Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/PzZlsLwvtr9Ih7Re2ZQZSgY_Tuc.roa
File: PzZlsLwvtr9Ih7Re2ZQZSgY_Tuc.roa (raw, json)
Hash identifier: HEXUREen6Td5M4okRZNhr45osAPrtJ+N5XhWTjfOPjw=
Subject key identifier: 3F:36:65:B0:BC:2F:B6:BF:48:87:B4:5E:D9:94:19:4A:06:3F:4E:E7
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 0181E042CDEABAA1DB33A627B54BD88E9DE3
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/PzZlsLwvtr9Ih7Re2ZQZSgY_Tuc.roa
Signing time: Sat 09 Jul 2022 00:01:23 +0000
ROA not before: Sat 09 Jul 2022 00:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e0:42:cd:ea:ba:a1:db:33:a6:27:b5:4b:d8:8e:9d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Jul 9 00:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f3665b0bc2fb6bf4887b45ed994194a063f4ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ce:22:58:15:39:34:31:a5:3f:27:81:cc:d0:
c9:55:84:14:3f:3a:34:19:6e:60:07:0a:42:9a:08:
c0:3f:e9:12:01:55:f3:eb:cf:cb:f0:94:66:42:a7:
f5:14:e8:bf:a2:2c:f1:e0:c7:ce:13:a6:27:65:fe:
03:7e:ae:cc:0b:31:9c:f4:26:04:20:90:07:40:fe:
d6:6c:46:aa:a2:00:60:e5:3c:65:99:f4:ac:6f:f5:
56:a6:80:8a:13:12:a4:7b:c4:34:cc:86:9d:08:86:
7a:95:87:55:3e:40:1b:63:e9:ae:08:fe:28:f6:99:
a9:1b:4d:15:d3:71:e9:d2:24:f3:e3:b5:5b:67:9d:
46:21:1a:30:66:a6:df:3d:8a:4b:b9:31:48:29:48:
83:d6:ea:5c:c2:b3:af:2b:27:c2:ec:dd:b1:40:96:
33:e7:4b:f0:66:80:ab:d9:7e:6e:38:68:4f:1f:4d:
4a:a9:ab:42:a5:69:47:85:71:42:07:6c:dc:08:b8:
b1:44:fd:e6:f2:75:16:14:0e:ce:3e:cf:e6:33:35:
7b:f5:66:85:8c:21:2d:3f:3c:b3:5b:a1:49:1f:a9:
a9:60:43:d7:d5:9c:87:67:e1:82:c4:b3:c0:73:0b:
76:53:52:28:bb:6a:9a:5a:1f:c2:ef:85:94:2c:9f:
5a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:36:65:B0:BC:2F:B6:BF:48:87:B4:5E:D9:94:19:4A:06:3F:4E:E7
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/PzZlsLwvtr9Ih7Re2ZQZSgY_Tuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/48
Signature Algorithm: sha256WithRSAEncryption
84:9d:89:ae:c7:22:b9:63:30:69:29:5e:15:82:1b:23:28:c5:
64:1c:0b:68:af:d8:d1:68:a2:d4:4c:84:93:52:cf:13:2e:ce:
62:f9:2c:6b:b2:bd:83:35:84:2d:dc:b3:bd:eb:fa:f8:91:f7:
16:98:7b:18:63:e8:bd:1d:61:d9:1d:d4:7d:12:a7:62:1a:78:
c0:ca:c7:f5:70:a5:e3:53:ca:e4:b9:bb:ac:fd:5d:bf:e2:b9:
61:5a:3f:87:4f:27:be:d8:65:f7:32:ee:d8:b0:3c:6d:59:79:
92:2f:46:94:80:8b:cd:52:ae:f8:06:72:de:70:6d:82:bc:bb:
82:d9:12:0d:1a:94:28:10:5d:94:6d:ae:0b:0f:b4:0d:94:c8:
66:b9:c8:d5:ce:de:5d:29:0f:66:5a:c2:32:71:dc:f0:c6:77:
91:1e:cd:0f:d5:96:95:c8:52:53:3a:0f:e4:62:1c:04:7a:4e:
78:31:fd:02:06:05:57:27:1f:11:01:90:a5:e6:49:ea:d0:e6:
b1:a1:0c:f7:88:8b:e0:f5:3e:27:9a:2b:d3:67:ff:eb:a6:a1:
79:25:7c:71:5d:2f:10:38:3a:e0:75:04:59:ca:58:eb:05:90:
57:b1:2a:fd:c9:8d:04:be:ae:0b:56:48:b9:ba:ed:81:d4:fe:
db:8d:d0:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYHgQs3quqHbM6YntUvYjp3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiM2RhNmU5OWM2NjY1MTNhMmNlZTVmMGUwZDNhYjc0NWYx
NjdkYzMwHhcNMjIwNzA5MDAwMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM2NjViMGJjMmZiNmJmNDg4N2I0NWVkOTk0MTk0YTA2M2Y0ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM4iWBU5NDGlPyeBzNDJVYQUPzo0
GW5gBwpCmgjAP+kSAVXz68/L8JRmQqf1FOi/oizx4MfOE6YnZf4Dfq7MCzGc9CYE
IJAHQP7WbEaqogBg5TxlmfSsb/VWpoCKExKke8Q0zIadCIZ6lYdVPkAbY+muCP4o
9pmpG00V03Hp0iTz47VbZ51GIRowZqbfPYpLuTFIKUiD1upcwrOvKyfC7N2xQJYz
50vwZoCr2X5uOGhPH01KqatCpWlHhXFCB2zcCLixRP3m8nUWFA7OPs/mMzV79WaF
jCEtPzyzW6FJH6mpYEPX1ZyHZ+GCxLPAcwt2U1Iou2qaWh/C74WULJ9apwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD82ZbC8L7a/SIe0XtmUGUoGP07nMB8GA1UdIwQY
MBaAFEs9pumcZmUTos7l8ODTq3RfFn3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3oybTZaeG1aUk9penVYdzROT3JkRjhXZmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82ZjIzMmUtMjI3NS00NGU5LTkxYzAt
YzczOTdhMjY2OWE5LzEvUHpabHNMd3Z0cjlJaDdSZTJaUVpTZ1lfVHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82ZjIzMmUtMjI3NS00NGU5LTkxYzAtYzczOTdhMjY2OWE5
LzEvU3oybTZaeG1aUk9penVYdzROT3JkRjhXZmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBl9gEMA8E
AgACMAkDBwAgAQf8AAIwDQYJKoZIhvcNAQELBQADggEBAISdia7HIrljMGkpXhWC
GyMoxWQcC2iv2NFootRMhJNSzxMuzmL5LGuyvYM1hC3cs73r+viR9xaYexhj6L0d
Ydkd1H0Sp2IaeMDKx/VwpeNTyuS5u6z9Xb/iuWFaP4dPJ77YZfcy7tiwPG1ZeZIv
RpSAi81SrvgGct5wbYK8u4LZEg0alCgQXZRtrgsPtA2UyGa5yNXO3l0pD2ZawjJx
3PDGd5EezQ/VlpXIUlM6D+RiHAR6Tngx/QIGBVcnHxEBkKXmSerQ5rGhDPeIi+D1
PieaK9Nn/+umoXklfHFdLxA4OuB1BFnKWOsFkFexKv3JjQS+rgtWSLm67YHU/tuN
0Hg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:24 2025 by rpki-client