Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hkZNuEajs9lCbhymrYx1CheLvvU.roa
File: hkZNuEajs9lCbhymrYx1CheLvvU.roa (raw, json)
Hash identifier: Rj+p/TH4H4mTxYNW8s06Ff3ueYtRha/xHI09/JC0oc0=
Subject key identifier: 86:46:4D:B8:46:A3:B3:D9:42:6E:1C:A6:AD:8C:75:0A:17:8B:BE:F5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195890262DAE9A39799C121C90F36F48DC5
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hkZNuEajs9lCbhymrYx1CheLvvU.roa
Signing time: Wed 12 Mar 2025 06:19:49 +0000
ROA not before: Wed 12 Mar 2025 06:19:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.242.49.0/24 maxlen: 24
151.243.150.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:02:62:da:e9:a3:97:99:c1:21:c9:0f:36:f4:8d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 12 06:19:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86464db846a3b3d9426e1ca6ad8c750a178bbef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:c8:77:6d:07:19:f7:99:72:34:c0:58:9f:
b8:4e:08:a0:74:3e:a8:39:6c:2c:1c:17:78:97:70:
51:20:d0:f8:84:81:02:15:ba:b9:5d:27:66:89:25:
20:80:c5:ef:72:e0:38:79:72:5b:68:7a:75:12:12:
17:04:6b:b0:df:96:7b:5c:bb:15:9d:e4:1c:a2:02:
4b:90:fa:d1:ab:4b:5c:5e:94:79:e8:eb:49:2c:73:
93:36:6d:8d:f7:9d:76:4c:2d:57:b2:e4:85:d2:e4:
75:d1:5c:23:6b:fc:06:1f:02:c1:4c:62:20:10:c3:
bd:b1:78:d5:49:a1:8a:72:51:f0:1d:8b:bc:04:df:
77:cf:77:d4:f6:ad:fd:a8:21:e3:f9:39:f7:51:84:
dc:6e:0b:d2:d2:40:e0:23:4a:8c:ef:de:cc:7b:09:
5a:f2:96:76:e1:96:4b:0d:ee:83:7d:1b:47:31:9c:
a0:57:d1:66:a5:c9:32:a9:da:cd:03:27:df:2a:51:
8c:4c:84:3d:ea:38:af:31:d6:d0:68:a8:b9:49:03:
80:d7:25:da:b9:00:b3:d5:34:ec:02:30:f7:bb:6c:
ce:07:1f:0c:b0:8d:80:4a:64:a9:23:bd:35:8f:1d:
e6:cc:13:08:3e:4a:62:b8:26:6e:04:3e:41:2d:85:
ac:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:46:4D:B8:46:A3:B3:D9:42:6E:1C:A6:AD:8C:75:0A:17:8B:BE:F5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hkZNuEajs9lCbhymrYx1CheLvvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.220.0/24
151.242.49.0/24
151.243.150.0/24
151.243.228.0/24
151.243.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e9:8b:68:a0:84:46:d8:ec:1f:52:ff:ae:36:f3:0d:38:33:
aa:2d:2e:5e:4d:4a:e9:63:e0:c9:56:1c:7f:8f:31:49:25:e9:
88:1c:60:b8:9c:04:f0:b1:ce:9c:e5:14:ea:8c:d3:24:2d:b0:
34:bf:37:a9:05:98:d1:ec:75:1c:9d:9b:38:26:1f:fc:12:bf:
f1:22:6a:55:0b:f6:3b:6c:19:55:70:9c:1c:01:27:22:60:67:
44:a5:23:c8:06:ae:11:b8:77:bc:04:05:85:75:ba:f5:b1:08:
85:ee:c7:74:6c:bc:f8:e3:bc:b9:41:59:54:c6:25:ba:22:e3:
67:f4:29:05:c7:9d:9e:dc:79:76:49:b3:f7:9e:c9:59:45:0b:
0d:52:3e:67:5c:49:d7:fc:6b:d8:52:ed:a7:00:89:25:4f:bf:
8e:68:86:5e:8a:e3:f9:79:31:d6:3e:39:51:9c:10:d8:9a:69:
75:2e:87:7a:b2:2b:d2:04:7a:15:ad:ca:b2:98:ea:fd:1d:c2:
2a:ea:68:00:94:d2:81:5d:99:74:71:dd:13:4b:22:e7:7d:51:
ff:d3:af:6b:3d:ec:fd:be:d9:8a:c6:35:27:cc:a3:3f:e7:04:
30:bf:74:4b:c9:08:bb:13:25:80:c7:f8:88:0b:02:b5:26:7a:
3c:5e:5d:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWJAmLa6aOXmcEhyQ829I3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEyMDYxOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ2NGRiODQ2YTNiM2Q5NDI2ZTFjYTZhZDhjNzUwYTE3OGJiZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH/Id20HGfeZcjTAWJ+4TgigdD6o
OWwsHBd4l3BRIND4hIECFbq5XSdmiSUggMXvcuA4eXJbaHp1EhIXBGuw35Z7XLsV
neQcogJLkPrRq0tcXpR56OtJLHOTNm2N9512TC1XsuSF0uR10Vwja/wGHwLBTGIg
EMO9sXjVSaGKclHwHYu8BN93z3fU9q39qCHj+Tn3UYTcbgvS0kDgI0qM797Mewla
8pZ24ZZLDe6DfRtHMZygV9FmpckyqdrNAyffKlGMTIQ96jivMdbQaKi5SQOA1yXa
uQCz1TTsAjD3u2zOBx8MsI2ASmSpI701jx3mzBMIPkpiuCZuBD5BLYWsWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIZGTbhGo7PZQm4cpq2MdQoXi771MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaGtaTnVFYWpzOWxDYmh5bXJZeDFDaGVMdnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJcrCAwQA
JcrcAwQAl/IxAwQAl/OWAwQAl/PkAwQAl/PzMA0GCSqGSIb3DQEBCwUAA4IBAQAa
6YtooIRG2OwfUv+uNvMNODOqLS5eTUrpY+DJVhx/jzFJJemIHGC4nATwsc6c5RTq
jNMkLbA0vzepBZjR7HUcnZs4Jh/8Er/xImpVC/Y7bBlVcJwcASciYGdEpSPIBq4R
uHe8BAWFdbr1sQiF7sd0bLz447y5QVlUxiW6IuNn9CkFx52e3Hl2SbP3nslZRQsN
Uj5nXEnX/GvYUu2nAIklT7+OaIZeiuP5eTHWPjlRnBDYmml1Lod6sivSBHoVrcqy
mOr9HcIq6mgAlNKBXZl0cd0TSyLnfVH/069rPez9vtmKxjUnzKM/5wQwv3RLyQi7
EyWAx/iICwK1Jno8Xl2q
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:59 2025 by rpki-client