Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/MXX03WIjhXjl_411MUbpKMBhCLY.roa
File: MXX03WIjhXjl_411MUbpKMBhCLY.roa (raw, json)
Hash identifier: QxPTuHzNBWEzgl0p59T4oImMnfyPOK1BpGtuUkvISeI=
Subject key identifier: 31:75:F4:DD:62:23:85:78:E5:FF:8D:75:31:46:E9:28:C0:61:08:B6
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 075F495A
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/MXX03WIjhXjl_411MUbpKMBhCLY.roa
Signing time: Mon 23 May 2022 04:36:30 +0000
ROA not before: Mon 23 May 2022 04:36:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
2001:7fc:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123685210 (0x75f495a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: May 23 04:36:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3175f4dd62238578e5ff8d753146e928c06108b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:a2:76:7c:6c:d7:71:d3:dd:c2:d9:5d:95:
a6:b7:f3:67:dd:90:ad:03:c8:5a:d6:88:df:8c:25:
a0:63:a3:0f:64:cd:18:40:66:22:de:f6:56:4a:1d:
34:3d:97:2e:54:0e:ae:3b:0f:75:66:6c:3b:1f:ce:
ac:c3:1e:ba:54:b5:98:95:6e:71:79:f2:58:ef:56:
c9:63:44:7c:3d:96:a8:f0:be:a5:30:0f:6f:bd:82:
9b:57:60:8d:a9:99:47:5b:08:40:65:2c:d4:d1:55:
7e:16:c7:72:ba:22:ba:fd:ed:04:8b:97:3c:22:9d:
96:35:e8:84:fd:96:b0:cf:ca:1b:e2:49:fa:7e:9b:
90:1d:ab:dc:26:e1:c7:8e:5c:c7:47:93:bc:8e:47:
4f:66:fb:21:92:d1:aa:57:12:ca:e8:88:ae:e7:f1:
68:ba:5c:aa:a8:df:ab:da:e0:54:f5:fc:3d:8f:e3:
1b:e1:3a:e1:86:ef:4e:8b:57:4d:ec:aa:9a:49:33:
eb:79:7c:35:a4:e8:9b:67:62:23:16:46:d6:42:f5:
8b:1c:39:ff:e9:6d:ad:69:65:79:5a:0c:c9:84:fe:
dc:ba:ae:58:37:aa:96:17:1b:82:62:c4:7f:cd:02:
0e:cb:7d:49:9b:dc:04:a5:68:c1:ac:cb:1f:d1:7f:
2b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:75:F4:DD:62:23:85:78:E5:FF:8D:75:31:46:E9:28:C0:61:08:B6
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/MXX03WIjhXjl_411MUbpKMBhCLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/47
Signature Algorithm: sha256WithRSAEncryption
03:e7:ad:9a:80:48:9f:f3:53:86:15:d6:17:d4:f8:e3:2e:32:
b1:8f:17:b1:c7:b5:35:11:86:6d:af:b1:a4:1d:4c:2f:26:04:
8c:e7:a9:e4:ed:ec:de:9e:24:c7:59:3f:3a:bc:1e:58:59:ae:
6c:05:c5:85:01:77:3d:12:ff:03:7a:74:bf:fa:9e:95:be:53:
ff:6b:db:1d:cd:5f:7a:4b:b1:cd:c7:25:8f:58:e5:91:bf:6f:
4e:ef:ec:56:ec:0d:d5:fd:14:8c:45:e8:a3:7c:72:6b:9a:22:
e8:bc:82:d9:57:7d:f2:2a:67:86:72:8a:9b:8c:73:a9:95:bc:
c9:f8:9a:f9:9f:df:18:77:05:bd:e4:89:5d:47:79:70:57:37:
35:a5:5a:c3:e2:fa:34:d0:ba:89:f3:6f:0c:a6:8d:a6:b8:01:
eb:61:f8:a1:44:30:f1:83:2a:60:b7:a5:c0:b7:53:3b:09:28:
8a:4e:4d:9b:84:7d:c2:4d:61:88:11:ad:17:a3:70:f7:62:9b:
3e:d5:7a:c3:63:b6:ba:0b:c3:a6:c8:43:90:be:b3:ff:1f:47:
ef:4c:51:d8:22:75:64:14:38:e8:17:aa:ba:29:4d:ac:73:7e:
01:81:39:ce:16:70:ee:0a:b7:6e:d8:b8:7d:30:fb:48:59:e1:
24:87:c2:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEB19JWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDUy
MzA0MzYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE3NWY0ZGQ2MjIz
ODU3OGU1ZmY4ZDc1MzE0NmU5MjhjMDYxMDhiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbHonZ8bNdx093C2V2VprfzZ92QrQPIWtaI34wloGOjD2TN
GEBmIt72VkodND2XLlQOrjsPdWZsOx/OrMMeulS1mJVucXnyWO9WyWNEfD2WqPC+
pTAPb72Cm1dgjamZR1sIQGUs1NFVfhbHcroiuv3tBIuXPCKdljXohP2WsM/KG+JJ
+n6bkB2r3Cbhx45cx0eTvI5HT2b7IZLRqlcSyuiIrufxaLpcqqjfq9rgVPX8PY/j
G+E64YbvTotXTeyqmkkz63l8NaTom2diIxZG1kL1ixw5/+ltrWlleVoMyYT+3Lqu
WDeqlhcbgmLEf80CDst9SZvcBKVowazLH9F/K9ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQxdfTdYiOFeOX/jXUxRukowGEItjAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L01YWDAzV0lqaFhqbF80MTFNVWJwS01CaENMWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAZfYBDAPBAIAAjAJAwcBIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAD562agEif81OGFdYX1PjjLjKxjxexx7U1EYZt
r7GkHUwvJgSM56nk7ezeniTHWT86vB5YWa5sBcWFAXc9Ev8DenS/+p6VvlP/a9sd
zV96S7HNxyWPWOWRv29O7+xW7A3V/RSMReijfHJrmiLovILZV33yKmeGcoqbjHOp
lbzJ+Jr5n98YdwW95IldR3lwVzc1pVrD4vo00LqJ828Mpo2muAHrYfihRDDxgypg
t6XAt1M7CSiKTk2bhH3CTWGIEa0Xo3D3Yps+1XrDY7a6C8OmyEOQvrP/H0fvTFHY
InVkFDjoF6q6KU2sc34BgTnOFnDuCrdu2Lh9MPtIWeEkh8Ir
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:32 2025 by rpki-client