Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/MSXSTFKnAwZwbqobS5_FZAQrg-M.roa
File: MSXSTFKnAwZwbqobS5_FZAQrg-M.roa (raw, json)
Hash identifier: D45Ar0ZBYy4iC6UD1t5qGymD/cKcsHTZdI0FaRgD4/k=
Subject key identifier: 31:25:D2:4C:52:A7:03:06:70:6E:AA:1B:4B:9F:C5:64:04:2B:83:E3
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01942369F9FA347F127424DC50F25580DB09
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/MSXSTFKnAwZwbqobS5_FZAQrg-M.roa
Signing time: Wed 01 Jan 2025 19:48:55 +0000
ROA not before: Wed 01 Jan 2025 19:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 77.221.150.0/24 maxlen: 24
109.120.128.0/24 maxlen: 24
109.120.129.0/24 maxlen: 24
109.120.130.0/24 maxlen: 24
109.120.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f9:fa:34:7f:12:74:24:dc:50:f2:55:80:db:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jan 1 19:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3125d24c52a70306706eaa1b4b9fc564042b83e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:82:41:86:8c:b9:62:ea:f5:59:41:a9:aa:44:
f8:9e:0e:f4:64:bf:b6:91:fe:87:a3:38:d2:e5:cc:
73:0b:aa:9c:3d:b8:db:a3:4d:3f:25:77:66:b7:97:
cf:bc:4a:3a:ec:7d:fb:cf:6d:92:a1:97:b7:c9:c1:
96:46:77:aa:5b:69:03:71:48:8d:4c:d1:48:fc:2e:
a1:60:71:05:d6:dd:b8:44:5d:79:c5:08:dd:a9:84:
cb:39:c5:1b:74:15:97:77:95:b4:01:e0:32:20:1e:
2f:e1:71:1f:21:7e:4d:d6:71:76:f8:27:b4:9b:7f:
6e:de:d8:bf:01:63:41:58:28:b9:e3:d0:d8:06:9b:
5e:d5:d1:8a:d2:87:05:3b:88:59:b1:b0:7a:1b:31:
89:83:41:f4:45:60:c8:2f:28:66:74:b7:c4:ea:fe:
75:ed:d3:07:6c:7b:7b:97:82:06:7f:1e:be:e4:5b:
4e:80:45:79:67:83:dd:5c:45:11:5c:51:8c:42:4b:
c1:ba:e3:61:ba:f8:ac:4a:1c:5f:a1:ee:ab:b7:ca:
5d:52:d2:a4:34:64:34:cf:7d:43:46:14:55:bf:9c:
1e:f0:28:30:25:ac:65:2b:da:b4:73:2d:b6:91:72:
13:59:17:2d:bc:21:53:f2:ce:5c:5d:89:00:f5:e8:
4c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:25:D2:4C:52:A7:03:06:70:6E:AA:1B:4B:9F:C5:64:04:2B:83:E3
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/MSXSTFKnAwZwbqobS5_FZAQrg-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.150.0/24
109.120.128.0/22
Signature Algorithm: sha256WithRSAEncryption
62:ff:97:7c:82:54:97:be:11:a3:95:9f:f9:c5:6f:89:67:99:
98:bd:f1:5c:db:bc:71:4f:11:4f:7b:14:fa:a8:b0:b4:28:a7:
41:0c:a9:4d:05:b6:ca:9c:4a:d4:2e:9b:d4:63:59:85:ce:7d:
19:55:0f:d5:39:a7:0a:c8:f0:b9:df:c9:ad:64:7a:b9:1f:25:
32:66:d9:0a:44:23:43:ee:89:6e:3e:58:a4:5a:5b:9b:dd:67:
ef:fa:cc:79:4e:66:1e:a8:f4:30:f8:6f:ec:c6:9c:88:f4:92:
a8:14:31:9a:8a:7e:9c:82:c0:87:a9:0a:dc:97:1f:74:33:a6:
9b:72:18:f1:9d:6a:c9:27:1b:da:5f:1f:c0:cc:65:d9:fa:e2:
b9:5d:6d:20:75:6e:d3:71:12:38:ae:95:e9:9d:2c:b4:28:b6:
a5:3d:d1:bc:95:a7:6f:73:cb:be:db:23:51:6b:ce:2e:ea:25:
8c:eb:e6:b9:47:92:a2:bf:7f:ac:03:5c:72:3f:ee:1b:91:e3:
27:64:4c:e5:62:14:57:63:c3:2c:72:26:27:e8:1d:b7:d1:e8:
f8:1f:9a:d4:c5:54:96:6c:59:03:9f:ec:9c:08:1e:fb:7b:98:
e0:3d:24:5e:18:7d:c2:9c:82:df:11:ac:d7:e1:41:79:bd:65:
df:00:0b:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjafn6NH8SdCTcUPJVgNsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjUwMTAxMTk0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI1ZDI0YzUyYTcwMzA2NzA2ZWFhMWI0YjlmYzU2NDA0MmI4M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooJBhoy5Yur1WUGpqkT4ng70ZL+2
kf6HozjS5cxzC6qcPbjbo00/JXdmt5fPvEo67H37z22SoZe3ycGWRneqW2kDcUiN
TNFI/C6hYHEF1t24RF15xQjdqYTLOcUbdBWXd5W0AeAyIB4v4XEfIX5N1nF2+Ce0
m39u3ti/AWNBWCi549DYBpte1dGK0ocFO4hZsbB6GzGJg0H0RWDILyhmdLfE6v51
7dMHbHt7l4IGfx6+5FtOgEV5Z4PdXEURXFGMQkvBuuNhuvisShxfoe6rt8pdUtKk
NGQ0z31DRhRVv5we8CgwJaxlK9q0cy22kXITWRctvCFT8s5cXYkA9ehMQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDEl0kxSpwMGcG6qG0ufxWQEK4PjMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvTVNYU1RGS25Bd1p3YnFvYlM1X0ZaQVFyZy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATd2WAwQC
bXiAMA0GCSqGSIb3DQEBCwUAA4IBAQBi/5d8glSXvhGjlZ/5xW+JZ5mYvfFc27xx
TxFPexT6qLC0KKdBDKlNBbbKnErULpvUY1mFzn0ZVQ/VOacKyPC538mtZHq5HyUy
ZtkKRCND7oluPlikWlub3Wfv+sx5TmYeqPQw+G/sxpyI9JKoFDGain6cgsCHqQrc
lx90M6abchjxnWrJJxvaXx/AzGXZ+uK5XW0gdW7TcRI4rpXpnSy0KLalPdG8ladv
c8u+2yNRa84u6iWM6+a5R5Kiv3+sA1xyP+4bkeMnZEzlYhRXY8MsciYn6B230ej4
H5rUxVSWbFkDn+ycCB77e5jgPSReGH3CnILfEazX4UF5vWXfAAsl
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:28:53 2025 by rpki-client