Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/crdoZskX8BZd8QQU4zsTfCWSNas.roa
File: crdoZskX8BZd8QQU4zsTfCWSNas.roa (raw, json)
Hash identifier: DhYl+a53Phl7QsqlA1sCe7TXN40vuaYaKr7Q4mBEB1I=
Subject key identifier: 72:B7:68:66:C9:17:F0:16:5D:F1:04:14:E3:3B:13:7C:25:92:35:AB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019420325CC65B21ACCE63A4F00504B42329
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/crdoZskX8BZd8QQU4zsTfCWSNas.roa
Signing time: Wed 01 Jan 2025 04:49:18 +0000
ROA not before: Wed 01 Jan 2025 04:49:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153377
IP address blocks: 151.243.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:32:5c:c6:5b:21:ac:ce:63:a4:f0:05:04:b4:23:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 04:49:18 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b76866c917f0165df10414e33b137c259235ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:30:bc:52:c3:9e:df:a3:78:50:f5:44:2f:e6:
e2:07:4a:9c:62:eb:51:8d:0c:e5:ad:cd:fe:9a:e0:
1d:e6:e0:3b:78:cd:8f:a3:7b:dd:06:89:5c:01:72:
98:93:71:2b:b5:5d:cc:ca:57:fb:e6:6a:aa:ea:b2:
82:11:b8:75:3e:1a:cf:5f:3e:0b:ca:9d:29:e4:d6:
89:4d:18:8d:d1:a3:c2:25:7e:b2:3f:bf:62:41:0b:
8e:dd:3e:a4:15:1e:bb:b3:06:84:41:67:a9:d5:da:
70:9e:65:9f:3c:41:1a:d5:63:17:f4:66:58:ee:bc:
c9:c5:91:72:2c:bf:1c:e7:40:a5:1b:cd:6e:1b:ea:
46:74:ff:b4:12:3e:59:7a:c4:29:3b:26:bd:76:df:
e7:f4:a5:b0:44:36:c2:72:ef:16:7d:d1:45:d4:4f:
3d:7d:ab:ef:91:eb:b7:24:47:45:43:52:32:82:3c:
b3:c9:49:0a:29:4a:90:2f:c6:59:5e:12:1c:a8:b7:
1d:f4:0e:00:12:55:35:f7:7a:4d:0c:23:28:23:cf:
57:34:2f:ff:7c:03:89:2b:0e:15:fa:f7:d1:47:9f:
d7:a7:fc:07:82:c0:6c:74:03:82:b5:75:37:cd:c3:
78:b2:ab:23:09:df:73:97:db:d1:b5:29:4e:ab:09:
84:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B7:68:66:C9:17:F0:16:5D:F1:04:14:E3:3B:13:7C:25:92:35:AB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/crdoZskX8BZd8QQU4zsTfCWSNas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.244.0/24
Signature Algorithm: sha256WithRSAEncryption
42:1a:0c:fd:fb:59:19:13:0f:8a:b8:ac:81:6d:75:41:4f:bc:
7a:99:6e:32:1f:fc:c6:f0:90:b2:6e:2c:9d:28:6f:93:5c:c7:
f6:43:d3:04:10:3d:97:a9:50:f6:1e:ec:a7:d4:0a:7b:e0:81:
48:58:ca:b8:ed:69:ec:e3:b8:ed:e7:b1:3f:31:7e:c9:45:ea:
fc:e9:e9:2d:98:ff:03:99:63:54:7b:3f:34:8b:93:e0:9a:4b:
0e:52:d7:ff:37:2e:fd:d6:89:57:5d:80:66:28:eb:0d:66:70:
10:cc:ca:ed:63:6c:38:c9:f1:19:60:e0:95:69:18:1c:f7:d9:
3d:b0:29:0f:47:86:d1:e5:0d:73:56:0f:fd:35:b4:d3:2f:12:
3e:8c:09:fb:64:e5:f2:af:02:10:d4:62:bd:0a:0e:8f:8b:18:
e0:5e:d6:d5:17:3d:ab:d0:e9:9e:3c:ab:5f:7f:bb:13:7f:6e:
76:72:3f:4d:5a:32:cc:8e:65:d5:23:04:50:06:69:1f:bc:ea:
ab:c8:33:9d:95:fb:7e:bd:f5:41:2c:e4:09:aa:58:a0:3f:65:
3a:89:c3:7e:67:0d:c9:52:42:c9:e2:aa:e4:f1:8c:77:05:d7:
30:25:2a:58:72:70:df:94:4a:f6:97:5b:80:d7:90:7d:be:74:
12:7e:46:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgMlzGWyGszmOk8AUEtCMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMDQ0OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmI3Njg2NmM5MTdmMDE2NWRmMTA0MTRlMzNiMTM3YzI1OTIzNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTC8UsOe36N4UPVEL+biB0qcYutR
jQzlrc3+muAd5uA7eM2Po3vdBolcAXKYk3ErtV3Mylf75mqq6rKCEbh1PhrPXz4L
yp0p5NaJTRiN0aPCJX6yP79iQQuO3T6kFR67swaEQWep1dpwnmWfPEEa1WMX9GZY
7rzJxZFyLL8c50ClG81uG+pGdP+0Ej5ZesQpOya9dt/n9KWwRDbCcu8WfdFF1E89
favvkeu3JEdFQ1IygjyzyUkKKUqQL8ZZXhIcqLcd9A4AElU193pNDCMoI89XNC//
fAOJKw4V+vfRR5/Xp/wHgsBsdAOCtXU3zcN4sqsjCd9zl9vRtSlOqwmEJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHK3aGbJF/AWXfEEFOM7E3wlkjWrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY3Jkb1pza1g4QlpkOFFRVTR6c1RmQ1dTTmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/P0MA0G
CSqGSIb3DQEBCwUAA4IBAQBCGgz9+1kZEw+KuKyBbXVBT7x6mW4yH/zG8JCybiyd
KG+TXMf2Q9MEED2XqVD2Huyn1Ap74IFIWMq47Wns47jt57E/MX7JRer86ektmP8D
mWNUez80i5PgmksOUtf/Ny791olXXYBmKOsNZnAQzMrtY2w4yfEZYOCVaRgc99k9
sCkPR4bR5Q1zVg/9NbTTLxI+jAn7ZOXyrwIQ1GK9Cg6PixjgXtbVFz2r0OmePKtf
f7sTf252cj9NWjLMjmXVIwRQBmkfvOqryDOdlft+vfVBLOQJqligP2U6icN+Zw3J
UkLJ4qrk8Yx3BdcwJSpYcnDflEr2l1uA15B9vnQSfkau
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:34:19 2025 by rpki-client