Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/mPgJTgoVl21WJBAVCL8pfeL_CJQ.roa
File: mPgJTgoVl21WJBAVCL8pfeL_CJQ.roa (raw, json)
Hash identifier: J2j85/1krlbl5Sv293Sc7e4uqVo05Sx/gfgxGm5v+8Y=
Subject key identifier: 98:F8:09:4E:0A:15:97:6D:56:24:10:15:08:BF:29:7D:E2:FF:08:94
Certificate issuer: /CN=320444c0c2990b13749f3044662297ea824d5064
Certificate serial: 018CC64A824096EB715261EB70FDDACE6874
Authority key identifier: 32:04:44:C0:C2:99:0B:13:74:9F:30:44:66:22:97:EA:82:4D:50:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgREwMKZCxN0nzBEZiKX6oJNUGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/mPgJTgoVl21WJBAVCL8pfeL_CJQ.roa
Signing time: Mon 01 Jan 2024 18:30:20 +0000
ROA not before: Mon 01 Jan 2024 18:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197731
IP address blocks: 185.233.172.0/22 maxlen: 24
2a0c:eb00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:82:40:96:eb:71:52:61:eb:70:fd:da:ce:68:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320444c0c2990b13749f3044662297ea824d5064
Validity
Not Before: Jan 1 18:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98f8094e0a15976d5624101508bf297de2ff0894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:61:a3:2e:32:1a:d2:08:30:a9:01:7e:8b:95:
f5:a8:da:c7:5a:57:e7:c6:07:1a:a1:b4:2a:f6:fc:
44:91:30:e9:b9:fe:f0:8c:ec:fa:51:88:cf:7d:1e:
ef:c2:31:ac:56:74:49:9d:49:87:29:37:7c:73:1e:
1d:7a:7a:87:7e:01:93:ea:66:54:85:c8:00:25:03:
98:ec:5e:00:13:c5:34:e1:d5:75:0c:1a:32:52:af:
d1:e6:99:dc:a0:d1:95:7e:82:a6:88:b6:36:28:1a:
3c:19:b8:0a:83:f3:c7:70:a3:4d:46:3c:3c:0a:7a:
59:29:0e:18:ee:a4:b5:74:b9:a1:9e:59:7b:d1:0c:
0a:04:4a:08:27:9f:2a:64:02:70:1a:cf:32:5a:2f:
ce:55:55:b0:7e:b7:01:2c:67:ad:9d:61:87:1d:74:
73:48:81:3b:86:01:c7:15:6e:40:ba:7c:d3:3a:da:
65:a3:78:3c:cc:da:d7:47:d6:3c:62:0a:82:b1:c5:
eb:66:b1:b7:26:e5:c6:fe:dc:21:8e:89:11:73:55:
1a:07:a8:6c:94:1f:91:e8:a5:00:01:79:e8:3d:ca:
2c:de:98:94:79:a0:55:47:96:a2:26:05:cb:7b:b0:
33:82:db:28:c4:f5:3e:67:67:cc:24:c0:c9:68:32:
9f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F8:09:4E:0A:15:97:6D:56:24:10:15:08:BF:29:7D:E2:FF:08:94
X509v3 Authority Key Identifier:
keyid:32:04:44:C0:C2:99:0B:13:74:9F:30:44:66:22:97:EA:82:4D:50:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgREwMKZCxN0nzBEZiKX6oJNUGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/mPgJTgoVl21WJBAVCL8pfeL_CJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/855011-092c-4f7d-a0b6-94d1369025fe/1/MgREwMKZCxN0nzBEZiKX6oJNUGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.172.0/22
IPv6:
2a0c:eb00::/32
Signature Algorithm: sha256WithRSAEncryption
2a:ba:56:7e:cb:0e:b6:55:5f:52:15:80:01:74:2f:d7:a1:05:
d7:5f:e4:26:0e:41:47:71:9a:b0:f6:ae:7a:87:18:ef:6a:67:
60:59:6d:f0:03:2c:37:cd:28:fa:70:c6:b4:db:b4:8a:6f:65:
5b:c3:08:6a:fc:6c:90:c5:f9:af:61:e8:df:3d:6e:5e:07:bc:
21:ee:86:fd:dc:a6:92:6f:fe:a7:39:9a:da:59:9b:a4:37:72:
0a:d1:77:11:ef:47:a1:a6:12:db:c6:b0:8b:b0:4b:97:b3:0c:
75:8e:07:b1:f2:0d:2a:a7:0c:fa:d3:15:35:1c:66:7d:82:17:
25:3f:88:cd:4f:00:0b:e7:00:69:5a:c2:ec:d2:53:d9:2b:71:
0b:f0:87:8c:8f:f8:14:79:9b:a9:62:05:83:fb:03:63:13:0b:
da:9d:f1:1e:47:0c:30:6f:de:4d:46:e3:a0:a8:58:97:17:cf:
66:a8:6b:bb:90:c7:47:ab:d9:5f:9d:db:1e:bc:7c:39:47:b9:
80:e8:bc:4f:60:da:33:94:bb:3c:dc:8a:70:7b:de:9b:88:75:
63:80:6d:5d:66:49:80:f2:35:77:f1:0e:90:7b:54:82:dc:f3:
cd:69:c9:38:b6:89:ba:a3:0b:82:cc:e4:c1:e5:62:6b:d5:a2:
e6:7c:5d:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSoJAlutxUmHrcP3azmh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDQ0NGMwYzI5OTBiMTM3NDlmMzA0NDY2MjI5N2VhODI0
ZDUwNjQwHhcNMjQwMTAxMTgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY4MDk0ZTBhMTU5NzZkNTYyNDEwMTUwOGJmMjk3ZGUyZmYwODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2GjLjIa0ggwqQF+i5X1qNrHWlfn
xgcaobQq9vxEkTDpuf7wjOz6UYjPfR7vwjGsVnRJnUmHKTd8cx4denqHfgGT6mZU
hcgAJQOY7F4AE8U04dV1DBoyUq/R5pncoNGVfoKmiLY2KBo8GbgKg/PHcKNNRjw8
CnpZKQ4Y7qS1dLmhnll70QwKBEoIJ58qZAJwGs8yWi/OVVWwfrcBLGetnWGHHXRz
SIE7hgHHFW5AunzTOtplo3g8zNrXR9Y8YgqCscXrZrG3JuXG/twhjokRc1UaB6hs
lB+R6KUAAXnoPcos3piUeaBVR5aiJgXLe7AzgtsoxPU+Z2fMJMDJaDKf2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJj4CU4KFZdtViQQFQi/KX3i/wiUMB8GA1UdIwQY
MBaAFDIERMDCmQsTdJ8wRGYil+qCTVBkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdSRXdNS1pDeE4wbnpCRVppS1g2b0pOVUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy84NTUwMTEtMDkyYy00ZjdkLWEwYjYt
OTRkMTM2OTAyNWZlLzEvbVBnSlRnb1ZsMjFXSkJBVkNMOHBmZUxfQ0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy84NTUwMTEtMDkyYy00ZjdkLWEwYjYtOTRkMTM2OTAyNWZl
LzEvTWdSRXdNS1pDeE4wbnpCRVppS1g2b0pOVUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuemsMA0E
AgACMAcDBQAqDOsAMA0GCSqGSIb3DQEBCwUAA4IBAQAqulZ+yw62VV9SFYABdC/X
oQXXX+QmDkFHcZqw9q56hxjvamdgWW3wAyw3zSj6cMa027SKb2Vbwwhq/GyQxfmv
YejfPW5eB7wh7ob93KaSb/6nOZraWZukN3IK0XcR70ehphLbxrCLsEuXswx1jgex
8g0qpwz60xU1HGZ9ghclP4jNTwAL5wBpWsLs0lPZK3EL8IeMj/gUeZupYgWD+wNj
EwvanfEeRwwwb95NRuOgqFiXF89mqGu7kMdHq9lfndsevHw5R7mA6LxPYNozlLs8
3Ipwe96biHVjgG1dZkmA8jV38Q6Qe1SC3PPNack4tom6owuCzOTB5WJr1aLmfF3P
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:43:40 2025 by rpki-client