Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tBNLGSa7-FfeIZNEOeDE2pPVawk.roa
File: tBNLGSa7-FfeIZNEOeDE2pPVawk.roa (raw, json)
Hash identifier: VRtlNfAOqEbdmySjM4kNFfykxA13GkdH4rVCCy+6VM8=
Subject key identifier: B4:13:4B:19:26:BB:F8:57:DE:21:93:44:39:E0:C4:DA:93:D5:6B:09
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01947505907CBDCE5935AA11578DE4113FE8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tBNLGSa7-FfeIZNEOeDE2pPVawk.roa
Signing time: Fri 17 Jan 2025 16:08:06 +0000
ROA not before: Fri 17 Jan 2025 16:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211975
IP address blocks: 151.243.111.0/24 maxlen: 24
151.243.112.0/24 maxlen: 24
151.243.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:75:05:90:7c:bd:ce:59:35:aa:11:57:8d:e4:11:3f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 17 16:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4134b1926bbf857de21934439e0c4da93d56b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:61:04:e2:be:b6:a2:69:14:06:4b:15:96:ca:
bb:15:e0:c2:14:29:ad:e2:ac:c4:c6:ff:30:d8:c8:
01:a0:f3:fd:15:ae:bd:79:b8:04:62:41:b6:96:4a:
9c:35:99:59:52:2e:27:37:cc:89:ea:cf:4b:e0:c3:
44:d9:11:55:bf:b6:1f:8d:b3:3d:7b:24:ff:e5:9d:
14:2f:e2:2a:de:8e:2b:81:21:ed:f3:d9:14:e0:64:
28:e4:cc:4f:50:c9:22:aa:32:61:e6:e7:e8:cb:0f:
91:2d:ec:77:68:22:27:1c:8c:45:8c:6d:3a:4a:7f:
e6:af:14:61:4f:c6:88:b5:4f:59:fe:43:ad:04:aa:
55:5e:24:62:c0:ae:11:61:cc:ec:6e:38:60:0c:31:
79:92:d0:6c:9f:09:cb:de:a3:c6:76:0c:f5:93:08:
93:56:67:04:45:99:25:a8:73:82:8b:d9:8b:b4:a1:
3c:7f:9d:89:a5:5b:cc:37:a8:77:a3:bc:ea:7a:a4:
c2:cd:c7:66:71:2d:95:ec:5a:13:ec:83:c3:b5:2a:
df:5a:0a:ac:d7:02:4e:bc:fa:6a:bd:fb:c6:9b:c3:
0a:17:63:03:09:d5:c3:8f:9c:cb:91:fa:fb:5d:f4:
f2:4f:d1:ab:d4:b0:25:ea:26:a9:97:ad:f4:32:6e:
06:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:13:4B:19:26:BB:F8:57:DE:21:93:44:39:E0:C4:DA:93:D5:6B:09
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tBNLGSa7-FfeIZNEOeDE2pPVawk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.111.0-151.243.112.255
151.243.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:f4:14:05:de:97:b7:ef:1a:38:83:49:e5:19:b3:df:ef:2e:
9d:56:7b:03:8b:45:e6:61:6c:b0:42:67:db:a3:d9:3d:07:47:
01:53:5a:52:9e:f6:25:b5:3c:61:41:8a:2a:8f:cf:07:a0:73:
86:83:38:41:51:a0:bc:72:93:3c:dd:9b:1c:15:87:fe:4d:a3:
78:71:92:c1:de:4b:03:9a:89:2b:36:39:77:7d:14:e8:d9:16:
75:5d:7d:9a:eb:e5:9d:29:f7:63:bf:88:ed:6e:e6:58:3e:d5:
7c:1f:97:eb:c8:8f:7c:fa:58:6a:66:93:0b:c1:60:c8:95:0a:
06:33:81:ba:39:2a:b7:2a:eb:ea:de:3e:15:3c:9e:34:a9:85:
40:f8:d8:54:41:08:f6:a2:fd:e3:78:69:65:5f:9b:cf:02:40:
29:d1:32:9a:1f:29:b9:89:11:4a:c5:b5:de:87:32:42:f2:b7:
21:47:a1:d0:80:7c:3f:f5:47:bd:4b:bd:62:1f:21:27:df:69:
b0:2a:25:75:f7:4f:5f:6c:af:c0:17:c2:b5:68:63:c3:d0:5e:
36:17:1e:e8:89:24:e8:c7:9e:ca:e1:21:52:0e:65:f4:f9:fd:
aa:ec:6f:27:ff:4d:fa:8b:fe:f1:7a:f8:73:b6:9f:64:de:83:
84:2a:c6:47
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZR1BZB8vc5ZNaoRV43kET/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTE3MTYwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDEzNGIxOTI2YmJmODU3ZGUyMTkzNDQzOWUwYzRkYTkzZDU2YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42EE4r62omkUBksVlsq7FeDCFCmt
4qzExv8w2MgBoPP9Fa69ebgEYkG2lkqcNZlZUi4nN8yJ6s9L4MNE2RFVv7YfjbM9
eyT/5Z0UL+Iq3o4rgSHt89kU4GQo5MxPUMkiqjJh5ufoyw+RLex3aCInHIxFjG06
Sn/mrxRhT8aItU9Z/kOtBKpVXiRiwK4RYczsbjhgDDF5ktBsnwnL3qPGdgz1kwiT
VmcERZklqHOCi9mLtKE8f52JpVvMN6h3o7zqeqTCzcdmcS2V7FoT7IPDtSrfWgqs
1wJOvPpqvfvGm8MKF2MDCdXDj5zLkfr7XfTyT9Gr1LAl6iapl630Mm4GnwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLQTSxkmu/hX3iGTRDngxNqT1WsJMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdEJOTEdTYTctRmZlSVpORU9lREUycFBWYXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACX828D
BACX83ADBACX83IwDQYJKoZIhvcNAQELBQADggEBAJr0FAXel7fvGjiDSeUZs9/v
Lp1WewOLReZhbLBCZ9uj2T0HRwFTWlKe9iW1PGFBiiqPzwegc4aDOEFRoLxykzzd
mxwVh/5No3hxksHeSwOaiSs2OXd9FOjZFnVdfZrr5Z0p92O/iO1u5lg+1Xwfl+vI
j3z6WGpmkwvBYMiVCgYzgbo5Krcq6+rePhU8njSphUD42FRBCPai/eN4aWVfm88C
QCnRMpofKbmJEUrFtd6HMkLytyFHodCAfD/1R71LvWIfISffabAqJXX3T19sr8AX
wrVoY8PQXjYXHuiJJOjHnsrhIVIOZfT5/arsbyf/TfqL/vF6+HO2n2Teg4Qqxkc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:14 2025 by rpki-client