Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1Zbm1-4Bx7y3_9X0NUvaFpPDmN0.roa
File: 1Zbm1-4Bx7y3_9X0NUvaFpPDmN0.roa (raw, json)
Hash identifier: G7Ytk4rnQom/UWqeOo8dcdNy4sg6YIotwoHA2A+ohK0=
Subject key identifier: D5:96:E6:D7:EE:01:C7:BC:B7:FF:D5:F4:35:4B:DA:16:93:C3:98:DD
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194F4086DA23C6017C09B5232B0656D2191
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1Zbm1-4Bx7y3_9X0NUvaFpPDmN0.roa
Signing time: Tue 11 Feb 2025 08:03:00 +0000
ROA not before: Tue 11 Feb 2025 08:03:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 151.243.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:08:6d:a2:3c:60:17:c0:9b:52:32:b0:65:6d:21:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 11 08:03:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d596e6d7ee01c7bcb7ffd5f4354bda1693c398dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:2c:5a:58:c2:20:2a:df:c7:55:81:21:9d:af:
70:f2:e3:dd:5c:b9:03:61:13:62:5f:97:16:0c:7e:
06:3d:c1:e2:30:f6:6c:ea:b1:7f:db:a7:40:e4:a3:
b5:97:46:75:16:e8:c5:17:ed:13:21:55:a6:f9:59:
d3:1f:e1:3d:31:2a:b7:df:04:3d:6b:ee:97:b4:5b:
98:13:4d:5d:22:bd:69:2a:20:04:e9:45:f6:7a:88:
26:18:a4:40:70:e9:b8:b3:20:cc:86:98:7d:18:a4:
97:5e:19:73:af:6f:12:3f:1a:80:3f:61:d4:62:06:
0e:45:73:10:68:d2:0f:74:27:40:a9:ad:1c:93:fb:
93:54:6a:51:27:85:d6:d4:cc:06:79:2d:fc:27:65:
98:a6:6a:d4:a2:bd:1c:a3:2b:af:d4:e1:a6:c0:3c:
3e:71:24:6c:96:ee:77:33:bc:cc:9b:2c:80:b7:81:
cb:c9:4b:d1:7c:a6:23:6b:61:de:32:ec:a1:d7:70:
c0:72:ce:27:69:55:41:f8:74:50:56:aa:e6:6d:7b:
24:18:03:69:6a:b6:0f:82:1a:93:d2:fc:a2:a2:07:
93:53:6a:66:d1:de:22:35:3f:24:07:e3:14:0a:d0:
0e:ca:7a:2f:52:20:ed:fd:d6:44:ad:b9:a0:c4:da:
cf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:96:E6:D7:EE:01:C7:BC:B7:FF:D5:F4:35:4B:DA:16:93:C3:98:DD
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1Zbm1-4Bx7y3_9X0NUvaFpPDmN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:35:7c:c0:62:2f:90:fb:45:0a:95:e6:6b:9b:31:6b:98:7b:
d4:a2:de:92:c9:dc:ab:04:40:98:f9:3a:5f:9a:49:4e:dd:3d:
59:b3:25:6b:36:02:de:6c:43:b0:5b:18:c8:12:c2:3e:c5:cb:
71:1f:ca:c8:ce:ca:3f:ef:64:1c:ee:06:c3:48:c6:4e:98:81:
3a:f4:b3:e8:2d:08:04:76:2c:a2:6c:d6:89:61:53:38:e8:1d:
5e:5c:1c:17:ae:5f:3f:0c:c9:fd:c5:ae:e7:36:a3:a0:37:9d:
22:44:e2:f4:d4:d4:eb:d5:12:8f:e1:fb:21:65:5f:5c:cd:71:
17:cf:9e:9c:8b:4e:e0:69:14:26:11:cb:e9:d0:9f:c9:dc:15:
6b:16:b3:80:95:ca:9f:7c:10:6d:84:65:78:67:bc:1c:fe:db:
92:65:06:9c:f1:64:36:ef:bd:ce:fb:0b:09:d3:50:49:bc:73:
07:c8:b9:04:4c:be:80:ed:c9:76:4a:ff:cd:d3:8f:aa:b4:52:
d6:91:ce:b3:1d:a3:84:97:87:c5:6b:08:9b:4f:20:27:32:76:
63:46:6c:c3:a0:b2:76:f5:6b:df:07:2e:27:84:79:51:7e:8b:
db:81:f7:77:da:23:c0:07:ec:02:62:ae:00:a5:34:82:c2:9a:
f9:61:ce:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT0CG2iPGAXwJtSMrBlbSGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjExMDgwMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk2ZTZkN2VlMDFjN2JjYjdmZmQ1ZjQzNTRiZGExNjkzYzM5OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ixaWMIgKt/HVYEhna9w8uPdXLkD
YRNiX5cWDH4GPcHiMPZs6rF/26dA5KO1l0Z1FujFF+0TIVWm+VnTH+E9MSq33wQ9
a+6XtFuYE01dIr1pKiAE6UX2eogmGKRAcOm4syDMhph9GKSXXhlzr28SPxqAP2HU
YgYORXMQaNIPdCdAqa0ck/uTVGpRJ4XW1MwGeS38J2WYpmrUor0coyuv1OGmwDw+
cSRslu53M7zMmyyAt4HLyUvRfKYja2HeMuyh13DAcs4naVVB+HRQVqrmbXskGANp
arYPghqT0vyiogeTU2pm0d4iNT8kB+MUCtAOynovUiDt/dZErbmgxNrPJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWW5tfuAce8t//V9DVL2haTw5jdMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMVpibTEtNEJ4N3kzXzlYME5VdmFGcFBEbU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/MOMA0G
CSqGSIb3DQEBCwUAA4IBAQAdNXzAYi+Q+0UKleZrmzFrmHvUot6SydyrBECY+Tpf
mklO3T1ZsyVrNgLebEOwWxjIEsI+xctxH8rIzso/72Qc7gbDSMZOmIE69LPoLQgE
diyibNaJYVM46B1eXBwXrl8/DMn9xa7nNqOgN50iROL01NTr1RKP4fshZV9czXEX
z56ci07gaRQmEcvp0J/J3BVrFrOAlcqffBBthGV4Z7wc/tuSZQac8WQ2773O+wsJ
01BJvHMHyLkETL6A7cl2Sv/N04+qtFLWkc6zHaOEl4fFawibTyAnMnZjRmzDoLJ2
9WvfBy4nhHlRfovbgfd32iPAB+wCYq4ApTSCwpr5Yc6l
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:56:50 2025 by rpki-client