Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-pG3sTNTA36J9z7xCJGXji_ljj0.roa
File: 1-pG3sTNTA36J9z7xCJGXji_ljj0.roa (raw, json)
Hash identifier: GELJoVrocVmMuTip8VUmIFzw/kMRAU75+j2guwQvc6U=
Subject key identifier: FA:91:B7:B1:33:53:03:7E:89:F7:3E:F1:08:91:97:8E:2F:E5:8E:3D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195DB94FFFBE3B76A4CB6A0AD27ADDC94EF
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-pG3sTNTA36J9z7xCJGXji_ljj0.roa
Signing time: Fri 28 Mar 2025 07:08:49 +0000
ROA not before: Fri 28 Mar 2025 07:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 151.243.14.0/24 maxlen: 24
151.243.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:94:ff:fb:e3:b7:6a:4c:b6:a0:ad:27:ad:dc:94:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 28 07:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa91b7b13353037e89f73ef10891978e2fe58e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:32:ac:f2:20:2f:ee:6b:0a:22:0a:87:be:93:
5d:3f:f8:cb:d3:dc:1d:3d:b4:59:3b:a5:c4:2c:dd:
06:e2:04:fa:9f:f6:da:9f:4d:80:7f:a9:ed:16:da:
e3:81:5f:e3:fc:88:be:6d:e8:96:c8:63:08:53:19:
87:40:1d:49:8a:5b:de:52:9e:74:6c:f8:93:c0:22:
1a:ec:b8:ed:c3:75:bc:2a:b7:ad:d4:85:0f:1e:b0:
68:9d:ad:e7:11:19:07:d9:b1:2a:a9:8e:bc:35:ba:
72:2b:a2:7e:90:c7:79:1a:c7:5b:b5:b5:88:60:4a:
d5:50:b3:a2:3e:65:35:23:60:74:c2:f7:21:f2:5f:
d1:6f:49:9f:c9:dc:72:9c:7d:67:2d:d4:1a:ea:bf:
51:10:26:79:30:68:30:a2:5b:a2:a7:b3:6b:b5:92:
a9:54:11:31:a7:7e:7e:50:cb:99:3f:4e:8d:55:6c:
6b:81:6d:46:fe:d7:d5:c6:91:8b:f5:51:14:52:7c:
6d:e6:fb:3f:38:06:9a:87:16:7c:5b:ac:04:f2:6c:
99:21:1a:9a:ac:cc:b6:3f:7b:f3:d5:a8:5e:0f:47:
af:d6:5d:bc:c2:04:98:5a:45:ab:6b:bf:7c:87:92:
a5:0c:6d:6c:ab:47:8d:2b:3d:1d:da:57:43:d6:0d:
1e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:91:B7:B1:33:53:03:7E:89:F7:3E:F1:08:91:97:8E:2F:E5:8E:3D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-pG3sTNTA36J9z7xCJGXji_ljj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.14.0/24
151.243.111.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e3:ef:38:f6:6a:ba:00:93:88:e5:ca:a2:58:2e:5e:5f:2a:
a8:35:15:3b:d3:28:4f:1b:ec:d5:26:cb:b3:da:53:ec:4a:12:
d9:8d:d6:20:82:6b:41:f1:0a:e4:dd:c3:27:fd:a9:9f:61:34:
fc:a4:71:ef:9b:8e:51:a9:63:5b:a3:9e:c5:98:27:50:48:cd:
5f:5a:d1:cb:a9:08:f2:bf:25:d3:08:c9:e9:2b:80:1d:a6:fb:
43:b5:b8:05:73:b2:98:21:ae:1a:fc:a9:c5:58:03:5c:68:88:
29:5d:cd:2f:2a:71:b0:9a:38:c9:73:5c:df:e8:76:a9:b2:0b:
7e:4c:9b:19:2b:cb:ed:31:b8:d7:a8:b3:7a:93:6c:c9:98:48:
c4:b6:f1:0d:a7:5a:d3:cc:7d:86:b1:5b:30:08:38:09:1f:cf:
3e:e4:1d:50:4f:be:c3:8e:bb:65:70:58:02:dc:54:f9:a2:c8:
82:50:21:84:2c:dc:02:cc:1f:77:48:73:7e:1e:41:cf:46:05:
50:12:04:77:f6:4d:1f:50:cd:da:2b:20:01:f6:55:fe:36:9a:
14:48:3b:94:1e:26:aa:2e:44:30:1f:3e:76:63:5b:4c:21:1e:
e6:f6:11:74:76:56:66:31:1e:2b:30:38:0e:72:c4:d8:41:11:
c5:26:94:c3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZXblP/747dqTLagrSet3JTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzI4MDcwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTkxYjdiMTMzNTMwMzdlODlmNzNlZjEwODkxOTc4ZTJmZTU4ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDKs8iAv7msKIgqHvpNdP/jL09wd
PbRZO6XELN0G4gT6n/ban02Af6ntFtrjgV/j/Ii+beiWyGMIUxmHQB1JilveUp50
bPiTwCIa7Ljtw3W8Kret1IUPHrBona3nERkH2bEqqY68NbpyK6J+kMd5GsdbtbWI
YErVULOiPmU1I2B0wvch8l/Rb0mfydxynH1nLdQa6r9RECZ5MGgwoluip7NrtZKp
VBExp35+UMuZP06NVWxrgW1G/tfVxpGL9VEUUnxt5vs/OAaahxZ8W6wE8myZIRqa
rMy2P3vz1aheD0ev1l28wgSYWkWra798h5KlDG1sq0eNKz0d2ldD1g0eSQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqRt7EzUwN+ifc+8QiRl44v5Y49MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1wRzNzVE5UQTM2Sjl6N3hDSkdYamlfbGpqMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJfzDgME
AJfzbzANBgkqhkiG9w0BAQsFAAOCAQEAFePvOPZqugCTiOXKolguXl8qqDUVO9Mo
Txvs1SbLs9pT7EoS2Y3WIIJrQfEK5N3DJ/2pn2E0/KRx75uOUaljW6OexZgnUEjN
X1rRy6kI8r8l0wjJ6SuAHab7Q7W4BXOymCGuGvypxVgDXGiIKV3NLypxsJo4yXNc
3+h2qbILfkybGSvL7TG416izepNsyZhIxLbxDada08x9hrFbMAg4CR/PPuQdUE++
w467ZXBYAtxU+aLIglAhhCzcAswfd0hzfh5Bz0YFUBIEd/ZNH1DN2isgAfZV/jaa
FEg7lB4mqi5EMB8+dmNbTCEe5vYRdHZWZjEeKzA4DnLE2EERxSaUww==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:05 2025 by rpki-client