Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/KXrXfFkizd8o41A2Qv1xETRwjBs.roa
File: KXrXfFkizd8o41A2Qv1xETRwjBs.roa (raw, json)
Hash identifier: vJKV2DfdF3JFCXiL0Dvu4d8pu2PHIP0levQnwOzfXQ0=
Subject key identifier: 29:7A:D7:7C:59:22:CD:DF:28:E3:50:36:42:FD:71:11:34:70:8C:1B
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 0407F8C4
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/KXrXfFkizd8o41A2Qv1xETRwjBs.roa
Signing time: Thu 10 Feb 2022 01:29:41 +0000
ROA not before: Thu 10 Feb 2022 01:29:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67631300 (0x407f8c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Feb 10 01:29:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=297ad77c5922cddf28e3503642fd711134708c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:7d:d9:37:1d:a6:63:f8:e6:98:c1:b3:29:a8:
6d:44:41:3e:d3:5c:8b:f6:95:42:d4:c4:79:94:cf:
7b:46:2c:ee:d4:91:a1:c0:81:19:c9:82:6e:55:b2:
ce:e9:e5:47:be:34:a3:02:47:ef:2f:f5:32:0c:d6:
88:7b:a0:df:51:d1:07:68:4a:a1:9a:5f:37:d7:29:
52:27:4b:16:13:a3:aa:49:13:a7:e7:1e:9b:ff:46:
f0:f7:27:a7:97:c5:ee:ff:eb:92:ed:6f:d9:25:f0:
3d:a2:2c:3a:e0:59:76:ff:da:a1:ab:ef:a9:bf:7a:
e6:80:6c:23:31:40:b7:68:a6:36:bc:4b:cc:5d:51:
34:8b:5d:86:70:10:d8:98:90:1a:a6:b8:00:39:21:
6d:35:a1:d6:0b:3a:01:9d:f5:ae:14:b3:f1:60:95:
7c:eb:7a:61:21:96:9c:09:20:49:17:cf:df:6c:11:
ab:fd:fe:6d:95:b0:c9:0d:87:ca:fb:37:6d:94:54:
00:30:3b:2c:d4:4a:25:2a:6f:db:2c:03:42:45:34:
78:69:6d:d1:4e:94:7f:c6:c9:24:c7:f3:7b:57:7b:
d6:bb:09:0f:44:1a:9d:45:a2:39:18:70:75:d0:db:
32:8d:38:ba:20:39:09:d1:a3:6a:bd:9f:fe:02:3b:
bd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7A:D7:7C:59:22:CD:DF:28:E3:50:36:42:FD:71:11:34:70:8C:1B
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/KXrXfFkizd8o41A2Qv1xETRwjBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/48
Signature Algorithm: sha256WithRSAEncryption
94:17:6c:13:7c:53:50:00:a5:06:84:52:89:82:4f:08:d3:22:
52:f7:71:92:b8:dc:0a:bc:e7:ed:b8:cf:a8:0e:d4:50:7d:c6:
06:d6:a4:39:c4:4a:de:2b:bc:b6:90:51:f5:8b:18:11:b9:d3:
40:6b:97:68:89:5c:cf:7b:4b:e7:c8:f8:7b:95:de:3d:f9:4c:
b0:bf:70:73:b7:12:73:e1:d2:99:c0:5d:ca:b8:64:24:1e:0c:
52:58:db:f9:6f:a5:b2:c6:5a:17:1a:bf:5f:15:2c:c5:5a:ec:
65:c4:7d:96:48:b9:e2:e2:e7:29:88:10:08:1d:18:c7:2e:76:
69:fe:b1:53:39:b6:7c:e1:70:18:5c:57:2f:5a:4c:7f:4d:f1:
76:74:51:0c:1d:e3:a8:33:74:1d:bd:f9:5d:f7:5e:5d:d7:80:
f1:de:91:8c:2f:56:ff:04:49:66:d1:9b:14:25:57:59:28:13:
e0:69:74:cf:7a:a0:e2:0f:54:14:81:05:33:61:aa:e3:88:8a:
f6:45:62:4f:a0:22:62:3b:77:14:8a:f4:1b:f7:c3:f1:83:de:
8c:bb:99:4c:14:d9:0b:bf:e2:71:b2:f7:76:84:6e:40:bc:78:
e4:00:b4:f4:e0:0d:78:b6:6e:68:5e:ed:4f:e3:d3:f9:2d:59:
d7:2b:00:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBAf4xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDIx
MDAxMjk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk3YWQ3N2M1OTIy
Y2RkZjI4ZTM1MDM2NDJmZDcxMTEzNDcwOGMxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOp92TcdpmP45pjBsymobURBPtNci/aVQtTEeZTPe0Ys7tSR
ocCBGcmCblWyzunlR740owJH7y/1MgzWiHug31HRB2hKoZpfN9cpUidLFhOjqkkT
p+cem/9G8Pcnp5fF7v/rku1v2SXwPaIsOuBZdv/aoavvqb965oBsIzFAt2imNrxL
zF1RNItdhnAQ2JiQGqa4ADkhbTWh1gs6AZ31rhSz8WCVfOt6YSGWnAkgSRfP32wR
q/3+bZWwyQ2Hyvs3bZRUADA7LNRKJSpv2ywDQkU0eGlt0U6Uf8bJJMfze1d71rsJ
D0QanUWiORhwddDbMo04uiA5CdGjar2f/gI7va0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQpetd8WSLN3yjjUDZC/XERNHCMGzAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L0tYclhmRmtpemQ4bzQxQTJRdjF4RVRSd2pCcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAZfYBDAPBAIAAjAJAwcAIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCUF2wTfFNQAKUGhFKJgk8I0yJS93GSuNwKvOft
uM+oDtRQfcYG1qQ5xEreK7y2kFH1ixgRudNAa5doiVzPe0vnyPh7ld49+Uywv3Bz
txJz4dKZwF3KuGQkHgxSWNv5b6WyxloXGr9fFSzFWuxlxH2WSLni4ucpiBAIHRjH
LnZp/rFTObZ84XAYXFcvWkx/TfF2dFEMHeOoM3Qdvfld915d14Dx3pGML1b/BElm
0ZsUJVdZKBPgaXTPeqDiD1QUgQUzYarjiIr2RWJPoCJiO3cUivQb98Pxg96Mu5lM
FNkLv+Jxsvd2hG5AvHjkALT04A14tm5oXu1P49P5LVnXKwAl
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:58:58 2025 by rpki-client