5ZGF5cTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/lfMA0G
CSqGSIb3DQEBCwUAA4IBAQAZPVvMnrJtBplfv5HZ+q8bgYvJJvw0Vh9G0W73chkU
6/1yT8shfLYj1a104WrTX1xW4Ip+hlUPotNOqd17YDK3xPlrP32+KdmATKhOuahR
vTMgnm5kJn8iOnZlCTCb+Hq/eJ3W0CoAdsqF5xiqfYeCTCKtv0kOBdXJrePKGKW5
WzoxK+U2yraT8Tq+NZ4EgD5H1+k5douYqoGjjj+hHB5KXK4LbnbJNaicOnal+UmW
sYV705tpwJAuc1j6I0Gg0a+yVNXcTrLdeJVzqPIldGi/K3nUNfkYAYuULpqp3ghZ
8FvfaD4cjR4eWz8rXseFUq+yL2MmTv8TQdKDbiUQCVYI
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:14:28 2025 by rpki-client