Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/KABmo7LUjyq99hqBTH0dcqd3lCo.roa
File: KABmo7LUjyq99hqBTH0dcqd3lCo.roa (raw, json)
Hash identifier: GkizHNUPLBccxPfb4JW1TnAEivxsXzDM7/UZVTynDhc=
Subject key identifier: 28:00:66:A3:B2:D4:8F:2A:BD:F6:1A:81:4C:7D:1D:72:A7:77:94:2A
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 0185718326A51939E4A42C20E627779468C6
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/KABmo7LUjyq99hqBTH0dcqd3lCo.roa
Signing time: Mon 02 Jan 2023 08:04:58 +0000
ROA not before: Mon 02 Jan 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59962
IP address blocks: 151.232.112.0/24 maxlen: 24
151.232.115.0/24 maxlen: 24
151.232.114.0/24 maxlen: 24
151.232.118.0/24 maxlen: 24
151.232.113.0/24 maxlen: 24
151.232.117.0/24 maxlen: 24
151.232.116.0/24 maxlen: 24
151.232.123.0/24 maxlen: 24
151.232.119.0/24 maxlen: 24
151.232.122.0/24 maxlen: 24
151.232.125.0/24 maxlen: 24
151.232.121.0/24 maxlen: 24
151.232.124.0/24 maxlen: 24
151.232.120.0/24 maxlen: 24
151.232.127.0/24 maxlen: 24
151.232.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:26:a5:19:39:e4:a4:2c:20:e6:27:77:94:68:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 2 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=280066a3b2d48f2abdf61a814c7d1d72a777942a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:70:3b:64:1b:f8:e0:3c:36:54:67:e6:d1:44:
43:ed:09:32:42:ed:eb:e2:5b:1a:b9:94:38:db:84:
46:bb:d5:f6:32:d0:47:14:1f:ca:0b:de:a9:81:c7:
c8:44:72:90:1f:c2:10:f3:19:56:ad:a5:7c:6c:9c:
9c:02:4a:ea:c4:3a:63:bd:c0:4b:36:f7:5e:c8:f2:
5b:4b:e9:da:1c:a1:51:0b:95:74:9b:2c:a5:48:3b:
8e:9b:a9:b6:2c:38:4e:72:c0:22:de:4b:03:ca:29:
bc:32:12:1c:38:04:11:cf:08:85:34:f9:b5:dd:b9:
2f:ba:4a:0b:85:c3:d1:18:f2:49:c2:ac:6b:64:cf:
c6:b4:29:ba:e1:cd:80:33:50:43:91:16:c8:91:1b:
31:d5:45:10:ad:cf:0a:93:29:3d:b0:f3:c6:35:70:
db:21:fd:f1:92:27:9f:8d:0a:bd:85:fe:4e:ac:a8:
00:6b:82:c4:61:c7:f4:86:ab:0b:13:dd:0b:31:3f:
d4:2f:ef:b6:c7:67:ae:1a:42:ae:8e:38:16:e4:98:
cb:07:43:ae:ff:2d:a8:10:dc:c2:e1:a7:75:fd:f7:
3e:1b:8a:9f:21:f2:f2:34:69:9a:d9:27:c1:ca:33:
fb:40:7e:e3:ee:e4:6c:89:f7:8f:69:5c:8e:a1:5e:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:00:66:A3:B2:D4:8F:2A:BD:F6:1A:81:4C:7D:1D:72:A7:77:94:2A
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/KABmo7LUjyq99hqBTH0dcqd3lCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.232.112.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:78:d1:18:21:f4:58:12:8d:ba:01:76:b9:b4:10:68:65:11:
86:1b:11:5e:69:bb:4b:93:53:52:bf:03:77:c9:ac:2a:fe:2d:
39:94:64:fb:e8:51:92:cd:63:61:7c:36:48:ff:96:5f:e7:23:
7b:7f:43:52:54:a7:32:93:43:d6:f4:8e:0a:1c:2c:fb:bd:e7:
30:87:3b:23:7a:7a:c4:06:94:07:94:80:7b:33:42:6a:54:78:
f3:6a:c9:ed:e5:bc:f1:ff:48:04:49:88:39:f0:7d:0e:17:38:
3c:1b:c2:25:dc:e8:78:f2:b9:57:ce:91:9b:f4:e3:6f:17:69:
50:43:4f:95:4c:d3:3d:0c:53:27:ca:90:0c:dc:93:cc:73:3d:
dd:26:34:21:03:a0:2a:dc:f0:cd:32:bf:ab:6d:a3:f5:d9:2e:
d3:55:22:15:6a:7c:9f:e4:43:95:92:4e:15:8f:60:91:88:fa:
3a:b6:f9:d2:0d:35:5b:b5:86:c6:71:c0:07:89:f3:e5:49:0d:
53:f1:6e:0f:8e:5c:91:82:f9:13:ff:93:8e:c3:75:56:91:f2:
8a:e7:c9:14:6a:7a:bf:98:41:7d:ad:8b:6c:42:8b:e4:eb:fd:
f4:fe:a2:96:6c:bc:3e:67:a6:3b:fe:04:9c:1d:10:a6:de:ac:
05:6f:98:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgyalGTnkpCwg5id3lGjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjMwMTAyMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAwNjZhM2IyZDQ4ZjJhYmRmNjFhODE0YzdkMWQ3MmE3Nzc5NDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nA7ZBv44Dw2VGfm0URD7QkyQu3r
4lsauZQ424RGu9X2MtBHFB/KC96pgcfIRHKQH8IQ8xlWraV8bJycAkrqxDpjvcBL
NvdeyPJbS+naHKFRC5V0myylSDuOm6m2LDhOcsAi3ksDyim8MhIcOAQRzwiFNPm1
3bkvukoLhcPRGPJJwqxrZM/GtCm64c2AM1BDkRbIkRsx1UUQrc8Kkyk9sPPGNXDb
If3xkiefjQq9hf5OrKgAa4LEYcf0hqsLE90LMT/UL++2x2euGkKujjgW5JjLB0Ou
/y2oENzC4ad1/fc+G4qfIfLyNGma2SfByjP7QH7j7uRsifePaVyOoV513wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgAZqOy1I8qvfYagUx9HXKnd5QqMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvS0FCbW83TFVqeXE5OWhxQlRIMGRjcWQzbENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEl+hwMA0G
CSqGSIb3DQEBCwUAA4IBAQCeeNEYIfRYEo26AXa5tBBoZRGGGxFeabtLk1NSvwN3
yawq/i05lGT76FGSzWNhfDZI/5Zf5yN7f0NSVKcyk0PW9I4KHCz7vecwhzsjenrE
BpQHlIB7M0JqVHjzasnt5bzx/0gESYg58H0OFzg8G8Il3Oh48rlXzpGb9ONvF2lQ
Q0+VTNM9DFMnypAM3JPMcz3dJjQhA6Aq3PDNMr+rbaP12S7TVSIVanyf5EOVkk4V
j2CRiPo6tvnSDTVbtYbGccAHifPlSQ1T8W4PjlyRgvkT/5OOw3VWkfKK58kUanq/
mEF9rYtsQovk6/30/qKWbLw+Z6Y7/gScHRCm3qwFb5gx
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:50:16 2025 by rpki-client