Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/IHpmHgeHlV2-s253DdOJbwcTGm0.roa
File: IHpmHgeHlV2-s253DdOJbwcTGm0.roa (raw, json)
Hash identifier: s7VW45xwy0yHehv0tvmRE1w5a1E1PMNi6w1/NwIvf5k=
Subject key identifier: 20:7A:66:1E:07:87:95:5D:BE:B3:6E:77:0D:D3:89:6F:07:13:1A:6D
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 09824364
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/IHpmHgeHlV2-s253DdOJbwcTGm0.roa
Signing time: Sun 03 Jul 2022 12:53:25 +0000
ROA not before: Sun 03 Jul 2022 12:53:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
2001:7fc:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159531876 (0x9824364)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Jul 3 12:53:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=207a661e0787955dbeb36e770dd3896f07131a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:56:08:b5:75:3e:a9:8d:a0:d0:c7:f7:24:
18:37:bb:ff:af:66:3f:dc:5e:12:37:59:33:4c:6d:
54:29:ab:f6:f0:31:36:e3:9c:c5:f6:56:d7:99:11:
4f:bb:1a:d8:47:70:bc:f8:68:84:23:0d:d6:73:a9:
8d:27:b2:5c:05:a9:61:71:5d:1c:0b:5f:d7:b1:cb:
fd:f2:b0:bf:ce:8c:e1:fd:c2:ee:95:1f:66:30:4d:
5c:21:69:1d:8c:17:4a:8f:8d:9b:02:97:d8:fd:34:
bc:cd:a5:96:a3:e4:83:25:89:6a:ce:e8:aa:2c:4f:
df:cb:11:e3:49:72:ed:26:af:ff:b8:8d:48:eb:24:
bd:21:84:ee:37:2a:a1:d7:c5:d1:e5:f2:05:8f:42:
03:ce:7d:a4:08:09:f6:cb:ae:20:10:8b:5d:66:40:
a8:0b:df:76:67:67:02:67:33:bf:f1:ad:4b:5a:8d:
cf:f2:3f:99:8d:4a:eb:ff:af:40:ea:d5:31:ef:da:
cf:54:52:d4:4a:43:e3:9a:24:37:bf:be:2d:01:d9:
90:20:c4:c4:b2:22:12:8a:b9:4b:71:5f:1f:8f:f0:
1e:8b:b9:f0:c3:bf:a5:de:1d:a2:dc:07:6e:16:f3:
b4:26:3d:5d:e2:82:c1:7a:b0:36:50:b0:d5:fb:25:
72:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7A:66:1E:07:87:95:5D:BE:B3:6E:77:0D:D3:89:6F:07:13:1A:6D
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/IHpmHgeHlV2-s253DdOJbwcTGm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/24
IPv6:
2001:7fc:2::/47
Signature Algorithm: sha256WithRSAEncryption
a9:ec:8b:28:38:9b:a1:00:97:76:a1:6a:5a:8d:b3:2b:cb:d1:
fc:19:1e:84:3f:a1:fa:ef:22:a8:f4:df:cf:e4:cf:76:a6:fb:
a6:dc:73:32:22:2d:1b:a3:c5:a9:72:7e:b1:f4:fa:c8:b7:35:
cc:d2:f3:a6:a1:5f:e6:20:2c:ce:98:ea:68:95:bc:71:b0:57:
35:8c:07:6f:7c:a9:02:8b:c6:8e:21:f3:85:50:08:ff:71:bf:
3c:b5:5d:1c:c3:41:16:ef:7b:eb:dd:21:85:f8:bb:44:d1:44:
6c:be:5c:72:3f:0f:cc:96:07:72:44:0a:4e:b8:20:5d:f7:25:
74:4f:64:e0:50:1e:3c:e4:24:d9:da:f2:ff:a5:fa:dd:6e:a9:
7f:11:be:8d:83:ca:40:6d:ec:1e:ff:58:42:1e:2a:2e:53:62:
7c:76:1c:26:43:59:d9:6a:40:72:a2:c3:d7:4e:a0:03:85:10:
1b:dc:fb:67:9b:11:80:9d:09:e2:e2:79:db:8e:8b:74:74:2a:
c3:8c:56:c5:29:db:61:13:e2:f7:00:6b:77:09:e6:81:f0:bf:
8d:7a:13:4a:19:f9:e1:4d:f7:2a:d4:0a:fc:74:57:4f:86:39:
00:db:fa:cb:08:6f:75:c3:8e:83:17:28:8c:61:03:60:38:5b:
da:17:0c:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECYJDZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDcw
MzEyNTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA3YTY2MWUwNzg3
OTU1ZGJlYjM2ZTc3MGRkMzg5NmYwNzEzMWE2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6iVgi1dT6pjaDQx/ckGDe7/69mP9xeEjdZM0xtVCmr9vAx
NuOcxfZW15kRT7sa2EdwvPhohCMN1nOpjSeyXAWpYXFdHAtf17HL/fKwv86M4f3C
7pUfZjBNXCFpHYwXSo+NmwKX2P00vM2llqPkgyWJas7oqixP38sR40ly7Sav/7iN
SOskvSGE7jcqodfF0eXyBY9CA859pAgJ9suuIBCLXWZAqAvfdmdnAmczv/GtS1qN
z/I/mY1K6/+vQOrVMe/az1RS1EpD45okN7++LQHZkCDExLIiEoq5S3FfH4/wHou5
8MO/pd4dotwHbhbztCY9XeKCwXqwNlCw1fslcuUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQgemYeB4eVXb6zbncN04lvBxMabTAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L0lIcG1IZ2VIbFYyLXMyNTNEZE9KYndjVEdtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAJfYBDAPBAIAAjAJAwcBIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCp7IsoOJuhAJd2oWpajbMry9H8GR6EP6H67yKo
9N/P5M92pvum3HMyIi0bo8Wpcn6x9PrItzXM0vOmoV/mICzOmOpolbxxsFc1jAdv
fKkCi8aOIfOFUAj/cb88tV0cw0EW73vr3SGF+LtE0URsvlxyPw/MlgdyRApOuCBd
9yV0T2TgUB485CTZ2vL/pfrdbql/Eb6Ng8pAbewe/1hCHiouU2J8dhwmQ1nZakBy
osPXTqADhRAb3PtnmxGAnQni4nnbjot0dCrDjFbFKdthE+L3AGt3CeaB8L+NehNK
GfnhTfcq1Ar8dFdPhjkA2/rLCG91w46DFyiMYQNgOFvaFwy5
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:01 2025 by rpki-client