Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/db7fxSfPWokvsgFjR8LqozSxxoI.roa
File: db7fxSfPWokvsgFjR8LqozSxxoI.roa (raw, json)
Hash identifier: RXgT32dAocul6iqlp3swvj1YXuL0zf8bKqkA+u0l2/c=
Subject key identifier: 75:BE:DF:C5:27:CF:5A:89:2F:B2:01:63:47:C2:EA:A3:34:B1:C6:82
Certificate issuer: /CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Certificate serial: 019421B227B00D6A806137B3692E702FF364
Authority key identifier: 04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/db7fxSfPWokvsgFjR8LqozSxxoI.roa
Signing time: Wed 01 Jan 2025 11:48:31 +0000
ROA not before: Wed 01 Jan 2025 11:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16236
IP address blocks: 151.88.0.0/16 maxlen: 16
151.88.22.0/24 maxlen: 24
151.88.35.0/24 maxlen: 24
151.88.40.0/24 maxlen: 24
151.88.41.0/24 maxlen: 24
151.88.48.0/24 maxlen: 24
151.88.77.0/24 maxlen: 24
151.88.109.0/24 maxlen: 24
151.88.113.0/24 maxlen: 24
151.88.176.0/24 maxlen: 24
151.92.0.0/16 maxlen: 16
151.92.2.0/24 maxlen: 24
151.92.4.0/24 maxlen: 24
151.92.12.0/24 maxlen: 24
151.92.83.0/24 maxlen: 24
151.92.91.0/24 maxlen: 24
151.92.154.0/24 maxlen: 24
151.92.155.0/24 maxlen: 24
151.92.158.0/24 maxlen: 24
151.92.166.0/24 maxlen: 24
151.92.176.0/24 maxlen: 24
151.92.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:27:b0:0d:6a:80:61:37:b3:69:2e:70:2f:f3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Validity
Not Before: Jan 1 11:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75bedfc527cf5a892fb2016347c2eaa334b1c682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cb:2c:31:83:7a:0d:b4:3e:a8:ae:66:d3:8d:
fb:43:9a:12:65:9a:9c:51:06:f8:a2:c2:df:09:a0:
f4:8e:28:ba:75:75:99:e2:ad:50:ce:81:38:96:67:
81:0f:a9:19:cf:fc:8b:5c:69:d0:0d:b3:06:39:f4:
65:c9:06:fd:cf:05:46:03:f5:b3:6f:0c:ae:7c:1b:
44:ae:e1:d3:25:43:f3:26:3f:7d:1d:86:8e:69:7b:
d9:a2:88:cc:c9:99:ea:b5:19:b7:f7:68:a7:cb:89:
e3:ad:9d:77:0f:64:78:17:17:9b:e8:26:8c:ea:cc:
df:2f:65:3e:f5:bd:4f:b4:b5:03:39:a2:94:a7:f5:
c9:72:30:e7:cf:b2:38:6f:0a:fc:40:84:eb:27:d4:
af:dc:16:47:ef:d7:ed:13:3b:78:e9:40:45:62:e6:
92:b4:05:a5:80:5f:0c:88:b3:4b:d1:37:51:90:51:
90:88:fa:e9:f7:0f:c4:d5:c6:75:af:8c:43:b0:e8:
47:37:80:f1:6d:9e:19:49:16:64:c2:11:b8:d4:71:
40:6a:ad:73:99:09:74:65:3e:0a:9f:a2:95:0b:ea:
78:4d:67:ec:6f:f5:c1:48:c9:b2:71:cd:f8:b7:4c:
3d:d4:54:15:7b:6c:c4:e9:1e:41:16:9e:b5:3a:ca:
1c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BE:DF:C5:27:CF:5A:89:2F:B2:01:63:47:C2:EA:A3:34:B1:C6:82
X509v3 Authority Key Identifier:
keyid:04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/db7fxSfPWokvsgFjR8LqozSxxoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.88.0.0/16
151.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:fb:b3:f3:e1:54:71:96:68:a0:03:59:56:90:4b:89:48:15:
b2:a6:00:09:f9:96:e3:73:0d:d5:79:3e:64:89:34:28:8c:bc:
31:32:41:5c:8e:73:9c:21:6c:b0:d3:11:04:51:e3:d2:98:9c:
3d:61:46:f9:c0:94:bb:4e:d1:f2:17:bb:6e:f8:3d:e1:d6:a5:
d0:3b:7a:02:f0:9c:cd:e9:93:4a:a7:7a:36:32:c0:63:d3:f8:
c0:5c:a8:f3:90:fe:6c:14:39:69:77:5e:df:d8:c6:b8:b2:0a:
f8:ae:be:a5:97:e9:f5:f2:79:d7:d3:e4:c4:28:b4:e1:87:93:
9b:a6:a2:5b:13:49:f4:a5:af:1a:ce:9b:ad:89:f8:a6:2d:37:
41:17:db:6b:9d:c8:5d:3d:5e:6a:d0:06:15:8b:44:a6:a9:5e:
8c:21:75:6c:a4:c1:1b:36:ea:27:34:60:a9:89:66:5a:b9:a3:
38:cf:73:33:75:5a:87:98:8f:ff:bd:9e:ee:59:35:2c:69:fd:
76:31:47:2f:ec:4b:5b:28:7f:2f:d8:bb:21:07:70:13:9c:5e:
56:6e:e9:7c:7f:f6:25:43:dd:2d:31:d3:c3:78:40:17:c1:d0:
7e:a0:70:fc:79:97:7f:79:34:58:cf:4c:bb:36:de:e8:05:c9:
62:92:ba:cb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQhsiewDWqAYTezaS5wL/NkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YWFmZjg3ZjZkYzBkMzY5OWJjMjkzN2EzNGRjNzE3Zjk0
ZjAwN2UwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJlZGZjNTI3Y2Y1YTg5MmZiMjAxNjM0N2MyZWFhMzM0YjFjNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisssMYN6DbQ+qK5m0437Q5oSZZqc
UQb4osLfCaD0jii6dXWZ4q1QzoE4lmeBD6kZz/yLXGnQDbMGOfRlyQb9zwVGA/Wz
bwyufBtEruHTJUPzJj99HYaOaXvZoojMyZnqtRm392iny4njrZ13D2R4Fxeb6CaM
6szfL2U+9b1PtLUDOaKUp/XJcjDnz7I4bwr8QITrJ9Sv3BZH79ftEzt46UBFYuaS
tAWlgF8MiLNL0TdRkFGQiPrp9w/E1cZ1r4xDsOhHN4DxbZ4ZSRZkwhG41HFAaq1z
mQl0ZT4Kn6KVC+p4TWfsb/XBSMmycc34t0w91FQVe2zE6R5BFp61OsocYwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFHW+38Unz1qJL7IBY0fC6qM0scaCMB8GA1UdIwQY
MBaAFASq/4f23A02mbwpN6NNxxf5TwB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2Mt
ZTNlMGMyZGJmMDY3LzEvZGI3ZnhTZlBXb2t2c2dGalI4THFvelN4eG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2MtZTNlMGMyZGJmMDY3
LzEvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAl1gDAwCX
XDANBgkqhkiG9w0BAQsFAAOCAQEAHvuz8+FUcZZooANZVpBLiUgVsqYACfmW43MN
1Xk+ZIk0KIy8MTJBXI5znCFssNMRBFHj0picPWFG+cCUu07R8he7bvg94dal0Dt6
AvCczemTSqd6NjLAY9P4wFyo85D+bBQ5aXde39jGuLIK+K6+pZfp9fJ519PkxCi0
4YeTm6aiWxNJ9KWvGs6brYn4pi03QRfba53IXT1eatAGFYtEpqlejCF1bKTBGzbq
JzRgqYlmWrmjOM9zM3Vah5iP/72e7lk1LGn9djFHL+xLWyh/L9i7IQdwE5xeVm7p
fH/2JUPdLTHTw3hAF8HQfqBw/HmXf3k0WM9Muzbe6AXJYpK6yw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:47:28 2025 by rpki-client