Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/9RKbsBMFVysQxsLMdCOkzojNfkY.roa
File: 9RKbsBMFVysQxsLMdCOkzojNfkY.roa (raw, json)
Hash identifier: w20vjrfTdXNm52TNZ2/O4S5ReJhDtK9fOK7xZ2oRIFU=
Subject key identifier: F5:12:9B:B0:13:05:57:2B:10:C6:C2:CC:74:23:A4:CE:88:CD:7E:46
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018D60F615AE1CEF1C7392599CDE93BC429B
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/9RKbsBMFVysQxsLMdCOkzojNfkY.roa
Signing time: Wed 31 Jan 2024 19:19:16 +0000
ROA not before: Wed 31 Jan 2024 19:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210154
IP address blocks: 46.254.135.0/24 maxlen: 24
151.237.20.0/24 maxlen: 24
151.237.21.0/24 maxlen: 24
151.237.22.0/24 maxlen: 24
151.237.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:f6:15:ae:1c:ef:1c:73:92:59:9c:de:93:bc:42:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 31 19:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5129bb01305572b10c6c2cc7423a4ce88cd7e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:58:75:b6:c4:24:ae:99:85:9d:93:31:5d:53:
46:0f:15:82:98:95:0b:85:f8:76:06:2a:e6:f0:ef:
ce:90:35:bb:96:af:48:4a:b7:5e:07:74:cf:92:77:
07:12:93:0e:b0:33:ad:bd:b5:9d:68:c1:ca:78:68:
ca:78:e9:2a:ba:8d:e3:c0:31:24:ea:35:15:3b:19:
60:f3:7d:b9:78:67:65:b5:00:63:a8:0a:e0:85:a8:
27:97:87:a7:78:02:20:25:89:6b:68:78:f7:7f:3f:
33:b3:74:fe:ea:df:d5:5f:37:8e:f4:a2:20:db:f0:
b1:9b:ef:49:9e:44:f1:a3:1f:2b:3e:c5:d6:2d:a0:
c0:46:13:1b:ba:c3:f1:8f:d5:c5:2b:cb:76:19:49:
f5:98:15:bb:0e:a4:b8:e6:ee:72:83:4c:9e:b8:da:
c5:38:ac:4f:92:9d:ef:fb:81:1e:bf:56:80:1b:c1:
f4:80:cf:ca:8e:74:2f:14:ae:1c:ff:0a:40:67:33:
65:7a:2a:fa:c5:5e:3e:e8:3b:d5:1d:cb:12:7b:6c:
bb:b7:0b:7d:0b:2e:78:a2:75:6e:eb:48:79:eb:ca:
ae:3f:e3:8c:ca:fb:18:ae:81:df:f1:cb:51:9f:30:
c9:f2:1f:45:d5:c7:5b:93:f1:cc:0e:33:b4:ca:53:
5a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:12:9B:B0:13:05:57:2B:10:C6:C2:CC:74:23:A4:CE:88:CD:7E:46
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/9RKbsBMFVysQxsLMdCOkzojNfkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.135.0/24
151.237.20.0-151.237.22.255
151.237.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:5d:fd:6e:27:36:ef:f3:56:06:c7:5c:c3:75:54:4d:d3:38:
20:db:88:53:6d:ea:ce:a4:24:f9:3f:6e:27:30:5e:0b:e4:7d:
d5:e4:8b:f0:f3:c0:0e:e6:3e:f4:0d:44:59:14:b8:f4:20:72:
ca:b5:18:3d:80:cb:4b:da:cb:bf:92:41:46:75:0d:4a:c8:3a:
cf:09:8e:a6:37:e0:80:44:22:8d:cb:f9:3d:b5:ed:91:40:75:
ce:60:fc:50:29:49:17:20:d8:28:ff:94:ca:5b:19:95:32:6d:
df:ee:3c:93:d3:d2:9a:0e:9b:f0:f9:12:51:cd:e5:7a:c1:3d:
70:27:08:af:22:56:95:3b:36:c4:fc:3b:7d:7b:15:73:08:76:
74:63:2e:1e:94:96:3a:49:82:ec:b0:e3:16:8a:b2:03:ae:70:
6b:9f:db:21:42:7e:0e:5d:a3:1c:67:5d:35:6b:5a:8d:26:8e:
f1:57:9a:78:26:80:1f:e2:a5:ae:ce:38:13:77:0c:ba:29:22:
52:00:1f:88:5b:7b:91:3a:96:b7:97:d1:f6:90:af:d1:17:32:
2b:9b:bc:c3:7f:b2:97:42:d7:af:8a:10:70:aa:67:b6:85:cc:
97:8c:1f:c4:93:c7:36:d1:d5:13:50:57:4e:04:53:ea:36:a5:
cc:77:b5:63
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY1g9hWuHO8cc5JZnN6TvEKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTMxMTkxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTEyOWJiMDEzMDU1NzJiMTBjNmMyY2M3NDIzYTRjZTg4Y2Q3ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1h1tsQkrpmFnZMxXVNGDxWCmJUL
hfh2Birm8O/OkDW7lq9ISrdeB3TPkncHEpMOsDOtvbWdaMHKeGjKeOkquo3jwDEk
6jUVOxlg8325eGdltQBjqArghagnl4eneAIgJYlraHj3fz8zs3T+6t/VXzeO9KIg
2/Cxm+9JnkTxox8rPsXWLaDARhMbusPxj9XFK8t2GUn1mBW7DqS45u5yg0yeuNrF
OKxPkp3v+4Eev1aAG8H0gM/KjnQvFK4c/wpAZzNleir6xV4+6DvVHcsSe2y7twt9
Cy54onVu60h568quP+OMyvsYroHf8ctRnzDJ8h9F1cdbk/HMDjO0ylNa9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPUSm7ATBVcrEMbCzHQjpM6IzX5GMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvOVJLYnNCTUZWeXNReHNMTWRDT2t6b2pOZmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALv6HMAwD
BAKX7RQDBACX7RYDBACX7SAwDQYJKoZIhvcNAQELBQADggEBADtd/W4nNu/zVgbH
XMN1VE3TOCDbiFNt6s6kJPk/bicwXgvkfdXki/DzwA7mPvQNRFkUuPQgcsq1GD2A
y0vay7+SQUZ1DUrIOs8JjqY34IBEIo3L+T217ZFAdc5g/FApSRcg2Cj/lMpbGZUy
bd/uPJPT0poOm/D5ElHN5XrBPXAnCK8iVpU7NsT8O317FXMIdnRjLh6UljpJguyw
4xaKsgOucGuf2yFCfg5doxxnXTVrWo0mjvFXmngmgB/ipa7OOBN3DLopIlIAH4hb
e5E6lreX0faQr9EXMiubvMN/spdC16+KEHCqZ7aFzJeMH8STxzbR1RNQV04EU+o2
pcx3tWM=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:09:57 2025 by rpki-client