Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/1bdda9-64ec-4fb6-8b40-f4b9da480ee2/1/MstP95zOzuruszF1xnk5WwohZes.roa
File: MstP95zOzuruszF1xnk5WwohZes.roa (raw, json)
Hash identifier: Dd3ffiYJWQ1ODq8HBmZJ5uvdbho1vmy4ZZ9l1KbRzqQ=
Subject key identifier: 32:CB:4F:F7:9C:CE:CE:EA:EE:B3:31:75:C6:79:39:5B:0A:21:65:EB
Certificate issuer: /CN=378aa6ed4b6cac6b3a52961bcfa229cfda00080e
Certificate serial: 01942444A9C092A3BF04D1000E1B502A8007
Authority key identifier: 37:8A:A6:ED:4B:6C:AC:6B:3A:52:96:1B:CF:A2:29:CF:DA:00:08:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4qm7UtsrGs6UpYbz6Ipz9oACA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/1bdda9-64ec-4fb6-8b40-f4b9da480ee2/1/MstP95zOzuruszF1xnk5WwohZes.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 91.227.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a9:c0:92:a3:bf:04:d1:00:0e:1b:50:2a:80:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=378aa6ed4b6cac6b3a52961bcfa229cfda00080e
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32cb4ff79cceceeaeeb33175c679395b0a2165eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:19:58:fc:0b:06:9c:bb:c7:47:b8:13:fa:
b3:d2:4b:24:43:11:bf:c3:1b:99:67:3d:a1:93:c6:
0e:a7:d6:bf:a3:15:3a:c0:26:97:0b:f5:5c:fc:57:
9b:e6:64:53:a7:72:e7:a1:a6:8d:1a:da:79:4e:e4:
89:0c:45:5b:67:e5:18:c1:e9:11:a6:a7:2e:89:ba:
99:f9:7e:ff:ee:76:14:9f:e7:fc:e8:8a:6d:d1:8f:
cf:e6:4a:df:9b:6e:38:7b:2d:0d:c7:bc:e7:f4:2e:
a5:e2:fe:4c:f5:73:a0:25:8a:59:9b:fc:82:05:0d:
0b:72:15:f4:a2:0d:f6:05:99:3a:8f:90:63:51:25:
bd:be:f3:c6:d9:2c:89:6a:56:96:90:9b:c0:28:90:
cc:ce:c5:5f:e0:bc:35:2d:39:9c:84:ae:a4:3e:ef:
a1:29:9d:4b:23:97:e8:4a:99:26:9b:00:12:39:fd:
42:b4:86:b2:27:c8:17:d7:02:2e:75:c7:71:a3:df:
51:a5:1c:af:b4:4a:9e:37:0b:5d:5a:ce:5b:c7:f8:
27:5a:42:3c:d6:34:bc:90:aa:34:ee:0b:2b:2c:b7:
30:5b:ce:96:60:73:91:24:8c:46:88:c2:a1:e6:6c:
59:e7:18:07:2c:4e:81:5a:ef:12:cd:80:b7:00:de:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CB:4F:F7:9C:CE:CE:EA:EE:B3:31:75:C6:79:39:5B:0A:21:65:EB
X509v3 Authority Key Identifier:
keyid:37:8A:A6:ED:4B:6C:AC:6B:3A:52:96:1B:CF:A2:29:CF:DA:00:08:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4qm7UtsrGs6UpYbz6Ipz9oACA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/1bdda9-64ec-4fb6-8b40-f4b9da480ee2/1/MstP95zOzuruszF1xnk5WwohZes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/1bdda9-64ec-4fb6-8b40-f4b9da480ee2/1/N4qm7UtsrGs6UpYbz6Ipz9oACA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.75.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c5:81:4d:5c:30:da:56:2a:e7:c6:6b:80:72:95:f8:2f:52:
46:06:b1:a5:8e:05:5e:bd:1f:06:ec:89:06:ba:62:81:bd:4a:
95:0e:fd:4d:bc:dc:21:b3:d0:e9:22:f1:86:f7:24:0a:7a:57:
be:c7:d2:23:85:83:86:f2:fa:d0:24:65:9b:08:30:5f:ba:99:
8e:12:cb:78:3d:e3:da:85:da:bc:42:06:8a:52:54:cc:12:6c:
92:e8:2c:c3:8e:62:ba:8d:b4:c4:96:68:f2:19:4b:bd:fa:a8:
14:7e:6b:45:68:d8:15:72:03:c6:55:10:7a:b4:2c:4d:8e:f1:
0d:0e:63:22:92:18:4f:82:f8:f7:cd:b8:44:53:be:7b:75:bb:
e0:91:36:d1:d8:d9:e9:a2:83:d1:54:3a:95:5b:13:1b:04:82:
63:25:34:19:71:bc:eb:c1:5a:e9:a4:e8:32:cc:7b:4e:92:42:
dd:11:de:6b:14:76:0f:9f:91:84:1c:af:fb:57:96:52:d7:d1:
05:b1:40:2d:17:d6:f0:47:3d:be:4e:aa:7b:8a:d5:71:c3:a1:
e9:73:8b:98:7f:1c:17:33:18:42:84:3a:cc:71:17:cf:3e:49:
b2:b6:56:1a:e7:75:4f:00:b0:aa:54:6d:7c:df:7c:26:88:4b:
ad:95:b0:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKnAkqO/BNEADhtQKoAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OGFhNmVkNGI2Y2FjNmIzYTUyOTYxYmNmYTIyOWNmZGEw
MDA4MGUwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNiNGZmNzljY2VjZWVhZWViMzMxNzVjNjc5Mzk1YjBhMjE2NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7QZWPwLBpy7x0e4E/qz0kskQxG/
wxuZZz2hk8YOp9a/oxU6wCaXC/Vc/Feb5mRTp3LnoaaNGtp5TuSJDEVbZ+UYwekR
pqcuibqZ+X7/7nYUn+f86Ipt0Y/P5krfm244ey0Nx7zn9C6l4v5M9XOgJYpZm/yC
BQ0LchX0og32BZk6j5BjUSW9vvPG2SyJalaWkJvAKJDMzsVf4Lw1LTmchK6kPu+h
KZ1LI5foSpkmmwASOf1CtIayJ8gX1wIudcdxo99RpRyvtEqeNwtdWs5bx/gnWkI8
1jS8kKo07gsrLLcwW86WYHORJIxGiMKh5mxZ5xgHLE6BWu8SzYC3AN5AQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLLT/eczs7q7rMxdcZ5OVsKIWXrMB8GA1UdIwQY
MBaAFDeKpu1LbKxrOlKWG8+iKc/aAAgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRxbTdVdHNyR3M2VXBZYno2SXB6OW9BQ0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8xYmRkYTktNjRlYy00ZmI2LThiNDAt
ZjRiOWRhNDgwZWUyLzEvTXN0UDk1ek96dXJ1c3pGMXhuazVXd29oWmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8xYmRkYTktNjRlYy00ZmI2LThiNDAtZjRiOWRhNDgwZWUy
LzEvTjRxbTdVdHNyR3M2VXBZYno2SXB6OW9BQ0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+NLMA0G
CSqGSIb3DQEBCwUAA4IBAQB1xYFNXDDaVirnxmuAcpX4L1JGBrGljgVevR8G7IkG
umKBvUqVDv1NvNwhs9DpIvGG9yQKele+x9IjhYOG8vrQJGWbCDBfupmOEst4PePa
hdq8QgaKUlTMEmyS6CzDjmK6jbTElmjyGUu9+qgUfmtFaNgVcgPGVRB6tCxNjvEN
DmMikhhPgvj3zbhEU757dbvgkTbR2NnpooPRVDqVWxMbBIJjJTQZcbzrwVrppOgy
zHtOkkLdEd5rFHYPn5GEHK/7V5ZS19EFsUAtF9bwRz2+Tqp7itVxw6Hpc4uYfxwX
MxhChDrMcRfPPkmytlYa53VPALCqVG1833wmiEutlbC4
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:21:07 2025 by rpki-client