Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/eb3e00-e2aa-447f-91f3-8a545cb35a9a/1/MtCu6sFrD1432kk0IRfc5KNTGfc.roa
File: MtCu6sFrD1432kk0IRfc5KNTGfc.roa (raw, json)
Hash identifier: mq6V3hOgU2VesW7dh8aKsr7RVyaB9UHKkJnet/uS01g=
Subject key identifier: 32:D0:AE:EA:C1:6B:0F:5E:37:DA:49:34:21:17:DC:E4:A3:53:19:F7
Certificate issuer: /CN=4f9004b3bf8a1e17bd6066e051896d3bebd66973
Certificate serial: 01957F86DF10702A4CF879E910303D7BA6D9
Authority key identifier: 4F:90:04:B3:BF:8A:1E:17:BD:60:66:E0:51:89:6D:3B:EB:D6:69:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5AEs7-KHhe9YGbgUYltO-vWaXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/eb3e00-e2aa-447f-91f3-8a545cb35a9a/1/MtCu6sFrD1432kk0IRfc5KNTGfc.roa
Signing time: Mon 10 Mar 2025 10:08:20 +0000
ROA not before: Mon 10 Mar 2025 10:08:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201864
IP address blocks: 146.19.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:86:df:10:70:2a:4c:f8:79:e9:10:30:3d:7b:a6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9004b3bf8a1e17bd6066e051896d3bebd66973
Validity
Not Before: Mar 10 10:08:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32d0aeeac16b0f5e37da49342117dce4a35319f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f7:17:7d:14:a0:65:34:d3:9c:e6:68:5b:3a:
c7:ff:6e:4b:48:44:bf:40:ac:6e:32:f7:fc:f4:44:
7d:b0:08:c3:63:65:e4:58:a8:9b:fa:e1:48:ff:d2:
43:10:9e:da:3c:d5:7a:f9:cf:43:f4:5f:ae:d1:fa:
61:d1:8d:68:20:4c:09:cf:64:f1:2a:44:8e:1b:90:
d6:6c:b6:8f:b6:33:dd:0a:c2:4b:e6:11:e8:29:86:
b1:01:65:25:eb:8e:db:91:0e:39:e2:ae:aa:13:d9:
57:49:d0:b3:2c:ac:7f:59:e3:8a:ef:25:3f:31:77:
ce:c2:98:23:d2:f4:ca:5b:f4:f6:1d:8a:31:8f:46:
e8:f7:04:d3:d0:4d:6e:be:76:c0:b6:08:f8:10:d7:
a6:54:b0:cc:f6:eb:99:2c:68:83:8a:64:6c:c9:6d:
29:64:2d:d5:a8:f8:e6:d1:81:9f:d7:3e:fa:98:02:
fd:ba:f3:2d:8e:fa:0b:45:ed:63:2e:c6:b9:30:b7:
f2:ca:6e:5e:16:16:91:5f:42:62:b3:21:82:65:4e:
60:cc:ba:ce:7b:a7:d5:08:82:89:2e:0e:b8:13:05:
79:1e:32:12:64:ae:48:8f:2d:f4:60:d0:85:3f:96:
b5:08:7f:aa:c7:90:0b:95:52:51:3d:c1:4e:22:a9:
82:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D0:AE:EA:C1:6B:0F:5E:37:DA:49:34:21:17:DC:E4:A3:53:19:F7
X509v3 Authority Key Identifier:
keyid:4F:90:04:B3:BF:8A:1E:17:BD:60:66:E0:51:89:6D:3B:EB:D6:69:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5AEs7-KHhe9YGbgUYltO-vWaXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/eb3e00-e2aa-447f-91f3-8a545cb35a9a/1/MtCu6sFrD1432kk0IRfc5KNTGfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/eb3e00-e2aa-447f-91f3-8a545cb35a9a/1/T5AEs7-KHhe9YGbgUYltO-vWaXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.138.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:9b:95:d2:55:3c:a3:9b:4f:72:ac:55:a2:59:fe:c0:5e:61:
6a:fc:71:0e:66:c4:55:e9:b4:f8:35:14:d6:2a:13:26:af:af:
d6:65:84:ad:00:22:54:66:36:f7:e3:cd:6b:0d:51:50:11:45:
d0:e2:6d:e4:9d:06:91:7e:71:8d:3c:31:1c:1f:b6:4b:3b:11:
6d:8c:be:e2:d5:b9:dc:0a:12:42:f4:98:db:eb:4f:86:1f:3a:
67:b4:78:df:90:84:b8:11:2a:ca:b3:ec:08:f4:0a:3f:05:af:
49:90:f7:74:29:a7:da:f8:fb:75:75:34:a6:9a:7c:c6:d5:bf:
4c:e8:06:32:73:f0:9f:43:36:f7:85:61:f3:b9:e1:3f:f5:2c:
00:9c:a6:bc:38:24:35:59:8d:79:5e:94:fd:8e:ea:44:13:fb:
39:45:83:45:75:4e:01:4f:29:70:e5:c4:9a:7a:8b:b0:9e:f3:
c6:19:0e:82:16:81:97:37:de:39:ee:2b:9c:ef:9a:7f:88:a9:
10:f7:ea:b7:33:b2:d4:f0:82:62:b1:3d:3c:ba:51:0a:df:2e:
47:e7:4d:ab:29:31:80:be:0f:8b:c2:ef:c2:d3:c5:81:d3:4f:
d8:80:cc:cf:69:3e:82:3d:74:2c:96:2b:63:61:02:0f:e8:91:
f6:10:7d:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV/ht8QcCpM+HnpEDA9e6bZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTAwNGIzYmY4YTFlMTdiZDYwNjZlMDUxODk2ZDNiZWJk
NjY5NzMwHhcNMjUwMzEwMTAwODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQwYWVlYWMxNmIwZjVlMzdkYTQ5MzQyMTE3ZGNlNGEzNTMxOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/cXfRSgZTTTnOZoWzrH/25LSES/
QKxuMvf89ER9sAjDY2XkWKib+uFI/9JDEJ7aPNV6+c9D9F+u0fph0Y1oIEwJz2Tx
KkSOG5DWbLaPtjPdCsJL5hHoKYaxAWUl647bkQ454q6qE9lXSdCzLKx/WeOK7yU/
MXfOwpgj0vTKW/T2HYoxj0bo9wTT0E1uvnbAtgj4ENemVLDM9uuZLGiDimRsyW0p
ZC3VqPjm0YGf1z76mAL9uvMtjvoLRe1jLsa5MLfyym5eFhaRX0JisyGCZU5gzLrO
e6fVCIKJLg64EwV5HjISZK5Ijy30YNCFP5a1CH+qx5ALlVJRPcFOIqmCxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLQrurBaw9eN9pJNCEX3OSjUxn3MB8GA1UdIwQY
MBaAFE+QBLO/ih4XvWBm4FGJbTvr1mlzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVBRXM3LUtIaGU5WUdiZ1VZbHRPLXZXYVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lYjNlMDAtZTJhYS00NDdmLTkxZjMt
OGE1NDVjYjM1YTlhLzEvTXRDdTZzRnJEMTQzMmtrMElSZmM1S05UR2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lYjNlMDAtZTJhYS00NDdmLTkxZjMtOGE1NDVjYjM1YTlh
LzEvVDVBRXM3LUtIaGU5WUdiZ1VZbHRPLXZXYVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOKMA0G
CSqGSIb3DQEBCwUAA4IBAQCLm5XSVTyjm09yrFWiWf7AXmFq/HEOZsRV6bT4NRTW
KhMmr6/WZYStACJUZjb3481rDVFQEUXQ4m3knQaRfnGNPDEcH7ZLOxFtjL7i1bnc
ChJC9Jjb60+GHzpntHjfkIS4ESrKs+wI9Ao/Ba9JkPd0Kafa+Pt1dTSmmnzG1b9M
6AYyc/CfQzb3hWHzueE/9SwAnKa8OCQ1WY15XpT9jupEE/s5RYNFdU4BTylw5cSa
eouwnvPGGQ6CFoGXN9457iuc75p/iKkQ9+q3M7LU8IJisT08ulEK3y5H502rKTGA
vg+Lwu/C08WB00/YgMzPaT6CPXQslitjYQIP6JH2EH0U
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:13:41 2025 by rpki-client