Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3w2qowMj6QdeCdZpAwFz15fC9js.roa
File: 3w2qowMj6QdeCdZpAwFz15fC9js.roa (raw, json)
Hash identifier: a9krDNUj9DMMteCChUSC6Ki9eDGMbBnRTv72agVWc6o=
Subject key identifier: DF:0D:AA:A3:03:23:E9:07:5E:09:D6:69:03:01:73:D7:97:C2:F6:3B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194F4086EFA9036F1679FD05C5728ED22AC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3w2qowMj6QdeCdZpAwFz15fC9js.roa
Signing time: Tue 11 Feb 2025 08:03:00 +0000
ROA not before: Tue 11 Feb 2025 08:03:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 151.243.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:08:6e:fa:90:36:f1:67:9f:d0:5c:57:28:ed:22:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 11 08:03:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df0daaa30323e9075e09d669030173d797c2f63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:bf:f8:7b:31:48:75:89:19:a1:dc:61:db:
a8:4f:96:c2:04:c2:a5:d4:ea:02:50:a8:75:d7:34:
ae:81:b0:b2:62:51:ea:5b:4e:13:bd:3b:8a:c3:ac:
30:7c:c2:7f:1a:db:c3:9a:14:d7:3c:94:53:be:71:
67:f6:43:7c:6e:7b:fe:dd:c3:cf:97:64:41:03:39:
11:00:8d:9c:d0:cd:25:17:56:c8:5e:c9:cc:98:c6:
ee:4f:11:7c:e2:7e:3b:da:77:71:5e:63:e3:de:f8:
d9:d8:54:eb:23:c4:c8:67:ef:02:94:c4:5f:20:b1:
25:b9:ac:ec:00:45:05:0e:bb:30:96:b5:8c:0b:a3:
5e:01:da:03:6b:76:02:2e:7b:be:31:59:78:60:12:
4e:28:30:70:cc:b0:be:43:ba:b5:08:ee:85:6e:1d:
b9:17:26:06:40:32:cb:c9:10:c4:ae:45:fa:12:91:
c9:a8:07:4d:ff:d8:ea:71:b6:bb:af:1b:ed:81:55:
f2:8e:2a:a6:ed:51:49:4c:4a:e4:8a:5e:b7:17:92:
1e:52:16:58:37:17:a8:ca:84:43:f8:e4:7c:50:f5:
99:92:8a:35:ed:48:0a:a7:c2:d3:51:e0:2e:32:ac:
5e:49:1d:3e:e6:74:e3:79:4d:dc:c3:a9:12:36:89:
6e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0D:AA:A3:03:23:E9:07:5E:09:D6:69:03:01:73:D7:97:C2:F6:3B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3w2qowMj6QdeCdZpAwFz15fC9js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.42.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:bd:90:9f:de:f5:57:47:55:eb:db:08:7e:12:18:72:1d:51:
71:90:f6:fa:ba:72:f2:9f:f5:27:66:ae:38:59:b8:33:4e:e3:
e1:df:08:e5:c1:6c:fb:fb:12:78:10:96:b1:0c:8d:04:e8:2e:
48:41:c8:77:36:3b:5f:cc:e0:50:4a:73:3c:6f:1e:23:60:3e:
ed:54:a6:7d:d5:3d:5c:d1:5a:53:b5:e3:73:e3:5f:05:6e:07:
14:bc:cd:62:59:99:47:a6:79:b7:8b:71:3f:fe:fb:4e:b5:91:
b2:1f:04:a7:de:26:6c:42:f1:d3:82:69:19:4e:b4:b9:77:30:
dd:6b:f7:3e:62:67:ab:aa:cb:6b:ff:fe:6a:d0:37:a6:2b:c8:
a7:4c:a4:ad:27:77:13:bb:52:6b:44:78:e0:10:bb:b3:a5:db:
6b:06:10:a7:d8:69:d0:58:34:9d:9f:f6:b5:8b:2c:ff:a5:57:
05:8c:0b:bb:cc:85:01:54:06:45:af:40:93:ba:8f:72:f2:c9:
01:43:5e:73:bc:3c:48:64:1d:9b:a2:4a:84:04:02:ab:3a:bf:
6b:18:b3:75:67:a5:f6:ea:15:9b:03:d4:5d:6d:57:1c:1d:a0:
89:e0:a8:6a:e7:6d:e1:80:9b:4e:2b:79:85:c4:29:2b:3e:3c:
91:1a:6b:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT0CG76kDbxZ5/QXFco7SKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjExMDgwMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjBkYWFhMzAzMjNlOTA3NWUwOWQ2NjkwMzAxNzNkNzk3YzJmNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw2/+HsxSHWJGaHcYduoT5bCBMKl
1OoCUKh11zSugbCyYlHqW04TvTuKw6wwfMJ/GtvDmhTXPJRTvnFn9kN8bnv+3cPP
l2RBAzkRAI2c0M0lF1bIXsnMmMbuTxF84n472ndxXmPj3vjZ2FTrI8TIZ+8ClMRf
ILEluazsAEUFDrswlrWMC6NeAdoDa3YCLnu+MVl4YBJOKDBwzLC+Q7q1CO6Fbh25
FyYGQDLLyRDErkX6EpHJqAdN/9jqcba7rxvtgVXyjiqm7VFJTErkil63F5IeUhZY
NxeoyoRD+OR8UPWZkoo17UgKp8LTUeAuMqxeSR0+5nTjeU3cw6kSNoluFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8NqqMDI+kHXgnWaQMBc9eXwvY7MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM3cycW93TWo2UWRlQ2RacEF3RnoxNWZDOWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/MqMA0G
CSqGSIb3DQEBCwUAA4IBAQCkvZCf3vVXR1Xr2wh+EhhyHVFxkPb6unLyn/UnZq44
WbgzTuPh3wjlwWz7+xJ4EJaxDI0E6C5IQch3NjtfzOBQSnM8bx4jYD7tVKZ91T1c
0VpTteNz418FbgcUvM1iWZlHpnm3i3E//vtOtZGyHwSn3iZsQvHTgmkZTrS5dzDd
a/c+Ymerqstr//5q0DemK8inTKStJ3cTu1JrRHjgELuzpdtrBhCn2GnQWDSdn/a1
iyz/pVcFjAu7zIUBVAZFr0CTuo9y8skBQ15zvDxIZB2bokqEBAKrOr9rGLN1Z6X2
6hWbA9RdbVccHaCJ4Khq523hgJtOK3mFxCkrPjyRGmsf
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:14 2025 by rpki-client