Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GtwHpLhHEOxhpy9G2gEzIDH0bqk.roa
File: GtwHpLhHEOxhpy9G2gEzIDH0bqk.roa (raw, json)
Hash identifier: Gt5jaT8QaU2ni7fRgtMa2T5nkOZ9FeGJZnlMT/ed8xs=
Subject key identifier: 1A:DC:07:A4:B8:47:10:EC:61:A7:2F:46:DA:01:33:20:31:F4:6E:A9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195836CCC2596E6533191ACB37809CA9D57
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GtwHpLhHEOxhpy9G2gEzIDH0bqk.roa
Signing time: Tue 11 Mar 2025 04:18:20 +0000
ROA not before: Tue 11 Mar 2025 04:18:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 151.243.8.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:83:6c:cc:25:96:e6:53:31:91:ac:b3:78:09:ca:9d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 11 04:18:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1adc07a4b84710ec61a72f46da01332031f46ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:60:a7:66:f8:48:fe:f2:24:f5:ce:b3:68:b5:
2c:4e:6f:28:13:57:2e:7f:c7:70:37:67:5f:f8:7d:
6e:a7:4a:d1:55:72:17:09:12:46:a5:2c:68:06:36:
64:7a:67:c4:e7:dd:80:fe:65:7b:a0:1d:47:62:ff:
f5:dc:19:27:3c:01:b1:d9:1d:7c:97:ba:b0:44:d5:
22:ca:86:56:f1:78:ea:d9:be:60:fa:a2:e8:07:ce:
45:b0:fe:fa:67:90:dd:4c:0d:64:31:3d:3f:1f:3e:
bf:8c:92:13:3e:03:9c:95:77:51:dc:7a:33:7b:18:
6b:37:95:7d:c4:87:4d:25:bc:fe:ea:22:5c:56:3f:
1e:4a:53:e6:9c:a1:47:52:6f:0c:08:22:92:c3:6f:
ac:be:d3:ee:5b:cc:f3:c3:f2:97:a9:54:73:98:c9:
4e:48:ac:6b:75:51:5e:74:79:9e:d3:ce:d2:84:7c:
c9:79:b9:29:03:b9:73:63:08:9a:60:26:fe:5f:56:
2a:0e:64:49:2a:3b:41:f3:e8:8d:e5:cc:6c:6b:8c:
f0:e3:af:80:1d:f1:ff:5e:3f:a4:10:85:b3:c2:5e:
ab:79:bd:d8:c2:e7:23:6f:6f:91:97:01:00:2f:5f:
5b:45:ed:4a:92:50:30:4f:e0:76:69:4a:fa:87:68:
ab:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DC:07:A4:B8:47:10:EC:61:A7:2F:46:DA:01:33:20:31:F4:6E:A9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GtwHpLhHEOxhpy9G2gEzIDH0bqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.8.0/23
Signature Algorithm: sha256WithRSAEncryption
38:d2:a9:4e:8d:59:94:63:25:47:12:c9:b6:f9:29:08:75:56:
7a:70:bd:af:89:be:70:c3:39:f8:15:1c:b8:d4:31:dc:b4:db:
50:13:63:45:24:e4:8c:0f:c2:57:40:24:06:57:e9:e8:6e:40:
47:25:db:eb:bc:c6:9b:a6:22:cd:24:03:dd:74:f9:42:e3:92:
d4:05:8d:d0:bd:78:d4:6d:64:d4:77:2a:c8:92:9d:60:20:4e:
7c:c5:c3:03:c8:0a:db:7a:ca:c3:7b:cc:a6:fa:f6:33:28:8b:
fe:33:27:e8:c2:0d:5b:9e:51:47:af:1e:fd:90:80:c0:81:55:
7d:9a:24:2e:0b:58:2e:07:01:c1:e3:79:5a:c8:21:50:2c:2e:
c5:e6:55:fb:8f:b7:20:68:41:73:d3:0a:b4:85:83:3a:7f:0d:
73:5e:16:7a:43:71:52:db:ad:58:86:83:82:48:c1:5b:d7:08:
e3:92:eb:72:7e:41:6d:92:f0:bd:36:78:da:b9:13:73:ad:cf:
10:75:2d:06:52:15:94:9b:fe:70:94:2c:81:96:e8:2f:43:b2:
f2:c9:91:fd:52:f2:63:f8:07:85:e6:6f:4d:88:af:9c:78:8f:
2a:41:03:70:a7:57:a0:a6:4d:75:21:13:08:26:30:7a:a9:66:
e1:c7:98:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWDbMwlluZTMZGss3gJyp1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzExMDQxODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWRjMDdhNGI4NDcxMGVjNjFhNzJmNDZkYTAxMzMyMDMxZjQ2ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GCnZvhI/vIk9c6zaLUsTm8oE1cu
f8dwN2df+H1up0rRVXIXCRJGpSxoBjZkemfE592A/mV7oB1HYv/13BknPAGx2R18
l7qwRNUiyoZW8Xjq2b5g+qLoB85FsP76Z5DdTA1kMT0/Hz6/jJITPgOclXdR3Hoz
exhrN5V9xIdNJbz+6iJcVj8eSlPmnKFHUm8MCCKSw2+svtPuW8zzw/KXqVRzmMlO
SKxrdVFedHme087ShHzJebkpA7lzYwiaYCb+X1YqDmRJKjtB8+iN5cxsa4zw46+A
HfH/Xj+kEIWzwl6reb3Ywucjb2+RlwEAL19bRe1KklAwT+B2aUr6h2irHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrcB6S4RxDsYacvRtoBMyAx9G6pMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvR3R3SHBMaEhFT3hocHk5RzJnRXpJREgwYnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/MIMA0G
CSqGSIb3DQEBCwUAA4IBAQA40qlOjVmUYyVHEsm2+SkIdVZ6cL2vib5wwzn4FRy4
1DHctNtQE2NFJOSMD8JXQCQGV+nobkBHJdvrvMabpiLNJAPddPlC45LUBY3QvXjU
bWTUdyrIkp1gIE58xcMDyArbesrDe8ym+vYzKIv+Myfowg1bnlFHrx79kIDAgVV9
miQuC1guBwHB43layCFQLC7F5lX7j7cgaEFz0wq0hYM6fw1zXhZ6Q3FS261YhoOC
SMFb1wjjkutyfkFtkvC9NnjauRNzrc8QdS0GUhWUm/5wlCyBlugvQ7LyyZH9UvJj
+AeF5m9NiK+ceI8qQQNwp1egpk11IRMIJjB6qWbhx5jk
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:43:39 2025 by rpki-client