Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/G8hd97pmZTVrnUpQfpiToSUJ_hY.roa
File: G8hd97pmZTVrnUpQfpiToSUJ_hY.roa (raw, json)
Hash identifier: SzJwYqu6WTEGOiOaXxg3YxrbI41SOT4Awd9MscmM+Y8=
Subject key identifier: 1B:C8:5D:F7:BA:66:65:35:6B:9D:4A:50:7E:98:93:A1:25:09:FE:16
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195A3041C09FB6294BB06029E231B000789
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/G8hd97pmZTVrnUpQfpiToSUJ_hY.roa
Signing time: Mon 17 Mar 2025 07:31:50 +0000
ROA not before: Mon 17 Mar 2025 07:31:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 151.242.0.0/24 maxlen: 24
151.242.65.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:04:1c:09:fb:62:94:bb:06:02:9e:23:1b:00:07:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 17 07:31:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bc85df7ba6665356b9d4a507e9893a12509fe16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cb:ab:25:51:c9:8f:84:1d:91:6f:77:c6:bf:
ed:42:90:ee:49:e5:69:b0:77:c0:20:78:5c:d8:d2:
31:9a:b2:03:34:18:cf:60:c4:d1:fe:e3:29:bb:cf:
57:6b:05:1f:47:ac:b4:ac:aa:c2:4e:ae:7c:ce:40:
a6:f7:dd:1e:20:95:c1:6a:f1:6b:d7:38:8c:23:68:
22:85:82:1f:af:8c:2d:13:4b:8f:33:9f:ac:18:9d:
9e:af:3f:59:a0:2b:c9:ae:cb:77:29:55:52:bf:fe:
94:5a:25:2f:09:21:c6:7f:5c:fc:a4:38:6e:b0:0d:
1e:fe:37:25:ce:55:53:67:f4:ef:7f:dc:1e:e1:04:
28:53:71:c1:fb:dd:ae:41:da:41:c8:e2:d9:0a:4f:
6c:a9:73:d3:51:4a:cd:c4:ae:bc:4f:0c:5d:70:ae:
d8:43:f7:f1:be:16:26:10:3f:23:9d:83:2f:6e:b7:
3a:77:fb:96:71:1f:04:23:db:89:9c:a3:ff:90:b1:
15:ff:43:0b:96:25:05:13:40:48:4d:42:c0:68:c1:
e7:af:37:57:4b:31:93:8a:33:16:a1:44:a5:70:aa:
7c:f9:0f:b1:9b:ac:6e:56:b3:01:02:c2:98:c9:13:
47:28:92:c4:80:25:ca:18:14:0e:2c:2d:79:a9:46:
02:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C8:5D:F7:BA:66:65:35:6B:9D:4A:50:7E:98:93:A1:25:09:FE:16
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/G8hd97pmZTVrnUpQfpiToSUJ_hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.0.0/24
151.242.65.0/24
151.243.7.0/24
151.243.214.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:59:1a:5d:49:54:2d:93:f7:9b:e9:49:92:fd:34:b4:08:c0:
3b:18:ad:95:ad:87:87:a4:47:2b:5b:50:2f:5d:ff:04:9f:e5:
9b:ee:6f:a0:4d:0d:8f:31:96:82:31:c6:d4:6e:d4:c0:a6:5f:
d1:96:48:5c:9e:8b:78:3a:94:13:a8:f4:3b:33:a4:34:69:69:
ef:d1:09:b8:4c:06:b3:79:83:b1:f5:2e:4c:38:8d:ea:f4:a4:
7f:ea:7e:16:78:2f:98:0e:38:8a:39:b8:31:fa:7c:17:a1:5b:
0a:9c:90:7e:63:f3:a9:9f:f3:c3:8a:8f:f9:0d:ae:8e:3e:2f:
d1:e7:6d:48:b7:a5:f2:0a:0c:32:08:bb:87:e5:8d:30:26:5c:
55:e5:9f:bc:10:ce:7f:cc:c0:a6:e4:54:83:42:29:bf:60:d6:
3d:4c:6b:e2:b3:e6:ce:0e:2f:46:ab:a4:c9:fd:ee:b2:1f:7c:
b3:e0:90:8e:c3:04:4c:a6:58:bd:bd:58:7a:87:e9:03:44:80:
f9:1f:cb:49:2e:0f:3c:47:c1:22:a4:8b:fe:5a:ff:eb:b8:f4:
f9:cc:8c:29:df:ed:09:fd:d3:51:e6:9d:49:31:73:ef:76:7c:
46:07:76:4e:61:8b:59:03:84:b1:74:4e:8a:bb:29:17:f9:24:
b0:04:23:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWjBBwJ+2KUuwYCniMbAAeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzE3MDczMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM4NWRmN2JhNjY2NTM1NmI5ZDRhNTA3ZTk4OTNhMTI1MDlmZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusurJVHJj4QdkW93xr/tQpDuSeVp
sHfAIHhc2NIxmrIDNBjPYMTR/uMpu89XawUfR6y0rKrCTq58zkCm990eIJXBavFr
1ziMI2gihYIfr4wtE0uPM5+sGJ2erz9ZoCvJrst3KVVSv/6UWiUvCSHGf1z8pDhu
sA0e/jclzlVTZ/Tvf9we4QQoU3HB+92uQdpByOLZCk9sqXPTUUrNxK68TwxdcK7Y
Q/fxvhYmED8jnYMvbrc6d/uWcR8EI9uJnKP/kLEV/0MLliUFE0BITULAaMHnrzdX
SzGTijMWoUSlcKp8+Q+xm6xuVrMBAsKYyRNHKJLEgCXKGBQOLC15qUYCcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBvIXfe6ZmU1a51KUH6Yk6ElCf4WMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRzhoZDk3cG1aVFZyblVwUWZwaVRvU1VKX2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/IAAwQA
l/JBAwQAl/MHAwQAl/PWMA0GCSqGSIb3DQEBCwUAA4IBAQCwWRpdSVQtk/eb6UmS
/TS0CMA7GK2VrYeHpEcrW1AvXf8En+Wb7m+gTQ2PMZaCMcbUbtTApl/Rlkhcnot4
OpQTqPQ7M6Q0aWnv0Qm4TAazeYOx9S5MOI3q9KR/6n4WeC+YDjiKObgx+nwXoVsK
nJB+Y/Opn/PDio/5Da6OPi/R521It6XyCgwyCLuH5Y0wJlxV5Z+8EM5/zMCm5FSD
Qim/YNY9TGvis+bODi9Gq6TJ/e6yH3yz4JCOwwRMpli9vVh6h+kDRID5H8tJLg88
R8EipIv+Wv/ruPT5zIwp3+0J/dNR5p1JMXPvdnxGB3ZOYYtZA4SxdE6KuykX+SSw
BCPJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:12:02 2025 by rpki-client