Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/leQX7MTTNCcwwRlk5GrnV6QHByo.roa
File: leQX7MTTNCcwwRlk5GrnV6QHByo.roa (raw, json)
Hash identifier: wvDWAkjEaXNZoWRBbZ4c0JTlvo1BtLH5Z/mnwlr+NT8=
Subject key identifier: 95:E4:17:EC:C4:D3:34:27:30:C1:19:64:E4:6A:E7:57:A4:07:07:2A
Certificate issuer: /CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Certificate serial: 019421B22633DA9F97B3E5FF177A3BACD03D
Authority key identifier: 04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/leQX7MTTNCcwwRlk5GrnV6QHByo.roa
Signing time: Wed 01 Jan 2025 11:48:30 +0000
ROA not before: Wed 01 Jan 2025 11:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4255
IP address blocks: 151.88.22.0/24 maxlen: 24
151.88.40.0/24 maxlen: 24
151.88.41.0/24 maxlen: 24
151.88.109.0/24 maxlen: 24
151.88.176.0/24 maxlen: 24
151.92.2.0/24 maxlen: 24
151.92.12.0/24 maxlen: 24
151.92.83.0/24 maxlen: 24
151.92.154.0/24 maxlen: 24
151.92.155.0/24 maxlen: 24
151.92.158.0/24 maxlen: 24
151.92.166.0/24 maxlen: 24
151.92.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:26:33:da:9f:97:b3:e5:ff:17:7a:3b:ac:d0:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Validity
Not Before: Jan 1 11:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e417ecc4d3342730c11964e46ae757a407072a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:73:62:bf:60:63:cc:4e:04:be:9e:21:27:
d7:af:35:26:62:12:bf:9d:3e:fc:c1:96:03:dc:f2:
c1:49:dc:0f:7f:30:35:e7:22:c0:bc:6f:eb:05:6e:
cf:f0:b8:a7:0a:05:cd:07:03:3f:73:f4:1f:3e:2e:
33:fa:7c:b2:38:4a:c9:c1:47:42:0a:f4:53:1d:d6:
63:60:c3:bd:d2:32:a7:e3:6d:2b:c7:58:2f:ff:30:
57:0e:76:ab:90:98:44:21:83:88:06:0e:3d:81:cf:
9a:da:d5:9c:24:30:be:1a:9b:f3:79:70:e6:77:c9:
81:34:48:d8:ac:b1:e3:b7:34:ca:0c:b8:a6:b4:51:
e5:c1:40:5a:0f:33:dd:76:70:3b:10:2d:bf:9e:de:
c3:da:50:0e:df:59:97:47:48:1c:d3:db:48:38:d8:
43:a4:75:16:76:60:3a:da:eb:9d:c4:23:30:56:2f:
00:6a:dc:6d:b2:2b:f6:6f:60:7a:86:d0:cf:03:ec:
76:c2:bb:99:c1:ae:96:95:32:d5:09:cc:f2:8b:5d:
b9:87:f4:8a:f3:e1:c9:98:55:9a:be:c4:f5:b1:c6:
b0:d6:83:f0:ea:65:83:ee:be:02:bc:55:c9:7b:42:
fd:17:ff:7d:d5:3a:31:cf:48:24:53:d6:b4:98:f5:
5d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E4:17:EC:C4:D3:34:27:30:C1:19:64:E4:6A:E7:57:A4:07:07:2A
X509v3 Authority Key Identifier:
keyid:04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/leQX7MTTNCcwwRlk5GrnV6QHByo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.88.22.0/24
151.88.40.0/23
151.88.109.0/24
151.88.176.0/24
151.92.2.0/24
151.92.12.0/24
151.92.83.0/24
151.92.154.0/23
151.92.158.0/24
151.92.166.0/24
151.92.198.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:6e:30:c9:3d:33:6b:47:8b:6b:f1:1c:79:58:e5:88:54:29:
de:1a:01:43:0e:54:b2:bf:41:5f:27:8f:b7:ce:09:66:07:7c:
a5:c6:24:ba:2d:85:ca:6f:6a:f0:b2:c9:77:55:dc:85:c8:f1:
4d:f8:5c:15:c7:b5:1b:14:6b:44:5a:88:09:13:e4:b4:58:6d:
71:14:08:68:ef:df:eb:38:c9:5d:68:6f:86:26:48:1b:cb:52:
2b:0f:f5:8d:dd:f0:fd:1b:7e:1a:fa:30:3b:18:1d:5e:de:9a:
df:68:ec:db:87:d4:86:48:e5:8e:e3:68:a1:07:16:dc:21:a2:
ca:e7:9d:ab:af:d8:d1:b8:3b:b9:c4:64:73:e0:c1:46:72:92:
68:cd:c4:19:a7:17:b9:80:08:fe:03:54:0f:14:83:37:6a:4e:
e6:bb:ff:87:b5:0d:b1:be:d4:81:b6:63:5e:34:b1:02:23:43:
0d:17:dd:da:a3:3d:f5:46:16:9b:12:82:76:3e:9e:96:e5:32:
34:29:8c:ee:ff:e1:90:49:79:d8:bb:fb:41:7b:10:a1:a4:17:
49:88:17:97:53:bd:c7:0a:d2:1b:95:27:0c:ac:34:cd:48:d0:
e8:23:3a:25:31:c5:b8:6b:78:5c:a2:e7:97:90:e3:c2:4a:80:
aa:d4:60:4d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQhsiYz2p+Xs+X/F3o7rNA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YWFmZjg3ZjZkYzBkMzY5OWJjMjkzN2EzNGRjNzE3Zjk0
ZjAwN2UwHhcNMjUwMTAxMTE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWU0MTdlY2M0ZDMzNDI3MzBjMTE5NjRlNDZhZTc1N2E0MDcwNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBpzYr9gY8xOBL6eISfXrzUmYhK/
nT78wZYD3PLBSdwPfzA15yLAvG/rBW7P8LinCgXNBwM/c/QfPi4z+nyyOErJwUdC
CvRTHdZjYMO90jKn420rx1gv/zBXDnarkJhEIYOIBg49gc+a2tWcJDC+GpvzeXDm
d8mBNEjYrLHjtzTKDLimtFHlwUBaDzPddnA7EC2/nt7D2lAO31mXR0gc09tIONhD
pHUWdmA62uudxCMwVi8Aatxtsiv2b2B6htDPA+x2wruZwa6WlTLVCczyi125h/SK
8+HJmFWavsT1scaw1oPw6mWD7r4CvFXJe0L9F/991Toxz0gkU9a0mPVdUQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJXkF+zE0zQnMMEZZORq51ekBwcqMB8GA1UdIwQY
MBaAFASq/4f23A02mbwpN6NNxxf5TwB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2Mt
ZTNlMGMyZGJmMDY3LzEvbGVRWDdNVFROQ2N3d1JsazVHcm5WNlFIQnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2MtZTNlMGMyZGJmMDY3
LzEvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAl1gWAwQB
l1goAwQAl1htAwQAl1iwAwQAl1wCAwQAl1wMAwQAl1xTAwQBl1yaAwQAl1yeAwQA
l1ymAwQAl1zGMA0GCSqGSIb3DQEBCwUAA4IBAQC5bjDJPTNrR4tr8Rx5WOWIVCne
GgFDDlSyv0FfJ4+3zglmB3ylxiS6LYXKb2rwssl3VdyFyPFN+FwVx7UbFGtEWogJ
E+S0WG1xFAho79/rOMldaG+GJkgby1IrD/WN3fD9G34a+jA7GB1e3prfaOzbh9SG
SOWO42ihBxbcIaLK552rr9jRuDu5xGRz4MFGcpJozcQZpxe5gAj+A1QPFIM3ak7m
u/+HtQ2xvtSBtmNeNLECI0MNF93aoz31RhabEoJ2Pp6W5TI0KYzu/+GQSXnYu/tB
exChpBdJiBeXU73HCtIblScMrDTNSNDoIzolMcW4a3hcoueXkOPCSoCq1GBN
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:57 2025 by rpki-client on console.sobornost.net