Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/BPfvS7W2hBuJ5bH7ONIFyBLpNQM.roa
File: BPfvS7W2hBuJ5bH7ONIFyBLpNQM.roa (raw, json)
Hash identifier: Z+YaJI3n+hAZrHSLFaJRbzH6H7prTciZz+oe2vJ0h7M=
Subject key identifier: 04:F7:EF:4B:B5:B6:84:1B:89:E5:B1:FB:38:D2:05:C8:12:E9:35:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01948C60E127422199E90AAB230C97BC75E1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/BPfvS7W2hBuJ5bH7ONIFyBLpNQM.roa
Signing time: Wed 22 Jan 2025 04:59:06 +0000
ROA not before: Wed 22 Jan 2025 04:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 151.243.188.0/22 maxlen: 24
151.243.215.0/24 maxlen: 24
151.243.217.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
151.243.223.0/24 maxlen: 24
151.243.225.0/24 maxlen: 24
151.243.227.0/24 maxlen: 24
151.243.229.0/24 maxlen: 24
151.243.235.0/24 maxlen: 24
151.243.237.0/24 maxlen: 24
151.243.239.0/24 maxlen: 24
151.243.241.0/24 maxlen: 24
151.243.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8c:60:e1:27:42:21:99:e9:0a:ab:23:0c:97:bc:75:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 22 04:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04f7ef4bb5b6841b89e5b1fb38d205c812e93503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:83:e2:93:1f:a9:30:e0:66:23:9e:f1:47:c4:
57:87:8c:82:28:f9:dd:e7:77:c7:ef:91:dd:34:f1:
92:32:04:98:9d:43:00:a5:5d:bb:f7:e1:f1:06:69:
28:32:21:3c:44:e5:5a:ad:4c:da:1c:de:ae:aa:7b:
73:82:04:ab:5c:4c:10:02:e9:0f:c9:f1:9d:05:b8:
95:f9:35:57:f2:86:dc:bb:93:52:b1:0d:21:bc:13:
9e:e0:66:ff:5f:a3:2e:d4:3c:7b:4e:c5:1f:f4:50:
c4:d1:6c:e3:d0:11:09:8a:26:89:a7:40:d9:18:bb:
aa:3c:be:b8:e1:ac:6e:00:b9:72:78:b9:b6:0a:42:
1d:b4:62:52:5b:c2:93:21:5d:a3:64:4c:05:85:dd:
d6:fd:2d:9a:28:16:fb:04:07:7a:01:00:38:c2:84:
3c:6f:d2:8f:12:f2:d6:77:49:88:8b:47:85:35:29:
2f:53:64:8f:a0:31:d3:8a:4b:32:65:66:e4:23:5f:
77:eb:76:7f:49:9a:a4:32:c9:6b:d2:3b:96:3f:ee:
fa:fe:4e:5b:68:6e:69:ac:2b:96:e6:15:b1:cd:d4:
5c:ab:79:e6:ca:bf:e5:a5:a2:df:79:c1:16:7b:bd:
3c:fe:96:61:ae:a3:e0:a4:24:6b:38:93:48:23:03:
3b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F7:EF:4B:B5:B6:84:1B:89:E5:B1:FB:38:D2:05:C8:12:E9:35:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/BPfvS7W2hBuJ5bH7ONIFyBLpNQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.188.0/22
151.243.215.0/24
151.243.217.0/24
151.243.221.0/24
151.243.223.0/24
151.243.225.0/24
151.243.227.0/24
151.243.229.0/24
151.243.235.0/24
151.243.237.0/24
151.243.239.0/24
151.243.241.0/24
151.243.254.0/24
Signature Algorithm: sha256WithRSAEncryption
65:0c:25:00:58:40:dd:27:b2:4a:84:40:3a:db:3d:c6:e9:03:
f3:fd:93:87:19:d5:e8:8b:5e:31:c0:64:1d:fa:44:86:90:4f:
e4:a5:67:7f:52:4d:ef:c8:ed:16:92:66:f4:8d:57:41:10:cb:
b6:41:3d:57:ba:e4:08:34:ef:f1:ff:7b:09:3f:f2:1a:27:ab:
57:b4:18:19:e5:2f:82:72:34:53:32:f0:c7:71:10:b9:73:0a:
74:1d:0e:0e:fc:a1:83:4d:c9:6c:fb:ef:b5:41:7c:3c:70:9d:
0c:5d:1c:38:de:be:e1:fe:7a:0b:13:a4:86:e1:e0:20:a7:75:
99:19:92:7e:09:1f:ef:8f:81:b5:d3:e6:35:0a:ae:7a:fe:3a:
cb:d1:49:28:b6:03:6f:e2:ad:8b:27:63:6c:b8:3b:37:23:14:
30:85:a0:33:94:30:09:0f:8f:a3:ff:c0:05:f1:d2:0f:4d:22:
74:19:08:38:4c:6d:f0:e0:01:7b:d3:93:29:da:c4:04:08:16:
71:a6:4d:19:eb:8c:01:f8:02:11:a2:55:2f:b4:de:4b:fa:46:
4f:c9:cd:23:82:8f:c1:bf:4d:dd:eb:43:14:bc:d0:37:38:e2:
5c:ed:3a:98:fd:d0:06:21:39:d2:b9:bd:d7:20:66:6f:35:3a:
65:ac:63:cd
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZSMYOEnQiGZ6QqrIwyXvHXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTIyMDQ1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY3ZWY0YmI1YjY4NDFiODllNWIxZmIzOGQyMDVjODEyZTkzNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIPikx+pMOBmI57xR8RXh4yCKPnd
53fH75HdNPGSMgSYnUMApV279+HxBmkoMiE8ROVarUzaHN6uqntzggSrXEwQAukP
yfGdBbiV+TVX8obcu5NSsQ0hvBOe4Gb/X6Mu1Dx7TsUf9FDE0Wzj0BEJiiaJp0DZ
GLuqPL644axuALlyeLm2CkIdtGJSW8KTIV2jZEwFhd3W/S2aKBb7BAd6AQA4woQ8
b9KPEvLWd0mIi0eFNSkvU2SPoDHTiksyZWbkI19363Z/SZqkMslr0juWP+76/k5b
aG5prCuW5hWxzdRcq3nmyr/lpaLfecEWe708/pZhrqPgpCRrOJNIIwM7HQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAT370u1toQbieWx+zjSBcgS6TUDMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQlBmdlM3VzJoQnVKNWJIN09OSUZ5QkxwTlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCl/O8AwQA
l/PXAwQAl/PZAwQAl/PdAwQAl/PfAwQAl/PhAwQAl/PjAwQAl/PlAwQAl/PrAwQA
l/PtAwQAl/PvAwQAl/PxAwQAl/P+MA0GCSqGSIb3DQEBCwUAA4IBAQBlDCUAWEDd
J7JKhEA62z3G6QPz/ZOHGdXoi14xwGQd+kSGkE/kpWd/Uk3vyO0Wkmb0jVdBEMu2
QT1XuuQINO/x/3sJP/IaJ6tXtBgZ5S+CcjRTMvDHcRC5cwp0HQ4O/KGDTcls+++1
QXw8cJ0MXRw43r7h/noLE6SG4eAgp3WZGZJ+CR/vj4G10+Y1Cq56/jrL0UkotgNv
4q2LJ2NsuDs3IxQwhaAzlDAJD4+j/8AF8dIPTSJ0GQg4TG3w4AF705Mp2sQECBZx
pk0Z64wB+AIRolUvtN5L+kZPyc0jgo/Bv03d60MUvNA3OOJc7TqY/dAGITnSub3X
IGZvNTplrGPN
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:29:42 2025 by rpki-client