Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/3FHx00tfXX-OBtOwNT6Mrde4nu0.roa
File: 3FHx00tfXX-OBtOwNT6Mrde4nu0.roa (raw, json)
Hash identifier: hAkyZkxpZadxk+10YWajnFS4CTX48wWfL+DYibnmqsM=
Subject key identifier: DC:51:F1:D3:4B:5F:5D:7F:8E:06:D3:B0:35:3E:8C:AD:D7:B8:9E:ED
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 0185700B88AE6D4360DB5DBBDB2E0C98E5B2
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/3FHx00tfXX-OBtOwNT6Mrde4nu0.roa
Signing time: Mon 02 Jan 2023 01:14:42 +0000
ROA not before: Mon 02 Jan 2023 01:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 666
IP address blocks: 151.216.32.0/24 maxlen: 24
151.216.36.0/24 maxlen: 24
151.216.33.0/24 maxlen: 24
151.216.37.0/24 maxlen: 24
151.216.34.0/24 maxlen: 24
151.216.38.0/24 maxlen: 24
151.216.35.0/24 maxlen: 24
151.216.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:88:ae:6d:43:60:db:5d:bb:db:2e:0c:98:e5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Jan 2 01:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc51f1d34b5f5d7f8e06d3b0353e8cadd7b89eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:22:fd:42:92:72:d9:1c:bb:bb:62:53:d3:fb:
97:33:a9:bc:a3:e2:79:93:2f:80:74:b8:b4:48:e5:
32:10:7b:20:c6:79:3a:4b:c1:a3:db:80:41:4e:11:
3a:a7:bb:85:9f:42:d7:52:f6:d9:1d:5b:53:ca:23:
91:21:60:6a:cc:72:bd:ea:c5:79:ae:a4:e9:34:78:
8b:30:b3:dd:b4:f4:c7:b2:f3:68:fc:6a:f4:95:7a:
da:7f:81:4a:9c:4a:63:9e:78:20:c8:3a:fd:82:31:
34:50:6d:03:9c:b9:12:56:8d:49:59:28:2c:91:ad:
f6:2a:ca:bd:b4:88:9e:91:fa:2e:e5:27:3d:81:8a:
f4:5a:0d:c6:70:90:15:d5:af:85:8c:aa:a3:34:34:
c0:31:c1:cd:88:2a:27:c3:cf:b5:61:ea:52:63:72:
b2:dc:4e:97:f3:dc:36:ee:b0:09:a6:5f:ad:3c:cc:
88:84:2f:ad:9f:1f:e1:15:64:52:f9:34:30:59:f6:
83:6e:f3:d2:71:52:1c:5f:c5:6b:e7:82:4c:e2:55:
c3:31:74:c8:34:70:ed:e0:e3:de:d2:bc:1c:11:1f:
b7:30:e6:c1:d0:04:50:73:c0:31:46:e1:50:07:db:
e1:16:78:26:77:16:92:89:82:38:9a:66:ef:6f:8e:
b3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:51:F1:D3:4B:5F:5D:7F:8E:06:D3:B0:35:3E:8C:AD:D7:B8:9E:ED
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/3FHx00tfXX-OBtOwNT6Mrde4nu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.32.0/21
Signature Algorithm: sha256WithRSAEncryption
13:bb:eb:1c:36:b6:f5:c0:a1:23:bc:c0:27:21:90:fa:d0:9f:
2e:b3:46:a6:20:b5:b6:32:b8:40:4e:46:80:30:b8:57:76:3c:
b7:fa:93:d6:d7:69:e3:a2:2f:e9:f5:46:69:f7:68:ae:0f:66:
e4:ec:a8:87:b8:2e:e1:ab:16:4e:28:be:0b:27:dc:f1:7f:5f:
05:f6:3a:d2:97:8f:3d:fa:5e:92:5e:59:69:ed:f9:4a:71:d5:
62:21:ee:04:87:c0:c0:8d:4e:77:4f:71:cb:62:8d:2e:81:63:
b4:8e:01:ff:d0:7c:e9:57:68:b5:11:02:21:7d:eb:11:eb:5e:
a2:01:8b:a2:5f:c8:a8:39:12:28:d1:1f:0d:63:00:3b:57:6c:
19:a8:dd:38:cc:e3:5e:c8:ea:58:9b:64:90:ad:c6:e5:87:4e:
7b:24:74:47:28:b9:8f:51:d3:e9:41:56:67:70:34:55:3d:b1:
03:c3:ad:e4:46:84:62:01:d0:cc:0c:dc:1b:16:4e:ed:6a:57:
fd:bd:d3:d1:05:23:ab:4f:cd:39:50:ab:ce:56:fe:da:6d:dc:
42:21:f3:e2:ad:bb:b8:29:f5:f1:a6:4a:66:5c:06:7d:95:bd:
bb:3d:ad:25:18:4c:c6:07:30:49:85:1b:d3:13:33:5d:44:06:
4d:67:c2:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwC4iubUNg21272y4MmOWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiM2RhNmU5OWM2NjY1MTNhMmNlZTVmMGUwZDNhYjc0NWYx
NjdkYzMwHhcNMjMwMTAyMDExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUxZjFkMzRiNWY1ZDdmOGUwNmQzYjAzNTNlOGNhZGQ3Yjg5ZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SL9QpJy2Ry7u2JT0/uXM6m8o+J5
ky+AdLi0SOUyEHsgxnk6S8Gj24BBThE6p7uFn0LXUvbZHVtTyiORIWBqzHK96sV5
rqTpNHiLMLPdtPTHsvNo/Gr0lXraf4FKnEpjnnggyDr9gjE0UG0DnLkSVo1JWSgs
ka32Ksq9tIiekfou5Sc9gYr0Wg3GcJAV1a+FjKqjNDTAMcHNiConw8+1YepSY3Ky
3E6X89w27rAJpl+tPMyIhC+tnx/hFWRS+TQwWfaDbvPScVIcX8Vr54JM4lXDMXTI
NHDt4OPe0rwcER+3MObB0ARQc8AxRuFQB9vhFngmdxaSiYI4mmbvb46zJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxR8dNLX11/jgbTsDU+jK3XuJ7tMB8GA1UdIwQY
MBaAFEs9pumcZmUTos7l8ODTq3RfFn3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3oybTZaeG1aUk9penVYdzROT3JkRjhXZmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82ZjIzMmUtMjI3NS00NGU5LTkxYzAt
YzczOTdhMjY2OWE5LzEvM0ZIeDAwdGZYWC1PQnRPd05UNk1yZGU0bnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82ZjIzMmUtMjI3NS00NGU5LTkxYzAtYzczOTdhMjY2OWE5
LzEvU3oybTZaeG1aUk9penVYdzROT3JkRjhXZmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDl9ggMA0G
CSqGSIb3DQEBCwUAA4IBAQATu+scNrb1wKEjvMAnIZD60J8us0amILW2MrhATkaA
MLhXdjy3+pPW12njoi/p9UZp92iuD2bk7KiHuC7hqxZOKL4LJ9zxf18F9jrSl489
+l6SXllp7flKcdViIe4Eh8DAjU53T3HLYo0ugWO0jgH/0HzpV2i1EQIhfesR616i
AYuiX8ioORIo0R8NYwA7V2wZqN04zONeyOpYm2SQrcblh057JHRHKLmPUdPpQVZn
cDRVPbEDw63kRoRiAdDMDNwbFk7talf9vdPRBSOrT805UKvOVv7abdxCIfPirbu4
KfXxpkpmXAZ9lb27Pa0lGEzGBzBJhRvTEzNdRAZNZ8JL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:53 2024 by rpki-client on console-ams.rpki-client.org