Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qszUhLrX8FyDfi5kaOABPYEiWOo.roa
File: qszUhLrX8FyDfi5kaOABPYEiWOo.roa (raw, json)
Hash identifier: h+w/TKguyCNJnRnhdHU8TabSHN7sujBPJRQRRCzqAVQ=
Subject key identifier: AA:CC:D4:84:BA:D7:F0:5C:83:7E:2E:64:68:E0:01:3D:81:22:58:EA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01962647C56BBB0B6F7AE272B73757B17388
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qszUhLrX8FyDfi5kaOABPYEiWOo.roa
Signing time: Fri 11 Apr 2025 19:15:59 +0000
ROA not before: Fri 11 Apr 2025 19:15:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393942
IP address blocks: 151.240.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:26:47:c5:6b:bb:0b:6f:7a:e2:72:b7:37:57:b1:73:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 11 19:15:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaccd484bad7f05c837e2e6468e0013d812258ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:23:2b:64:93:61:07:0c:85:54:84:80:7c:5a:
95:97:1e:13:6d:a2:1e:c9:83:7c:fd:ed:f8:da:06:
73:12:aa:e9:50:07:a1:7a:58:a9:98:af:80:82:e9:
01:3c:b5:28:73:c9:ff:69:2b:85:b4:13:22:14:a0:
0d:3b:da:98:48:40:99:31:5f:4a:5c:de:29:bd:83:
f9:20:d1:51:7f:f5:8a:38:98:88:31:fb:eb:21:d6:
84:c2:a8:5e:4b:da:8b:79:20:d4:7d:50:83:13:93:
ec:79:8f:ef:db:5d:ab:e6:c1:76:45:7e:d9:71:d9:
bf:d8:3a:c8:3f:4e:44:6b:89:9e:f6:8a:a1:77:be:
5a:de:13:a1:16:91:32:84:43:9a:bc:2a:05:32:b2:
9f:c7:4a:2e:96:a6:71:d4:ab:30:02:9a:ee:af:12:
8b:69:3d:f6:c0:0b:1a:09:57:92:a7:92:f9:13:7c:
ea:0a:dc:02:42:8d:8d:50:32:f8:2e:e0:87:93:c5:
cc:02:1c:61:89:7b:96:09:f6:78:9a:d0:b9:14:a7:
9d:89:6e:17:db:09:a1:2f:ec:ab:27:14:ad:61:ee:
ea:48:6c:e8:c5:52:83:a6:d8:a4:13:3d:37:2c:70:
7a:cc:25:3e:94:0e:e2:91:a1:f4:bb:53:df:2e:3d:
fe:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CC:D4:84:BA:D7:F0:5C:83:7E:2E:64:68:E0:01:3D:81:22:58:EA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qszUhLrX8FyDfi5kaOABPYEiWOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:f4:dc:4b:dd:1a:18:ae:d0:58:12:f1:e3:3d:fb:66:84:45:
97:dd:f1:bb:45:8a:ae:1a:5a:69:aa:84:68:05:54:c4:15:a8:
d3:5b:fa:ee:ef:74:30:5a:45:09:3e:e5:54:ca:0f:66:97:17:
bd:8a:6a:d3:38:d6:44:85:ce:90:99:23:56:a9:a0:c7:0c:a0:
6c:74:05:8b:c6:fb:d8:f7:f7:87:17:61:45:1c:6b:17:7c:b7:
a7:a1:ca:07:df:94:d0:50:0c:18:73:a3:c4:87:19:4f:d6:0c:
99:a0:26:1e:9f:f2:70:76:17:5d:0b:95:bb:62:eb:e6:64:0d:
aa:75:36:2b:88:85:3b:a0:8e:8b:bc:98:17:0d:b9:70:b0:ce:
fb:90:71:44:b6:27:a5:c1:a7:ef:f1:12:46:b6:f1:5b:c7:4c:
66:0b:95:98:40:5c:b6:9b:4c:8e:1a:d6:48:1b:eb:f6:2e:a5:
5b:8c:fe:e5:c0:b7:01:ee:ff:e6:24:e6:06:9a:21:b3:7e:ef:
99:ed:3e:05:f9:c9:af:2b:86:ab:3d:3c:31:7b:67:78:a7:54:
18:07:8f:df:05:fd:23:55:5e:79:08:d2:30:9f:ab:61:15:14:
11:47:25:55:98:d9:2d:5d:56:91:1e:5d:7e:64:32:7e:21:96:
1f:7a:b4:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYmR8VruwtveuJytzdXsXOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDExMTkxNTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNjZDQ4NGJhZDdmMDVjODM3ZTJlNjQ2OGUwMDEzZDgxMjI1OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iMrZJNhBwyFVISAfFqVlx4TbaIe
yYN8/e342gZzEqrpUAehelipmK+AgukBPLUoc8n/aSuFtBMiFKANO9qYSECZMV9K
XN4pvYP5INFRf/WKOJiIMfvrIdaEwqheS9qLeSDUfVCDE5PseY/v212r5sF2RX7Z
cdm/2DrIP05Ea4me9oqhd75a3hOhFpEyhEOavCoFMrKfx0oulqZx1KswAprurxKL
aT32wAsaCVeSp5L5E3zqCtwCQo2NUDL4LuCHk8XMAhxhiXuWCfZ4mtC5FKediW4X
2wmhL+yrJxStYe7qSGzoxVKDptikEz03LHB6zCU+lA7ikaH0u1PfLj3+dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrM1IS61/Bcg34uZGjgAT2BIljqMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcXN6VWhMclg4RnlEZmk1a2FPQUJQWUVpV09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/D/MA0G
CSqGSIb3DQEBCwUAA4IBAQCl9NxL3RoYrtBYEvHjPftmhEWX3fG7RYquGlppqoRo
BVTEFajTW/ru73QwWkUJPuVUyg9mlxe9imrTONZEhc6QmSNWqaDHDKBsdAWLxvvY
9/eHF2FFHGsXfLenocoH35TQUAwYc6PEhxlP1gyZoCYen/JwdhddC5W7YuvmZA2q
dTYriIU7oI6LvJgXDblwsM77kHFEtielwafv8RJGtvFbx0xmC5WYQFy2m0yOGtZI
G+v2LqVbjP7lwLcB7v/mJOYGmiGzfu+Z7T4F+cmvK4arPTwxe2d4p1QYB4/fBf0j
VV55CNIwn6thFRQRRyVVmNktXVaRHl1+ZDJ+IZYferRg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net