Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/28XuxBEXh_OnYw_d7JNY8DhB8qw.roa
File: 28XuxBEXh_OnYw_d7JNY8DhB8qw.roa (raw, json)
Hash identifier: l6SOF8pKMCVaA+Rvm+CvoMDQ5vFKmIbxQ4ST4bnzBYs=
Subject key identifier: DB:C5:EE:C4:11:17:87:F3:A7:63:0F:DD:EC:93:58:F0:38:41:F2:AC
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 08A4F8CF
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/28XuxBEXh_OnYw_d7JNY8DhB8qw.roa
Signing time: Fri 17 Jun 2022 02:04:47 +0000
ROA not before: Fri 17 Jun 2022 02:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145029327 (0x8a4f8cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Jun 17 02:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbc5eec4111787f3a7630fddec9358f03841f2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a1:14:eb:15:30:57:c5:38:7c:48:de:f5:7d:
c7:29:62:32:02:1e:ae:dd:06:79:a9:8c:72:2b:f6:
ac:38:7f:67:09:c6:10:b0:90:bd:80:74:53:5c:d4:
23:33:19:e7:f8:85:57:eb:dd:98:59:81:08:bf:07:
5b:9a:fe:17:ab:c0:7d:21:e6:1a:99:22:36:86:3a:
c4:55:c3:ba:98:41:f4:62:24:47:d1:94:4a:83:49:
0c:a9:c5:bf:11:27:c5:04:b5:e7:d1:5a:0b:70:41:
02:02:03:1b:56:28:07:16:63:db:4a:b2:4e:22:7e:
d1:ef:31:df:7f:4c:65:47:7f:e8:3f:29:24:d5:c6:
5a:17:76:e3:ac:3f:87:d6:c6:45:67:87:65:af:9c:
89:dd:0e:30:60:fa:60:65:c7:29:3f:fe:b0:8b:f8:
64:71:c7:f2:07:41:7c:43:00:f3:32:ec:f7:a7:8f:
f8:0e:9f:43:f4:d6:40:83:c1:ec:0e:0d:de:a1:c8:
1a:56:61:3e:84:fd:13:08:bf:22:dd:52:af:30:a7:
a3:51:91:81:34:e5:d0:46:1a:72:20:64:f8:81:bc:
2f:3b:ed:bb:da:a8:de:57:29:92:f3:db:dc:68:20:
33:c1:58:e8:dc:1f:1d:2b:9e:0b:0c:4e:df:1e:ba:
30:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C5:EE:C4:11:17:87:F3:A7:63:0F:DD:EC:93:58:F0:38:41:F2:AC
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/28XuxBEXh_OnYw_d7JNY8DhB8qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/48
Signature Algorithm: sha256WithRSAEncryption
25:43:35:b8:71:1f:62:78:fb:9a:62:8c:7e:4a:3a:bf:a2:04:
49:34:a4:6f:ac:df:b7:48:79:d6:e6:5d:f0:17:70:67:a9:38:
65:66:62:93:8b:7e:6f:41:2d:d8:30:40:b3:07:3a:42:19:e3:
a3:2a:6b:4b:60:bd:7e:20:a0:d6:01:d3:80:ae:6c:f6:a4:bf:
58:12:3c:74:11:7f:43:f9:0c:d8:c4:bc:09:89:70:75:e6:83:
f5:46:49:71:62:b3:03:2c:10:7c:a0:2a:0f:af:c5:f4:50:eb:
7f:0c:0d:a9:ca:f7:c6:f6:1e:56:fd:91:09:5c:8a:73:ce:67:
00:5e:74:c5:3f:b0:d5:35:54:6c:29:f2:6f:de:5d:16:bc:47:
33:25:49:a8:8a:24:78:86:4e:8d:e7:3d:1f:d1:da:af:5e:7d:
c5:c7:05:c4:45:97:e4:b3:07:7e:a2:b4:f7:6e:10:eb:98:3d:
79:7d:1d:b7:dc:5e:19:bd:24:7a:95:3f:cc:1a:b7:f2:4e:31:
49:eb:bb:54:40:ff:2a:09:df:ad:0a:5f:50:cf:55:5d:89:11:
c6:e6:41:02:79:a0:b8:b9:49:b3:d0:5e:42:1d:ac:a5:6b:34:
df:70:60:61:55:de:4e:88:6c:2d:a1:b7:05:54:3b:6b:0b:8a:
ad:9e:85:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECKT4zzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDYx
NzAyMDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJjNWVlYzQxMTE3
ODdmM2E3NjMwZmRkZWM5MzU4ZjAzODQxZjJhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANihFOsVMFfFOHxI3vV9xyliMgIert0GeamMciv2rDh/ZwnG
ELCQvYB0U1zUIzMZ5/iFV+vdmFmBCL8HW5r+F6vAfSHmGpkiNoY6xFXDuphB9GIk
R9GUSoNJDKnFvxEnxQS159FaC3BBAgIDG1YoBxZj20qyTiJ+0e8x339MZUd/6D8p
JNXGWhd246w/h9bGRWeHZa+cid0OMGD6YGXHKT/+sIv4ZHHH8gdBfEMA8zLs96eP
+A6fQ/TWQIPB7A4N3qHIGlZhPoT9Ewi/It1SrzCno1GRgTTl0EYaciBk+IG8Lzvt
u9qo3lcpkvPb3GggM8FY6NwfHSueCwxO3x66MN8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTbxe7EEReH86djD93sk1jwOEHyrDAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
LzI4WHV4QkVYaF9Pbll3X2Q3Sk5ZOERoQjhxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAZfYBDAPBAIAAjAJAwcAIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAlQzW4cR9iePuaYox+Sjq/ogRJNKRvrN+3SHnW
5l3wF3BnqThlZmKTi35vQS3YMECzBzpCGeOjKmtLYL1+IKDWAdOArmz2pL9YEjx0
EX9D+QzYxLwJiXB15oP1RklxYrMDLBB8oCoPr8X0UOt/DA2pyvfG9h5W/ZEJXIpz
zmcAXnTFP7DVNVRsKfJv3l0WvEczJUmoiiR4hk6N5z0f0dqvXn3FxwXERZfkswd+
orT3bhDrmD15fR233F4ZvSR6lT/MGrfyTjFJ67tUQP8qCd+tCl9Qz1VdiRHG5kEC
eaC4uUmz0F5CHaylazTfcGBhVd5OiGwtobcFVDtrC4qtnoW6
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:30:52 2025 by rpki-client