Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hwFPLys8FyM0mHLYc6vw09Hp49Q.roa
File: hwFPLys8FyM0mHLYc6vw09Hp49Q.roa (raw, json)
Hash identifier: 14mjG4kT/jz2xEM4HccnjgrJ2YqkjXMwpd1gXhWqoPo=
Subject key identifier: 87:01:4F:2F:2B:3C:17:23:34:98:72:D8:73:AB:F0:D3:D1:E9:E3:D4
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194DF155C516D3B36391337C9BFB4CCB238
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hwFPLys8FyM0mHLYc6vw09Hp49Q.roa
Signing time: Fri 07 Feb 2025 06:25:06 +0000
ROA not before: Fri 07 Feb 2025 06:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 151.242.97.0/24 maxlen: 24
151.242.102.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.116.0/24 maxlen: 24
151.242.119.0/24 maxlen: 24
151.242.120.0/24 maxlen: 24
151.242.123.0/24 maxlen: 24
151.242.124.0/24 maxlen: 24
151.242.125.0/24 maxlen: 24
151.242.126.0/24 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.243.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:15:5c:51:6d:3b:36:39:13:37:c9:bf:b4:cc:b2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 7 06:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87014f2f2b3c1723349872d873abf0d3d1e9e3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8f:21:48:3f:82:5b:3f:e0:b5:12:9b:07:b3:
14:08:7f:c6:45:5e:33:b7:cd:3c:98:d4:f5:b4:a4:
6a:d3:58:6e:81:fe:b1:49:a8:12:2f:5e:db:ff:8a:
83:0b:de:92:06:ed:5f:c8:f2:59:b5:b1:cd:19:02:
09:63:4b:01:d6:b9:16:5d:63:ec:88:b5:4d:49:b0:
4f:28:6e:a0:3f:82:8f:e0:0d:3e:51:39:84:a1:21:
8e:e6:51:39:3c:93:e2:aa:f3:61:97:5b:a0:37:2c:
44:a9:70:11:e7:d3:0f:dc:81:0a:be:c4:cd:a4:40:
b0:35:7e:3b:0b:5e:c0:44:28:0b:c8:f4:54:81:7f:
c7:2c:5c:76:b4:27:a1:e1:44:a3:2d:74:65:87:28:
c6:7e:d9:75:5f:33:06:7c:26:55:76:f2:9c:57:38:
f0:31:78:44:70:69:c6:2f:92:f0:08:3d:34:ee:6c:
9a:ac:6a:10:5b:8e:6d:52:95:ea:78:98:19:ab:2a:
75:ae:a5:a7:ef:4e:73:18:99:92:06:f1:64:10:58:
63:03:40:dc:31:b6:29:66:e0:f8:80:6e:64:10:2f:
ff:fe:8d:62:b1:3e:f6:67:e1:3c:66:8b:d9:c0:17:
f3:ee:cd:09:14:29:37:ad:20:c7:dd:76:15:84:a9:
0e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:01:4F:2F:2B:3C:17:23:34:98:72:D8:73:AB:F0:D3:D1:E9:E3:D4
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/hwFPLys8FyM0mHLYc6vw09Hp49Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.97.0/24
151.242.102.0/24
151.242.114.0/24
151.242.116.0/24
151.242.119.0-151.242.120.255
151.242.123.0-151.242.126.255
151.243.64.0/20
151.243.97.0/24
151.243.106.0/24
Signature Algorithm: sha256WithRSAEncryption
75:81:a3:b9:7c:07:f9:20:60:e9:3f:fb:73:1d:4a:e7:e2:67:
25:02:32:92:f2:2d:e5:fb:ab:e3:6f:41:96:0e:57:0f:11:36:
06:fc:a5:17:be:4d:e3:1d:0c:9b:3b:32:74:dc:9b:13:2c:ef:
18:1f:f1:fa:83:d1:12:c7:16:31:af:e5:19:81:f1:ce:03:d8:
48:a4:c6:ae:45:ce:13:d4:f3:b7:47:f7:1e:09:43:3d:90:69:
07:0e:f6:30:43:f7:9d:70:9d:9c:84:70:d6:83:9c:c9:bc:25:
0e:a4:0c:63:5a:1c:7b:fa:b0:9f:1f:f6:33:55:0d:db:00:f6:
d7:bc:73:d5:e6:b4:94:40:b7:91:02:0b:d8:2b:a0:7c:ad:56:
43:dc:bd:64:4c:8c:2f:22:88:27:55:de:35:98:c2:98:0f:5e:
5b:40:76:9b:7f:76:64:d9:fa:c8:36:9b:64:b2:3b:f8:af:e5:
6c:13:2c:44:fe:87:67:44:ed:f8:0d:39:42:b8:6a:b7:0d:e2:
68:68:c1:d0:95:86:fa:05:39:e9:b1:1a:41:9c:60:bb:b9:64:
66:0c:4e:cb:0a:d0:03:8d:c7:b6:be:38:1e:a4:09:58:00:c6:
2e:89:b3:9a:42:d7:69:fc:41:04:b0:9d:bb:0c:17:97:c2:b2:
f6:d6:bd:bd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZTfFVxRbTs2ORM3yb+0zLI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjA3MDYyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAxNGYyZjJiM2MxNzIzMzQ5ODcyZDg3M2FiZjBkM2QxZTllM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro8hSD+CWz/gtRKbB7MUCH/GRV4z
t808mNT1tKRq01hugf6xSagSL17b/4qDC96SBu1fyPJZtbHNGQIJY0sB1rkWXWPs
iLVNSbBPKG6gP4KP4A0+UTmEoSGO5lE5PJPiqvNhl1ugNyxEqXAR59MP3IEKvsTN
pECwNX47C17ARCgLyPRUgX/HLFx2tCeh4USjLXRlhyjGftl1XzMGfCZVdvKcVzjw
MXhEcGnGL5LwCD007myarGoQW45tUpXqeJgZqyp1rqWn705zGJmSBvFkEFhjA0Dc
MbYpZuD4gG5kEC///o1isT72Z+E8ZovZwBfz7s0JFCk3rSDH3XYVhKkO7QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFIcBTy8rPBcjNJhy2HOr8NPR6ePUMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaHdGUEx5czhGeU0wbUhMWWM2dncwOUhwNDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAl/JhAwQA
l/JmAwQAl/JyAwQAl/J0MAwDBACX8ncDBACX8ngwDAMEAJfyewMEAJfyfgMEBJfz
QAMEAJfzYQMEAJfzajANBgkqhkiG9w0BAQsFAAOCAQEAdYGjuXwH+SBg6T/7cx1K
5+JnJQIykvIt5fur429Blg5XDxE2BvylF75N4x0MmzsydNybEyzvGB/x+oPREscW
Ma/lGYHxzgPYSKTGrkXOE9Tzt0f3HglDPZBpBw72MEP3nXCdnIRw1oOcybwlDqQM
Y1oce/qwnx/2M1UN2wD217xz1ea0lEC3kQIL2CugfK1WQ9y9ZEyMLyKIJ1XeNZjC
mA9eW0B2m392ZNn6yDabZLI7+K/lbBMsRP6HZ0Tt+A05Qrhqtw3iaGjB0JWG+gU5
6bEaQZxgu7lkZgxOywrQA43Htr44HqQJWADGLomzmkLXafxBBLCduwwXl8Ky9ta9
vQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:06:01 2025 by rpki-client