Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OWxmTY6fOPA-TDCaIjR9fKFtyOg.roa
File: OWxmTY6fOPA-TDCaIjR9fKFtyOg.roa (raw, json)
Hash identifier: EIpzfqUK5ZanMv8o5PfzN7HEF+eDltKM2+0ZQ9YBCOk=
Subject key identifier: 39:6C:66:4D:8E:9F:38:F0:3E:4C:30:9A:22:34:7D:7C:A1:6D:C8:E8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194656B31CAF30587C150AFB047797D1D79
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OWxmTY6fOPA-TDCaIjR9fKFtyOg.roa
Signing time: Tue 14 Jan 2025 15:25:11 +0000
ROA not before: Tue 14 Jan 2025 15:25:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20454
IP address blocks: 151.243.136.0/22 maxlen: 22
151.243.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:6b:31:ca:f3:05:87:c1:50:af:b0:47:79:7d:1d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 14 15:25:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=396c664d8e9f38f03e4c309a22347d7ca16dc8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:26:2b:40:1f:87:e8:c5:ea:43:76:e7:12:2f:
45:b5:93:b0:59:3e:8d:d5:dc:47:63:f5:4f:da:6a:
e5:1f:19:14:01:8a:ef:a9:05:36:61:9c:7f:19:8a:
28:ed:3b:a4:bd:2b:85:33:4e:7b:6d:15:eb:63:44:
cc:e4:6f:ea:64:f4:bb:cc:a1:94:88:c9:7b:b4:37:
e5:5b:2d:d5:7b:52:57:fd:49:da:9a:d8:56:62:d0:
1b:e9:ff:64:ee:76:5c:ff:96:76:33:b5:06:11:1f:
81:cf:65:75:3a:14:c2:2e:51:d8:a1:27:ef:9f:8e:
91:4f:f5:a9:2a:be:8f:41:f9:4a:ad:ff:ac:36:9d:
b2:e0:bf:ef:15:ba:fc:11:53:c3:15:5a:61:3b:5b:
1f:ab:6c:d0:0f:0c:ee:16:12:37:8e:e2:f3:c4:52:
92:01:e3:7c:b1:63:7b:67:f5:fd:f8:7a:4e:fe:e5:
69:36:0b:51:a0:2d:c2:15:b0:68:33:c9:da:80:60:
90:ec:da:d0:aa:e1:e9:30:f0:8e:f5:49:07:1c:55:
72:c7:ef:8c:9d:2a:d0:4a:cd:03:74:fc:5d:b8:6c:
d4:9a:5d:dc:41:74:ce:1c:30:6e:44:cb:58:ca:af:
ea:bd:52:18:ac:86:a3:9d:a0:ac:82:6a:4d:8e:69:
02:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6C:66:4D:8E:9F:38:F0:3E:4C:30:9A:22:34:7D:7C:A1:6D:C8:E8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OWxmTY6fOPA-TDCaIjR9fKFtyOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.136.0/22
151.243.152.0/22
Signature Algorithm: sha256WithRSAEncryption
64:5c:94:63:0b:ac:17:4c:5e:85:4d:30:9d:6f:73:2d:2d:97:
db:64:be:f4:46:ae:97:d9:da:5e:26:e2:cc:84:83:59:3d:33:
2e:e0:81:b3:05:87:f6:c2:1f:52:43:81:e7:9a:48:a0:59:c4:
7a:f6:18:51:21:05:ee:cb:65:07:60:6d:19:9e:f4:2c:e9:a5:
d7:b4:ca:05:0e:0b:bd:c5:d0:20:96:8a:13:85:ff:33:7e:92:
a4:00:94:73:c3:79:bb:39:35:fc:21:b1:f1:13:b6:b7:4d:7a:
6c:6f:78:26:34:dd:8a:21:a1:31:2d:85:97:15:66:24:ff:91:
77:f9:f7:19:ef:45:10:58:8f:cd:bc:6b:c9:9d:8d:29:2e:17:
03:00:75:5a:02:25:dc:6d:ca:ab:27:54:df:60:dc:92:bf:a7:
40:90:f6:ab:63:5f:31:7a:28:60:78:29:eb:7b:48:bc:13:78:
95:1c:e3:41:04:36:79:c3:61:1f:b0:62:b5:fd:2f:24:be:91:
66:2b:4b:ca:ca:fa:2d:eb:e5:ba:37:d5:5c:ba:7c:54:ae:68:
63:9c:85:d6:3e:84:66:5a:cb:44:be:43:b8:88:88:8d:19:f7:
57:17:d5:eb:07:2f:cb:76:86:30:79:8d:5c:b5:1c:ba:4b:98:
62:f2:15:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRlazHK8wWHwVCvsEd5fR15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTE0MTUyNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZjNjY0ZDhlOWYzOGYwM2U0YzMwOWEyMjM0N2Q3Y2ExNmRjOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CYrQB+H6MXqQ3bnEi9FtZOwWT6N
1dxHY/VP2mrlHxkUAYrvqQU2YZx/GYoo7TukvSuFM057bRXrY0TM5G/qZPS7zKGU
iMl7tDflWy3Ve1JX/UnamthWYtAb6f9k7nZc/5Z2M7UGER+Bz2V1OhTCLlHYoSfv
n46RT/WpKr6PQflKrf+sNp2y4L/vFbr8EVPDFVphO1sfq2zQDwzuFhI3juLzxFKS
AeN8sWN7Z/X9+HpO/uVpNgtRoC3CFbBoM8nagGCQ7NrQquHpMPCO9UkHHFVyx++M
nSrQSs0DdPxduGzUml3cQXTOHDBuRMtYyq/qvVIYrIajnaCsgmpNjmkCLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlsZk2OnzjwPkwwmiI0fXyhbcjoMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT1d4bVRZNmZPUEEtVERDYUlqUjlmS0Z0eU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCl/OIAwQC
l/OYMA0GCSqGSIb3DQEBCwUAA4IBAQBkXJRjC6wXTF6FTTCdb3MtLZfbZL70Rq6X
2dpeJuLMhINZPTMu4IGzBYf2wh9SQ4HnmkigWcR69hhRIQXuy2UHYG0ZnvQs6aXX
tMoFDgu9xdAglooThf8zfpKkAJRzw3m7OTX8IbHxE7a3TXpsb3gmNN2KIaExLYWX
FWYk/5F3+fcZ70UQWI/NvGvJnY0pLhcDAHVaAiXcbcqrJ1TfYNySv6dAkParY18x
eihgeCnre0i8E3iVHONBBDZ5w2EfsGK1/S8kvpFmK0vKyvot6+W6N9VcunxUrmhj
nIXWPoRmWstEvkO4iIiNGfdXF9XrBy/LdoYweY1ctRy6S5hi8hWY
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:30 2025 by rpki-client