Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/kBhKr9G3I7CXoiQlbRg0Q5jEfpY.roa
File: kBhKr9G3I7CXoiQlbRg0Q5jEfpY.roa (raw, json)
Hash identifier: uJPM60mG8PIQWrAOhkIQmttq9CNnLmxGzYz9G0zB7ps=
Subject key identifier: 90:18:4A:AF:D1:B7:23:B0:97:A2:24:25:6D:18:34:43:98:C4:7E:96
Certificate issuer: /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial: 0817DBEF
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/kBhKr9G3I7CXoiQlbRg0Q5jEfpY.roa
Signing time: Mon 06 Jun 2022 05:25:20 +0000
ROA not before: Mon 06 Jun 2022 05:25:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3970
IP address blocks: 151.216.4.0/24 maxlen: 24
151.216.5.0/24 maxlen: 24
2001:7fc:2::/48 maxlen: 48
2001:7fc:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135781359 (0x817dbef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Validity
Not Before: Jun 6 05:25:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90184aafd1b723b097a224256d18344398c47e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1a:48:85:09:16:e5:d1:4b:e5:fe:34:66:0c:
8b:5c:9c:33:33:11:c5:63:96:eb:51:40:e2:22:aa:
33:56:15:44:e1:26:91:d4:37:df:c4:8c:70:62:3b:
98:7a:ed:1a:65:76:91:3a:24:b4:8e:14:32:5a:af:
56:26:ef:46:4e:5b:12:ee:b6:85:91:66:4e:13:f2:
10:52:a5:66:03:d7:c2:72:de:36:5d:8a:55:3d:da:
86:b0:bf:b1:10:fc:4d:8c:23:db:1e:17:d6:3b:58:
c5:86:86:0c:47:97:46:b2:e7:8c:3d:a4:4e:ec:5e:
76:5c:98:30:c2:f4:16:21:07:29:15:a1:f3:f8:78:
56:ea:07:7a:89:cb:aa:a2:f7:d0:11:e9:6a:e4:27:
c9:d6:2d:78:9c:9e:81:98:14:7b:5e:be:3e:0f:2e:
f3:da:df:b7:f5:80:7c:22:50:10:68:75:b6:79:23:
a4:da:e2:ba:0b:f9:2e:1b:ea:23:77:12:27:a9:31:
ad:52:9f:32:0d:a8:5b:8c:ab:26:1a:0d:14:df:f9:
e0:4e:dd:b2:c3:c0:5f:83:63:bf:42:ea:39:ce:94:
57:a7:29:8f:d8:e0:0e:c1:5e:59:31:d2:88:17:78:
fd:61:2f:47:59:3b:82:e3:97:f5:17:6d:24:a0:68:
26:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:18:4A:AF:D1:B7:23:B0:97:A2:24:25:6D:18:34:43:98:C4:7E:96
X509v3 Authority Key Identifier:
keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/kBhKr9G3I7CXoiQlbRg0Q5jEfpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.4.0/23
IPv6:
2001:7fc:2::/47
Signature Algorithm: sha256WithRSAEncryption
aa:2d:6e:41:c6:ea:fb:19:dd:90:31:8c:d2:bd:9a:28:d3:13:
80:53:5b:44:31:b5:27:0b:bf:9b:c1:80:55:43:48:dd:f8:ab:
40:1a:8f:8e:97:db:8c:eb:92:52:e5:ad:59:8f:62:1a:ac:91:
51:e3:9a:7d:61:57:e8:f6:fa:a1:8a:5b:7b:19:4e:14:00:3c:
25:ed:b6:f6:a2:ec:bf:6b:21:c1:4b:44:9d:a1:ff:ca:4e:b9:
ce:b5:6d:23:0c:18:6d:4e:04:a6:d3:31:4c:a8:8e:96:0e:da:
bd:c4:22:0c:71:8b:73:38:e0:46:6e:cc:a5:47:fe:4f:4b:b3:
9e:15:dc:5f:47:ea:5f:97:0b:70:e1:4f:b1:ab:c4:90:b7:ca:
cd:26:03:fb:0b:75:e5:d6:f5:21:74:f2:f9:bc:e0:64:88:09:
ff:35:29:26:c3:80:17:0a:bc:99:5d:5a:87:28:d8:e2:6d:02:
de:b3:b1:75:bd:2a:1a:94:07:07:23:35:7d:e1:c7:00:b1:95:
7d:a1:1b:6e:89:a6:bb:0f:97:95:7c:ce:c1:a1:3a:1f:6f:5b:
f2:cd:02:6b:7e:3a:21:cc:40:bd:a4:ab:94:b1:19:0e:56:96:
0b:21:57:1f:5c:3e:a9:d9:ae:9d:b6:57:4c:c1:e4:16:fd:c6:
d9:fb:70:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECBfb7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDYw
NjA1MjUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAxODRhYWZkMWI3
MjNiMDk3YTIyNDI1NmQxODM0NDM5OGM0N2U5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsaSIUJFuXRS+X+NGYMi1ycMzMRxWOW61FA4iKqM1YVROEm
kdQ338SMcGI7mHrtGmV2kToktI4UMlqvVibvRk5bEu62hZFmThPyEFKlZgPXwnLe
Nl2KVT3ahrC/sRD8TYwj2x4X1jtYxYaGDEeXRrLnjD2kTuxedlyYMML0FiEHKRWh
8/h4VuoHeonLqqL30BHpauQnydYteJyegZgUe16+Pg8u89rft/WAfCJQEGh1tnkj
pNriugv5LhvqI3cSJ6kxrVKfMg2oW4yrJhoNFN/54E7dssPAX4Njv0LqOc6UV6cp
j9jgDsFeWTHSiBd4/WEvR1k7guOX9RdtJKBoJtkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSQGEqv0bcjsJeiJCVtGDRDmMR+ljAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L2tCaEtyOUczSTdDWG9pUWxiUmcwUTVqRWZwWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAZfYBDAPBAIAAjAJAwcBIAEH/AAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCqLW5Bxur7Gd2QMYzSvZoo0xOAU1tEMbUnC7+b
wYBVQ0jd+KtAGo+Ol9uM65JS5a1Zj2IarJFR45p9YVfo9vqhilt7GU4UADwl7bb2
ouy/ayHBS0Sdof/KTrnOtW0jDBhtTgSm0zFMqI6WDtq9xCIMcYtzOOBGbsylR/5P
S7OeFdxfR+pflwtw4U+xq8SQt8rNJgP7C3Xl1vUhdPL5vOBkiAn/NSkmw4AXCryZ
XVqHKNjibQLes7F1vSoalAcHIzV94ccAsZV9oRtuiaa7D5eVfM7BoTofb1vyzQJr
fjohzEC9pKuUsRkOVpYLIVcfXD6p2a6dtldMweQW/cbZ+3AD
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:09 2025 by rpki-client