Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/3obwSZnNlruLpC0AywZ8ubmm5gQ.roa
File: 3obwSZnNlruLpC0AywZ8ubmm5gQ.roa (raw, json)
Hash identifier: 1Gv8yqkDNQ0SHKPDO1UKWBdNym26+pJFK1SYndjUkjk=
Subject key identifier: DE:86:F0:49:99:CD:96:BB:8B:A4:2D:00:CB:06:7C:B9:B9:A6:E6:04
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 045A3F09
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/3obwSZnNlruLpC0AywZ8ubmm5gQ.roa
Signing time: Sun 20 Feb 2022 05:32:51 +0000
ROA not before: Sun 20 Feb 2022 05:32:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
2001:7fc:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73023241 (0x45a3f09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Feb 20 05:32:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de86f04999cd96bb8ba42d00cb067cb9b9a6e604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d0:87:6c:2c:31:4e:09:3d:1f:f8:0a:75:3d:
9a:a2:cd:d3:49:ef:1e:69:52:4d:98:5b:3a:af:c5:
89:f0:ec:b0:c4:2f:a7:ac:6e:c9:d9:06:f0:35:f7:
37:86:3b:46:f0:39:31:1a:fd:be:3f:9c:f9:19:6f:
db:ab:3d:8f:3c:b1:4a:98:69:00:54:e9:28:4a:a9:
13:16:16:fb:38:68:69:8b:ea:83:fd:3a:bc:09:ad:
92:15:36:a0:19:f1:e7:e2:7e:0d:a8:9a:cf:5f:f8:
34:7e:64:cc:d5:56:b9:12:46:0d:f8:24:73:c5:40:
82:4b:ae:c7:09:5e:1d:56:08:f6:06:0d:27:7a:f0:
85:30:52:1c:57:e0:7e:52:1b:c4:3a:6d:13:e2:c0:
34:72:ea:38:9d:51:d1:e4:66:c6:0c:49:58:66:33:
5c:b4:97:20:85:e5:bc:1f:f6:dd:c7:fa:a1:ba:e2:
2c:71:53:95:83:07:1e:ba:e0:83:ba:84:12:52:b9:
e9:b6:54:1b:47:f0:c6:55:13:6a:93:6d:2e:62:da:
85:63:c2:5a:0a:9a:21:2d:f8:a2:a1:a0:de:cf:1e:
fb:44:6a:72:80:19:22:02:1c:30:c6:0f:4b:05:95:
6d:d1:d1:29:ee:27:f7:2a:d3:9a:25:6f:0c:77:b4:
a7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:86:F0:49:99:CD:96:BB:8B:A4:2D:00:CB:06:7C:B9:B9:A6:E6:04
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/3obwSZnNlruLpC0AywZ8ubmm5gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/47
Signature Algorithm: sha256WithRSAEncryption
16:17:d7:02:11:c3:c3:f0:5f:2a:87:33:58:1b:7b:0a:63:f4:
14:67:ba:96:18:a1:9f:94:dd:ef:8b:9b:44:84:88:81:27:1b:
a8:ff:08:0e:6f:52:31:1c:5a:8c:24:91:e2:bc:dc:a0:e5:f3:
87:a9:82:09:de:d5:ea:2d:4b:55:4a:ec:1d:b7:fd:f6:dd:23:
58:08:77:d6:64:ed:d4:05:68:89:83:ba:fc:d3:23:59:29:92:
d6:7d:99:99:84:cf:49:80:11:2b:57:51:16:5d:ff:6a:62:30:
2f:7d:43:34:30:16:bc:0f:54:20:8d:77:42:8e:f1:ee:74:04:
f7:8c:47:09:01:1e:d5:9b:b6:fd:62:24:ce:5c:37:b8:0d:ca:
36:58:45:c1:e4:bf:e7:ca:d1:4e:90:2a:65:c6:40:53:3d:c1:
3b:36:cd:d6:bb:4b:41:ea:8e:70:5e:01:a6:42:e6:83:5d:db:
e0:52:49:bc:86:86:ab:7a:7a:86:bb:49:10:9a:fe:04:94:c2:
29:9a:4b:cb:eb:fb:e2:ca:54:6a:ef:fb:da:be:d5:bf:7b:63:
bf:98:e8:71:5f:53:a7:36:e7:bd:f1:2e:db:f2:00:70:6d:e5:
c3:80:5d:62:54:97:b5:8d:7a:ab:da:b9:7a:a2:c9:1e:3e:a2:
b5:aa:20:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBFo/CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDIy
MDA1MzI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU4NmYwNDk5OWNk
OTZiYjhiYTQyZDAwY2IwNjdjYjliOWE2ZTYwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnQh2wsMU4JPR/4CnU9mqLN00nvHmlSTZhbOq/FifDssMQv
p6xuydkG8DX3N4Y7RvA5MRr9vj+c+Rlv26s9jzyxSphpAFTpKEqpExYW+zhoaYvq
g/06vAmtkhU2oBnx5+J+Daiaz1/4NH5kzNVWuRJGDfgkc8VAgkuuxwleHVYI9gYN
J3rwhTBSHFfgflIbxDptE+LANHLqOJ1R0eRmxgxJWGYzXLSXIIXlvB/23cf6obri
LHFTlYMHHrrgg7qEElK56bZUG0fwxlUTapNtLmLahWPCWgqaIS34oqGg3s8e+0Rq
coAZIgIcMMYPSwWVbdHRKe4n9yrTmiVvDHe0p7UCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTehvBJmc2Wu4ukLQDLBny5uabmBDAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
LzNvYndTWm5ObHJ1THBDMEF5d1o4dWJtbTVnUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAZfYBDAPBAIAAjAJAwcBIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAWF9cCEcPD8F8qhzNYG3sKY/QUZ7qWGKGflN3v
i5tEhIiBJxuo/wgOb1IxHFqMJJHivNyg5fOHqYIJ3tXqLUtVSuwdt/323SNYCHfW
ZO3UBWiJg7r80yNZKZLWfZmZhM9JgBErV1EWXf9qYjAvfUM0MBa8D1QgjXdCjvHu
dAT3jEcJAR7Vm7b9YiTOXDe4Dco2WEXB5L/nytFOkCplxkBTPcE7Ns3Wu0tB6o5w
XgGmQuaDXdvgUkm8hoarenqGu0kQmv4ElMIpmkvL6/viylRq7/vavtW/e2O/mOhx
X1OnNue98S7b8gBwbeXDgF1iVJe1jXqr2rl6oskePqK1qiA0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:50 2025 by rpki-client