Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AbfejDOyGB1Fp5f9bwLucZ-Acjg.roa
File: AbfejDOyGB1Fp5f9bwLucZ-Acjg.roa (raw, json)
Hash identifier: VrDtZa3bRInUw8sSBtOTiNvtYyGNLW7/1p11txMKPsI=
Subject key identifier: 01:B7:DE:8C:33:B2:18:1D:45:A7:97:FD:6F:02:EE:71:9F:80:72:38
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01949BA9D6B5B69F1AB1B845EF4479C434AC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AbfejDOyGB1Fp5f9bwLucZ-Acjg.roa
Signing time: Sat 25 Jan 2025 04:13:06 +0000
ROA not before: Sat 25 Jan 2025 04:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4637
IP address blocks: 151.242.1.0/24 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.7.0/24 maxlen: 24
151.242.10.0/24 maxlen: 24
151.242.12.0/24 maxlen: 24
151.242.15.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.23.0/24 maxlen: 24
151.242.26.0/24 maxlen: 24
151.242.29.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.73.0/24 maxlen: 24
151.242.74.0/24 maxlen: 24
151.242.75.0/24 maxlen: 24
151.242.76.0/24 maxlen: 24
151.242.77.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.80.0/24 maxlen: 24
151.242.81.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.83.0/24 maxlen: 24
151.242.84.0/24 maxlen: 24
151.242.85.0/24 maxlen: 24
151.242.86.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.88.0/24 maxlen: 24
151.242.89.0/24 maxlen: 24
151.242.90.0/24 maxlen: 24
151.242.91.0/24 maxlen: 24
151.243.202.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9b:a9:d6:b5:b6:9f:1a:b1:b8:45:ef:44:79:c4:34:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 25 04:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01b7de8c33b2181d45a797fd6f02ee719f807238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:c6:80:a8:07:9b:3b:c1:9e:bf:26:39:37:
e0:15:2b:bb:3c:0f:1e:43:c2:0d:df:7c:e2:1c:f5:
a2:a6:30:39:c7:22:1a:f4:5a:c7:d1:78:cb:db:0f:
6e:74:ac:b5:92:3f:1f:0a:20:c6:f3:1a:98:ed:c6:
23:4f:5a:46:53:85:10:91:1c:ba:47:13:da:fa:32:
28:66:11:a0:eb:e8:cd:39:86:58:29:2b:b9:6b:df:
94:ec:0b:10:05:c9:22:8d:50:12:6a:44:a1:66:54:
10:71:0e:87:46:ef:3e:61:85:bd:a5:eb:bf:94:4b:
53:19:d9:27:57:bf:b7:64:39:69:c1:2a:48:f1:f7:
75:2c:9f:39:ad:b7:1a:83:1a:bb:7b:cc:29:1c:40:
7b:f7:a0:31:52:ae:8f:3e:d0:b9:dd:0c:3b:0b:15:
3a:a7:39:dd:0f:e5:8b:fc:e1:c9:4a:92:a2:9a:81:
f4:41:d2:8c:0c:a1:21:56:75:4e:a4:12:1e:20:f1:
79:7c:e6:6d:5b:a5:fa:05:4e:d0:85:44:0d:9c:c1:
16:d9:c7:d0:56:73:b3:4a:a4:2c:4e:d3:02:8e:5f:
20:b4:f6:73:85:51:37:5b:6e:03:ca:17:ff:75:a0:
21:2e:3b:cf:22:1d:e0:9c:6d:67:71:e0:57:9b:e5:
b5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B7:DE:8C:33:B2:18:1D:45:A7:97:FD:6F:02:EE:71:9F:80:72:38
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AbfejDOyGB1Fp5f9bwLucZ-Acjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.1.0/24
151.242.4.0/24
151.242.7.0/24
151.242.10.0/24
151.242.12.0/24
151.242.15.0/24
151.242.17.0/24
151.242.20.0/24
151.242.23.0/24
151.242.26.0/24
151.242.29.0/24
151.242.32.0/24
151.242.73.0-151.242.91.255
151.243.202.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:2f:3a:20:be:5f:32:51:29:4e:78:db:d1:cf:c7:90:82:0e:
3d:a0:6a:cf:0f:22:bd:2d:9b:f8:ac:ba:00:08:52:7d:5c:3b:
de:2d:0f:af:eb:54:94:ab:41:a7:b9:60:61:82:0e:66:43:85:
06:83:79:5e:a2:2f:c4:58:d7:19:54:fe:30:54:d1:cf:5e:83:
6d:4a:22:d8:ad:ac:41:07:16:a9:72:65:09:5e:58:61:ef:e7:
ac:23:84:8b:53:d1:ca:f1:c3:60:24:c7:d5:17:59:da:59:3c:
68:29:f8:b1:db:08:70:af:b3:ed:12:40:54:c9:c4:86:e6:ac:
81:89:fa:9c:6b:e0:19:92:f3:6d:5a:63:90:22:1e:ab:f4:07:
38:a3:b7:c3:a8:ea:f5:70:86:a9:50:96:4e:2b:a9:bf:bd:6e:
ef:fd:0d:30:57:2b:66:33:78:e6:09:22:cf:97:79:20:00:98:
65:b7:e9:27:63:79:f7:80:bd:47:20:2a:48:d0:b0:64:ea:0f:
53:cd:39:2d:dd:d4:d8:99:8b:72:76:3d:a8:97:23:d7:2a:72:
12:a5:10:1e:d5:af:c6:6c:db:32:a0:2c:e1:0e:25:1a:49:3d:
1f:12:71:5f:c6:c8:34:e1:ab:26:23:79:7f:a4:9a:59:bd:08:
d0:74:37:e8
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZSbqda1tp8asbhF70R5xDSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTI1MDQxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWI3ZGU4YzMzYjIxODFkNDVhNzk3ZmQ2ZjAyZWU3MTlmODA3MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ7GgKgHmzvBnr8mOTfgFSu7PA8e
Q8IN33ziHPWipjA5xyIa9FrH0XjL2w9udKy1kj8fCiDG8xqY7cYjT1pGU4UQkRy6
RxPa+jIoZhGg6+jNOYZYKSu5a9+U7AsQBckijVASakShZlQQcQ6HRu8+YYW9peu/
lEtTGdknV7+3ZDlpwSpI8fd1LJ85rbcagxq7e8wpHEB796AxUq6PPtC53Qw7CxU6
pzndD+WL/OHJSpKimoH0QdKMDKEhVnVOpBIeIPF5fOZtW6X6BU7QhUQNnMEW2cfQ
VnOzSqQsTtMCjl8gtPZzhVE3W24Dyhf/daAhLjvPIh3gnG1nceBXm+W1iQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFAG33owzshgdRaeX/W8C7nGfgHI4MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQWJmZWpET3lHQjFGcDVmOWJ3THVjWi1BY2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAl/IBAwQA
l/IEAwQAl/IHAwQAl/IKAwQAl/IMAwQAl/IPAwQAl/IRAwQAl/IUAwQAl/IXAwQA
l/IaAwQAl/IdAwQAl/IgMAwDBACX8kkDBAKX8lgDBAGX88owDQYJKoZIhvcNAQEL
BQADggEBAB4vOiC+XzJRKU5429HPx5CCDj2gas8PIr0tm/isugAIUn1cO94tD6/r
VJSrQae5YGGCDmZDhQaDeV6iL8RY1xlU/jBU0c9eg21KItitrEEHFqlyZQleWGHv
56wjhItT0crxw2Akx9UXWdpZPGgp+LHbCHCvs+0SQFTJxIbmrIGJ+pxr4BmS821a
Y5AiHqv0Bzijt8Oo6vVwhqlQlk4rqb+9bu/9DTBXK2YzeOYJIs+XeSAAmGW36Sdj
efeAvUcgKkjQsGTqD1PNOS3d1NiZi3J2PaiXI9cqchKlEB7Vr8Zs2zKgLOEOJRpJ
PR8ScV/GyDThqyYjeX+kmlm9CNB0N+g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:09 2025 by rpki-client