Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/MYcbaL2k-JefjhOUzeJ9PPFI5z0.roa
File: MYcbaL2k-JefjhOUzeJ9PPFI5z0.roa (raw, json)
Hash identifier: UxrOFxVoVwPkhFLV2dn27cmZDOn5YI8p3uuaidV2DQk=
Subject key identifier: 31:87:1B:68:BD:A4:F8:97:9F:8E:13:94:CD:E2:7D:3C:F1:48:E7:3D
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0193833BBB40D9BAFC1384B331342A78C308
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/MYcbaL2k-JefjhOUzeJ9PPFI5z0.roa
Signing time: Sun 01 Dec 2024 17:19:10 +0000
ROA not before: Sun 01 Dec 2024 17:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215287
IP address blocks: 185.21.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:83:3b:bb:40:d9:ba:fc:13:84:b3:31:34:2a:78:c3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 1 17:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31871b68bda4f8979f8e1394cde27d3cf148e73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:17:0e:c1:08:79:cf:ca:9a:eb:3e:f9:d0:
ae:64:f2:f8:5a:49:25:1a:9c:f0:a6:da:a3:94:7f:
58:b9:1a:89:a4:13:9e:14:d6:aa:f3:d4:a2:e7:a4:
0e:d2:72:55:48:07:40:e6:9a:32:24:be:09:11:7c:
95:a1:f0:62:76:5d:41:05:74:3f:44:11:c1:4b:76:
d4:8d:86:58:06:ea:e5:d0:6c:18:53:71:40:5d:04:
77:b6:b3:85:13:a9:88:59:4f:58:5f:1e:1c:71:58:
b9:4b:3f:92:3b:01:db:53:f2:6d:47:7d:db:fe:40:
5c:17:a8:34:87:97:f5:56:30:08:48:c4:ed:4c:e1:
3c:78:77:f2:f2:4e:86:31:24:31:35:0c:cd:a0:b2:
0e:24:95:e2:58:3d:1d:f7:81:72:47:c0:50:de:21:
d9:b6:83:ea:f5:c8:68:cf:40:60:5e:3b:3e:7a:f0:
37:51:11:0f:66:de:a1:a7:67:2d:1a:6a:7c:2a:1e:
ec:be:40:b0:59:51:f0:fc:3f:3d:b2:45:dd:60:6e:
0d:81:23:75:cd:9c:96:18:02:78:8a:30:1c:55:3c:
6c:04:38:4c:14:7c:fd:97:2a:45:ba:97:d5:e2:01:
b1:5a:60:c1:af:0e:29:8e:25:a0:69:5a:dc:30:ae:
e2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:87:1B:68:BD:A4:F8:97:9F:8E:13:94:CD:E2:7D:3C:F1:48:E7:3D
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/MYcbaL2k-JefjhOUzeJ9PPFI5z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:2c:61:ec:e4:56:7d:6e:34:2a:23:01:45:39:81:8e:82:f7:
47:24:c9:a1:10:21:eb:b7:3f:21:c8:82:17:99:9a:26:43:3a:
52:1d:49:45:1a:79:43:4b:86:13:ac:f3:1e:47:75:e2:ed:c0:
1f:cf:7a:78:e8:85:85:4c:35:36:c0:50:18:4b:18:60:2f:02:
c6:3f:0a:92:39:9a:e6:e2:19:bb:1d:11:c1:63:a8:a3:33:04:
34:70:a1:81:37:39:64:a4:1d:59:3b:13:4d:58:22:aa:80:08:
f1:25:2f:65:e3:f6:ed:cf:46:8a:32:4a:32:5c:7e:67:43:e0:
81:69:e2:43:5e:34:cc:2f:ec:f0:f4:fb:65:12:1b:bc:52:4f:
c3:ad:20:fc:9a:c4:24:8f:a4:9f:a7:93:11:7c:28:a9:cd:21:
0c:03:41:2f:82:78:f3:0f:af:b5:2b:33:1e:f6:26:b2:78:bf:
c2:1d:cb:43:3b:28:73:bd:45:c9:dd:93:57:ee:87:38:25:38:
a8:f9:1e:26:89:ac:91:b2:e6:ed:d1:bb:51:42:67:f9:51:aa:
24:45:0a:54:1a:df:6d:d0:22:9c:0e:a4:ce:67:c7:02:02:65:
5d:97:90:66:7b:b1:04:56:f2:c0:ff:29:6a:79:57:10:36:56:
91:20:f9:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZODO7tA2br8E4SzMTQqeMMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMjAxMTcxOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg3MWI2OGJkYTRmODk3OWY4ZTEzOTRjZGUyN2QzY2YxNDhlNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCsXDsEIec/Kmus++dCuZPL4Wkkl
GpzwptqjlH9YuRqJpBOeFNaq89Si56QO0nJVSAdA5poyJL4JEXyVofBidl1BBXQ/
RBHBS3bUjYZYBurl0GwYU3FAXQR3trOFE6mIWU9YXx4ccVi5Sz+SOwHbU/JtR33b
/kBcF6g0h5f1VjAISMTtTOE8eHfy8k6GMSQxNQzNoLIOJJXiWD0d94FyR8BQ3iHZ
toPq9choz0BgXjs+evA3UREPZt6hp2ctGmp8Kh7svkCwWVHw/D89skXdYG4NgSN1
zZyWGAJ4ijAcVTxsBDhMFHz9lypFupfV4gGxWmDBrw4pjiWgaVrcMK7i9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGHG2i9pPiXn44TlM3ifTzxSOc9MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvTVljYmFMMmstSmVmamhPVXplSjlQUEZJNXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX+MA0G
CSqGSIb3DQEBCwUAA4IBAQDnLGHs5FZ9bjQqIwFFOYGOgvdHJMmhECHrtz8hyIIX
mZomQzpSHUlFGnlDS4YTrPMeR3Xi7cAfz3p46IWFTDU2wFAYSxhgLwLGPwqSOZrm
4hm7HRHBY6ijMwQ0cKGBNzlkpB1ZOxNNWCKqgAjxJS9l4/btz0aKMkoyXH5nQ+CB
aeJDXjTML+zw9PtlEhu8Uk/DrSD8msQkj6Sfp5MRfCipzSEMA0EvgnjzD6+1KzMe
9iayeL/CHctDOyhzvUXJ3ZNX7oc4JTio+R4miayRsubt0btRQmf5UaokRQpUGt9t
0CKcDqTOZ8cCAmVdl5Bme7EEVvLA/ylqeVcQNlaRIPli
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:15 2025 by rpki-client