Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zX27k6f-7BJ0DQBPrzzFRnZD56M.roa
File: zX27k6f-7BJ0DQBPrzzFRnZD56M.roa (raw, json)
Hash identifier: TBifYqpTQyij8qKVmh0R9fIGlwWK1ePH6gJ+nmXFg4o=
Subject key identifier: CD:7D:BB:93:A7:FE:EC:12:74:0D:00:4F:AF:3C:C5:46:76:43:E7:A3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01957FA342905D492D2E3208DAFC089B7D25
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zX27k6f-7BJ0DQBPrzzFRnZD56M.roa
Signing time: Mon 10 Mar 2025 10:39:20 +0000
ROA not before: Mon 10 Mar 2025 10:39:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152672
IP address blocks: 151.242.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:a3:42:90:5d:49:2d:2e:32:08:da:fc:08:9b:7d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 10 10:39:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd7dbb93a7feec12740d004faf3cc5467643e7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fc:92:4e:99:4c:ae:ff:ab:11:9d:d5:c1:55:
c9:81:ee:fd:f6:4b:4a:8e:7c:a4:d5:73:04:3b:05:
ec:5e:c0:22:a3:c3:1f:fe:bf:e9:ba:12:95:b9:49:
d8:85:0e:89:97:f9:40:12:fd:da:0d:13:36:2e:99:
0c:41:89:2c:ee:b7:75:c8:db:27:95:81:68:50:82:
ca:0e:87:ab:fc:0f:31:35:bf:72:6f:12:42:19:29:
c1:17:27:2c:4a:de:2c:28:8c:f3:8b:5f:05:d7:7c:
cd:a2:cf:03:d6:c9:b8:c6:8a:44:96:19:74:9b:5e:
97:1f:c0:f0:ca:e6:20:67:0b:16:cf:25:78:ee:a7:
aa:3d:52:59:7b:4b:de:b2:54:c9:f5:61:66:4c:23:
0f:6f:5b:4a:03:e1:35:a0:32:4c:34:8c:b0:b0:03:
8d:a3:59:2e:b0:7d:58:ef:17:ea:2b:73:24:9c:72:
99:0c:a7:d8:cf:fe:33:a4:ee:01:ff:fd:c0:ee:b0:
b0:9b:55:af:2f:98:7b:78:f3:2e:02:d6:41:27:60:
29:58:81:52:e8:cc:76:73:89:26:66:37:ce:8e:c8:
07:32:bd:b5:fa:32:f6:3f:ac:87:23:a8:00:02:7a:
06:ba:f4:c3:5e:0d:4a:40:db:86:57:8f:83:6b:c7:
0b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7D:BB:93:A7:FE:EC:12:74:0D:00:4F:AF:3C:C5:46:76:43:E7:A3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zX27k6f-7BJ0DQBPrzzFRnZD56M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.42.0/24
Signature Algorithm: sha256WithRSAEncryption
91:6e:1c:7f:07:88:af:e2:b8:cc:5e:0a:01:8b:14:6a:2d:09:
84:20:36:3c:8b:8d:68:3f:95:96:96:84:12:8b:bd:58:4b:1b:
d5:dc:f9:d9:25:90:f4:50:78:e3:55:55:1d:84:d9:b3:66:c7:
bb:24:01:d0:66:70:c3:76:5a:b2:4f:aa:0a:3d:af:82:85:3e:
51:be:5b:e5:31:e6:d8:06:a1:8c:20:fc:f8:10:40:e5:5d:7e:
02:e3:22:9d:b8:85:a3:18:ee:7e:92:a2:ad:d8:42:09:26:54:
30:8a:cc:1d:7a:28:44:84:a2:b2:d2:20:8d:14:61:1c:6a:3f:
33:a3:d7:ca:61:5d:be:1d:c0:d0:d2:61:5d:40:95:5c:29:d7:
68:95:bc:b3:7f:26:60:59:40:7d:8c:c9:8a:c2:37:74:3c:64:
7a:61:1d:ed:fe:8f:67:ce:c5:c3:cd:10:c1:3f:87:f2:75:48:
79:d0:fe:b6:36:a8:f6:79:01:a7:72:77:ad:80:92:ff:03:67:
ba:f7:03:07:55:dc:25:4b:6e:32:68:4a:07:2b:44:53:e8:22:
64:59:66:2b:e5:94:60:4f:d3:44:6a:74:a2:e0:fe:4a:4f:41:
55:f5:80:8a:36:f6:27:7c:f6:00:8b:48:8a:c5:8d:f9:2c:e1:
4b:dd:25:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV/o0KQXUktLjII2vwIm30lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEwMTAzOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdkYmI5M2E3ZmVlYzEyNzQwZDAwNGZhZjNjYzU0Njc2NDNlN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvySTplMrv+rEZ3VwVXJge799ktK
jnyk1XMEOwXsXsAio8Mf/r/puhKVuUnYhQ6Jl/lAEv3aDRM2LpkMQYks7rd1yNsn
lYFoUILKDoer/A8xNb9ybxJCGSnBFycsSt4sKIzzi18F13zNos8D1sm4xopElhl0
m16XH8DwyuYgZwsWzyV47qeqPVJZe0veslTJ9WFmTCMPb1tKA+E1oDJMNIywsAON
o1kusH1Y7xfqK3MknHKZDKfYz/4zpO4B//3A7rCwm1WvL5h7ePMuAtZBJ2ApWIFS
6Mx2c4kmZjfOjsgHMr21+jL2P6yHI6gAAnoGuvTDXg1KQNuGV4+Da8cLAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM19u5On/uwSdA0AT688xUZ2Q+ejMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvelgyN2s2Zi03QkowRFFCUHJ6ekZSblpENTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/IqMA0G
CSqGSIb3DQEBCwUAA4IBAQCRbhx/B4iv4rjMXgoBixRqLQmEIDY8i41oP5WWloQS
i71YSxvV3PnZJZD0UHjjVVUdhNmzZse7JAHQZnDDdlqyT6oKPa+ChT5RvlvlMebY
BqGMIPz4EEDlXX4C4yKduIWjGO5+kqKt2EIJJlQwiswdeihEhKKy0iCNFGEcaj8z
o9fKYV2+HcDQ0mFdQJVcKddolbyzfyZgWUB9jMmKwjd0PGR6YR3t/o9nzsXDzRDB
P4fydUh50P62Nqj2eQGncnetgJL/A2e69wMHVdwlS24yaEoHK0RT6CJkWWYr5ZRg
T9NEanSi4P5KT0FV9YCKNvYnfPYAi0iKxY35LOFL3SXO
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:58 2025 by rpki-client