Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3eGZ-ExabfjaVO7EF7xT4ornHMc.roa
File: 3eGZ-ExabfjaVO7EF7xT4ornHMc.roa (raw, json)
Hash identifier: YPEEQ/thW2DFUINorXW88jIEq9TS7usYiKF/QDdmFkA=
Subject key identifier: DD:E1:99:F8:4C:5A:6D:F8:DA:54:EE:C4:17:BC:53:E2:8A:E7:1C:C7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01957F539B7922B977613ED255B54A745C9D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3eGZ-ExabfjaVO7EF7xT4ornHMc.roa
Signing time: Mon 10 Mar 2025 09:12:20 +0000
ROA not before: Mon 10 Mar 2025 09:12:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138195
IP address blocks: 151.242.22.0/24 maxlen: 24
151.243.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:53:9b:79:22:b9:77:61:3e:d2:55:b5:4a:74:5c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 10 09:12:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dde199f84c5a6df8da54eec417bc53e28ae71cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:56:5d:28:be:ce:e5:c4:12:f0:52:24:42:40:
69:be:cd:31:66:80:ff:7d:32:b8:22:db:31:bc:12:
9d:b4:f2:97:50:0a:94:b9:c6:73:e9:f6:79:a7:3b:
2f:00:0a:f4:da:79:78:6a:ab:ba:52:cd:3a:15:34:
38:7d:1b:29:0f:4f:0a:2d:8f:e6:25:ff:fe:f6:13:
42:93:e1:61:c1:06:bb:f7:f1:fb:a0:24:62:1a:76:
3f:42:d6:a4:16:98:a2:86:38:82:49:88:28:21:31:
2c:71:f2:1d:49:07:b7:35:dd:13:5d:74:3a:14:8d:
46:77:b9:20:95:42:6b:93:16:f6:12:64:1e:80:ae:
ef:99:17:c7:b4:bc:1f:a5:bf:3c:eb:b0:cb:dc:da:
81:5f:c8:70:59:10:46:cc:e6:76:43:85:96:4f:66:
10:96:ef:ce:74:c5:3c:d8:26:53:90:6b:54:54:38:
27:5b:a2:02:33:cf:42:08:bd:9b:d3:b6:00:76:da:
81:56:7c:3a:22:66:3d:fd:f3:c6:8e:f8:38:4e:f3:
bf:bd:74:56:71:19:61:f8:f2:02:79:51:84:b2:ee:
b1:7b:f1:af:79:93:9c:4d:5e:1d:e6:9c:15:b7:52:
3c:56:21:59:b7:04:c1:35:f0:1f:27:be:3e:c5:37:
3f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E1:99:F8:4C:5A:6D:F8:DA:54:EE:C4:17:BC:53:E2:8A:E7:1C:C7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3eGZ-ExabfjaVO7EF7xT4ornHMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.22.0/24
151.243.175.0/24
Signature Algorithm: sha256WithRSAEncryption
23:94:92:b7:64:5d:0d:f3:d4:00:f5:67:ed:bb:ce:b1:16:0b:
02:39:95:72:21:a7:55:67:2d:3d:8d:cf:5c:72:5a:2a:86:8d:
68:d3:ab:cd:df:27:85:9d:88:ef:00:3b:fc:22:00:79:2c:98:
48:e4:6b:1c:48:0c:89:d3:ae:06:eb:0f:13:bb:ba:42:49:5e:
ee:88:43:b9:b4:93:bf:88:b7:c7:b9:46:d7:c3:64:7a:2f:fd:
3b:69:ba:16:c0:d9:28:4b:ce:2f:0e:4f:43:09:8d:4a:75:40:
1e:24:7a:7e:63:95:f0:d0:bb:bd:7a:2b:fe:9a:97:02:19:9e:
b1:5c:41:5d:cf:eb:f5:9c:0d:f7:07:92:01:fe:6b:b5:c1:36:
23:64:a2:5f:da:aa:f1:12:a1:4c:aa:2a:35:90:ae:32:57:ff:
51:9a:48:ff:80:33:18:e2:ab:39:3f:0e:fa:75:38:f2:70:c4:
0d:4d:19:80:01:05:2d:e9:2d:a0:95:6f:7f:91:10:d4:cb:89:
b2:f8:dc:a0:9a:c0:22:3e:63:25:86:52:11:c0:73:1c:2d:0c:
d1:eb:8a:1c:42:97:88:73:76:dc:1e:c1:e4:c2:0a:3f:2d:da:
f0:af:24:19:ad:9d:ae:74:ae:10:1f:f0:ab:95:55:12:d2:e1:
70:5d:ed:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZV/U5t5Irl3YT7SVbVKdFydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEwMDkxMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGUxOTlmODRjNWE2ZGY4ZGE1NGVlYzQxN2JjNTNlMjhhZTcxY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFZdKL7O5cQS8FIkQkBpvs0xZoD/
fTK4ItsxvBKdtPKXUAqUucZz6fZ5pzsvAAr02nl4aqu6Us06FTQ4fRspD08KLY/m
Jf/+9hNCk+FhwQa79/H7oCRiGnY/QtakFpiihjiCSYgoITEscfIdSQe3Nd0TXXQ6
FI1Gd7kglUJrkxb2EmQegK7vmRfHtLwfpb8867DL3NqBX8hwWRBGzOZ2Q4WWT2YQ
lu/OdMU82CZTkGtUVDgnW6ICM89CCL2b07YAdtqBVnw6ImY9/fPGjvg4TvO/vXRW
cRlh+PICeVGEsu6xe/GveZOcTV4d5pwVt1I8ViFZtwTBNfAfJ74+xTc/5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3hmfhMWm342lTuxBe8U+KK5xzHMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM2VHWi1FeGFiZmphVk83RUY3eFQ0b3JuSE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/IWAwQA
l/OvMA0GCSqGSIb3DQEBCwUAA4IBAQAjlJK3ZF0N89QA9Wftu86xFgsCOZVyIadV
Zy09jc9ccloqho1o06vN3yeFnYjvADv8IgB5LJhI5GscSAyJ064G6w8Tu7pCSV7u
iEO5tJO/iLfHuUbXw2R6L/07aboWwNkoS84vDk9DCY1KdUAeJHp+Y5Xw0Lu9eiv+
mpcCGZ6xXEFdz+v1nA33B5IB/mu1wTYjZKJf2qrxEqFMqio1kK4yV/9Rmkj/gDMY
4qs5Pw76dTjycMQNTRmAAQUt6S2glW9/kRDUy4my+NygmsAiPmMlhlIRwHMcLQzR
64ocQpeIc3bcHsHkwgo/LdrwryQZrZ2udK4QH/CrlVUS0uFwXe30
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:48:14 2025 by rpki-client