Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rUrzv-G7l83ST-U9b6I5u1XT9f8.roa
File: rUrzv-G7l83ST-U9b6I5u1XT9f8.roa (raw, json)
Hash identifier: Uu7V7vbaatSDQaamKhKBjjYLef1gUjp9BIQk2CKp2AE=
Subject key identifier: AD:4A:F3:BF:E1:BB:97:CD:D2:4F:E5:3D:6F:A2:39:BB:55:D3:F5:FF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194515A2C772799DD05D3C45E118CB86BB6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rUrzv-G7l83ST-U9b6I5u1XT9f8.roa
Signing time: Fri 10 Jan 2025 17:54:11 +0000
ROA not before: Fri 10 Jan 2025 17:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 151.243.113.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.116.0/24 maxlen: 24
151.243.117.0/24 maxlen: 24
151.243.119.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.121.0/24 maxlen: 24
151.243.122.0/24 maxlen: 24
151.243.123.0/24 maxlen: 24
151.243.124.0/24 maxlen: 24
151.243.232.0/24 maxlen: 24
151.243.234.0/24 maxlen: 24
151.243.236.0/24 maxlen: 24
151.243.238.0/24 maxlen: 24
151.243.240.0/24 maxlen: 24
151.243.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:51:5a:2c:77:27:99:dd:05:d3:c4:5e:11:8c:b8:6b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 10 17:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad4af3bfe1bb97cdd24fe53d6fa239bb55d3f5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ab:ad:2f:3f:ef:a7:85:5e:40:4f:61:1d:44:
28:a8:88:b8:aa:14:42:64:a8:b5:70:df:91:e3:bd:
07:92:57:4d:73:19:13:58:86:49:7c:19:7b:fb:45:
a3:55:ae:e8:76:a2:ee:b5:d3:d0:a3:ac:f7:e1:34:
99:28:a7:2a:30:a1:d4:3d:23:e1:2d:b4:c8:ad:06:
ee:23:38:6b:85:8c:ee:4f:ad:61:11:0d:5f:df:e7:
7f:97:f0:7c:6e:03:55:bf:95:49:fe:65:51:a4:42:
da:28:31:24:1b:1c:ac:37:83:fc:50:6b:f9:2e:10:
15:de:52:f9:8a:5b:9c:42:e6:91:f4:d9:ac:b9:24:
e8:b2:2e:31:26:ff:d2:94:48:30:40:55:13:d9:76:
4d:1f:91:45:14:a8:39:67:06:87:dc:c8:06:72:51:
26:5c:05:c2:ae:90:e5:7b:87:2e:b3:85:02:35:0c:
1d:42:42:45:7f:fb:9c:91:1e:00:60:63:93:66:bf:
ba:3c:de:9b:cd:d7:85:21:e0:95:60:70:bb:a4:d9:
c3:ec:f6:7d:d2:b7:53:08:06:f4:45:7b:d2:98:79:
7c:e1:1e:fc:8f:7a:cb:c7:1f:2c:17:e2:d8:04:3f:
72:8a:92:71:80:8d:b0:53:50:31:1a:ae:4f:5f:31:
ef:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4A:F3:BF:E1:BB:97:CD:D2:4F:E5:3D:6F:A2:39:BB:55:D3:F5:FF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rUrzv-G7l83ST-U9b6I5u1XT9f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.113.0/24
151.243.115.0-151.243.117.255
151.243.119.0-151.243.124.255
151.243.232.0/24
151.243.234.0/24
151.243.236.0/24
151.243.238.0/24
151.243.240.0/24
151.243.242.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c5:70:32:dc:e7:3a:45:38:88:a4:3f:ac:89:b0:19:a0:12:
44:76:07:48:78:ba:62:5f:8d:ed:9b:2e:69:84:a0:88:de:9f:
6c:68:b1:fb:44:57:0f:cf:30:2b:70:94:a2:8b:59:8b:25:a3:
fd:f5:58:f8:8a:7e:49:07:b4:6d:df:c6:5b:40:fd:07:df:ec:
be:8d:7e:62:66:af:47:cd:ed:a2:98:b1:a0:e2:ba:29:37:ad:
89:6b:6e:73:86:bc:93:38:a9:86:1c:b8:14:83:52:84:fc:ba:
17:c6:37:6a:a1:c2:80:48:b0:71:51:2e:9d:c9:4c:c5:dd:be:
8f:54:80:73:54:0e:8a:26:d3:a3:04:d6:02:44:bc:23:c4:f4:
ea:bc:9e:50:d2:7a:7c:bd:cc:9f:90:14:cb:2d:eb:93:9f:64:
17:86:a5:6c:00:99:50:14:58:f1:ad:ab:40:5a:62:24:98:f6:
bd:f8:6e:bf:77:5c:06:74:f8:eb:3c:89:48:14:6b:dc:6c:9f:
48:94:a0:1d:11:90:91:02:e7:99:f2:b5:23:e1:95:eb:5e:00:
e1:18:50:52:77:d3:55:8b:87:96:c6:f6:75:66:b7:27:0a:15:
1f:c0:85:75:40:0c:23:2b:9e:6f:c9:ca:d7:b8:f2:40:65:b1:
e2:ea:18:fa
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZRRWix3J5ndBdPEXhGMuGu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTEwMTc1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRhZjNiZmUxYmI5N2NkZDI0ZmU1M2Q2ZmEyMzliYjU1ZDNmNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6utLz/vp4VeQE9hHUQoqIi4qhRC
ZKi1cN+R470HkldNcxkTWIZJfBl7+0WjVa7odqLutdPQo6z34TSZKKcqMKHUPSPh
LbTIrQbuIzhrhYzuT61hEQ1f3+d/l/B8bgNVv5VJ/mVRpELaKDEkGxysN4P8UGv5
LhAV3lL5ilucQuaR9NmsuSTosi4xJv/SlEgwQFUT2XZNH5FFFKg5ZwaH3MgGclEm
XAXCrpDle4cus4UCNQwdQkJFf/uckR4AYGOTZr+6PN6bzdeFIeCVYHC7pNnD7PZ9
0rdTCAb0RXvSmHl84R78j3rLxx8sF+LYBD9yipJxgI2wU1AxGq5PXzHvZwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFK1K87/hu5fN0k/lPW+iObtV0/X/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvclVyenYtRzdsODNTVC1VOWI2STV1MVhUOWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAl/NxMAwD
BACX83MDBAGX83QwDAMEAJfzdwMEAJfzfAMEAJfz6AMEAJfz6gMEAJfz7AMEAJfz
7gMEAJfz8AMEAJfz8jANBgkqhkiG9w0BAQsFAAOCAQEApcVwMtznOkU4iKQ/rImw
GaASRHYHSHi6Yl+N7ZsuaYSgiN6fbGix+0RXD88wK3CUootZiyWj/fVY+Ip+SQe0
bd/GW0D9B9/svo1+YmavR83topixoOK6KTetiWtuc4a8kziphhy4FINShPy6F8Y3
aqHCgEiwcVEunclMxd2+j1SAc1QOiibTowTWAkS8I8T06ryeUNJ6fL3Mn5AUyy3r
k59kF4albACZUBRY8a2rQFpiJJj2vfhuv3dcBnT46zyJSBRr3GyfSJSgHRGQkQLn
mfK1I+GV614A4RhQUnfTVYuHlsb2dWa3JwoVH8CFdUAMIyueb8nK17jyQGWx4uoY
+g==
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:49:28 2025 by rpki-client