Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/mnP6qn4_GBwg4u6pBxeQlf6iTVo.roa
File: mnP6qn4_GBwg4u6pBxeQlf6iTVo.roa (raw, json)
Hash identifier: 0XbOSZ/9PP5b8D3OCSb6PfXvqNIMPwXQe0cizFkU/dQ=
Subject key identifier: 9A:73:FA:AA:7E:3F:18:1C:20:E2:EE:A9:07:17:90:95:FE:A2:4D:5A
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 01942521423DBE9049EB2042D8DDB5F49B9E
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/mnP6qn4_GBwg4u6pBxeQlf6iTVo.roa
Signing time: Thu 02 Jan 2025 03:48:44 +0000
ROA not before: Thu 02 Jan 2025 03:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 185.83.180.0/24 maxlen: 24
185.170.236.0/22 maxlen: 24
185.170.236.0/24 maxlen: 24
185.170.237.0/24 maxlen: 24
185.170.238.0/24 maxlen: 24
185.170.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:42:3d:be:90:49:eb:20:42:d8:dd:b5:f4:9b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: Jan 2 03:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a73faaa7e3f181c20e2eea907179095fea24d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:0b:9c:cc:6f:c6:1d:1a:2b:ca:f5:99:cb:50:
a1:bb:46:30:11:f6:a0:af:8b:e4:a8:22:4e:60:2b:
56:fd:7c:10:e9:ba:2f:b6:dc:ea:2f:2b:1d:53:7b:
6e:8f:a0:d2:10:2f:a1:ae:c5:20:00:ee:1f:15:7a:
f1:ae:93:b6:26:a9:bd:51:b1:c7:7b:6b:d5:db:1b:
0f:1d:98:a6:9f:80:9f:8f:bb:5f:be:ed:61:38:51:
1e:5d:21:eb:58:68:32:7f:ec:d4:5c:47:b1:42:9b:
5b:5a:eb:c0:88:a9:8a:35:13:e2:6a:49:5c:d1:df:
bb:12:76:90:3b:0b:ba:e6:df:92:ea:e5:73:6a:d5:
ef:3e:fa:27:d5:0e:f9:42:de:55:d9:bb:56:ed:14:
42:66:e9:37:be:5a:3f:15:2f:3e:02:f0:12:16:af:
f4:c4:56:e8:33:00:42:2f:04:2b:e3:b7:2d:1e:95:
0f:a7:06:83:e5:45:ce:8e:6a:98:d0:c4:4e:9e:67:
26:45:d7:70:40:8e:cf:ca:ea:7a:89:b6:a4:18:0d:
8d:b2:ac:19:f4:df:5e:98:35:ad:a1:49:ef:92:a2:
e2:69:56:3b:8e:69:59:89:a1:90:a5:35:23:83:68:
6a:93:74:cb:7e:fb:45:d6:b1:bc:4c:83:ae:4c:3d:
e9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:73:FA:AA:7E:3F:18:1C:20:E2:EE:A9:07:17:90:95:FE:A2:4D:5A
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/mnP6qn4_GBwg4u6pBxeQlf6iTVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.180.0/24
185.170.236.0/22
Signature Algorithm: sha256WithRSAEncryption
75:a3:a6:f8:da:bc:07:f7:85:6f:10:1c:c5:b9:60:d2:71:7a:
30:e8:fc:47:8c:79:d2:d1:eb:33:6e:73:95:7e:0c:e9:5a:84:
ed:59:f7:42:71:29:7d:c9:3e:99:55:3c:f3:d6:4c:32:48:21:
f6:80:9f:d2:6c:e0:9a:ea:10:46:8d:29:ed:4a:5e:65:77:a1:
2a:e0:f4:ee:ca:b4:9e:8e:9b:14:fc:91:a4:0a:f4:0b:01:6a:
ec:e8:66:c8:47:25:3f:3a:7c:8a:93:fb:97:ab:70:00:26:9f:
25:dc:7c:c0:54:5d:c4:6c:56:ee:23:be:92:9d:25:74:40:92:
fe:75:45:c7:fb:aa:3d:99:3d:10:86:3c:90:4f:f0:19:2d:9c:
2c:3d:c2:23:a9:7a:51:d6:5c:d0:cc:4b:0b:9d:53:ff:9f:e6:
1c:68:3d:39:b0:37:8c:39:2f:49:5b:38:c0:1e:e0:5c:76:ab:
d8:3e:b6:0a:d1:46:ca:c4:ae:14:e6:be:3d:a0:58:8e:a4:4b:
3e:48:27:75:f5:b9:23:ae:73:f3:d2:fc:48:fd:00:4d:3c:71:
f9:82:8d:60:d7:2f:eb:56:ad:36:77:b2:71:4b:ab:ed:43:02:
14:59:90:d9:58:47:27:09:41:ef:7d:3c:18:4d:cb:82:3e:12:
aa:91:be:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIUI9vpBJ6yBC2N219JueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjUwMTAyMDM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTczZmFhYTdlM2YxODFjMjBlMmVlYTkwNzE3OTA5NWZlYTI0ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QuczG/GHRoryvWZy1Chu0YwEfag
r4vkqCJOYCtW/XwQ6bovttzqLysdU3tuj6DSEC+hrsUgAO4fFXrxrpO2Jqm9UbHH
e2vV2xsPHZimn4Cfj7tfvu1hOFEeXSHrWGgyf+zUXEexQptbWuvAiKmKNRPiaklc
0d+7EnaQOwu65t+S6uVzatXvPvon1Q75Qt5V2btW7RRCZuk3vlo/FS8+AvASFq/0
xFboMwBCLwQr47ctHpUPpwaD5UXOjmqY0MROnmcmRddwQI7Pyup6ibakGA2NsqwZ
9N9emDWtoUnvkqLiaVY7jmlZiaGQpTUjg2hqk3TLfvtF1rG8TIOuTD3p1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJpz+qp+PxgcIOLuqQcXkJX+ok1aMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvbW5QNnFuNF9HQndnNHU2cEJ4ZVFsZjZpVFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVO0AwQC
uarsMA0GCSqGSIb3DQEBCwUAA4IBAQB1o6b42rwH94VvEBzFuWDScXow6PxHjHnS
0eszbnOVfgzpWoTtWfdCcSl9yT6ZVTzz1kwySCH2gJ/SbOCa6hBGjSntSl5ld6Eq
4PTuyrSejpsU/JGkCvQLAWrs6GbIRyU/OnyKk/uXq3AAJp8l3HzAVF3EbFbuI76S
nSV0QJL+dUXH+6o9mT0QhjyQT/AZLZwsPcIjqXpR1lzQzEsLnVP/n+YcaD05sDeM
OS9JWzjAHuBcdqvYPrYK0UbKxK4U5r49oFiOpEs+SCd19bkjrnPz0vxI/QBNPHH5
go1g1y/rVq02d7JxS6vtQwIUWZDZWEcnCUHvfTwYTcuCPhKqkb5Q
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:31:31 2025 by rpki-client