Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/MHydlao-1yBTTsCdp3bBe4bDnkc.roa
File: MHydlao-1yBTTsCdp3bBe4bDnkc.roa (raw, json)
Hash identifier: OnwOrVTgc/R+eeJsST7imMdVV9F4opbfB++sLNDhiX8=
Subject key identifier: 30:7C:9D:95:AA:3E:D7:20:53:4E:C0:9D:A7:76:C1:7B:86:C3:9E:47
Certificate issuer: /CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Certificate serial: 0194228E435664E48582E0E43C65E86CB943
Authority key identifier: 8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/MHydlao-1yBTTsCdp3bBe4bDnkc.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 91.208.28.0/24 maxlen: 24
193.105.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:43:56:64:e4:85:82:e0:e4:3c:65:e8:6c:b9:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=307c9d95aa3ed720534ec09da776c17b86c39e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:13:6a:25:62:04:d4:fc:d8:51:b4:c4:97:53:
fc:6a:99:2e:ea:52:f5:85:98:de:28:ae:67:b0:6a:
b2:98:45:59:da:1e:e4:26:5e:5d:63:ab:9c:76:fc:
29:78:60:86:fc:73:4c:17:97:2d:fd:87:64:5c:7d:
ee:98:3f:d7:69:75:14:5a:d2:fe:9b:0b:e3:ee:93:
e3:95:e2:1e:5d:88:5f:67:bd:48:ef:80:69:44:07:
db:b0:68:cb:47:0a:17:b4:1e:69:37:08:85:27:d6:
f6:75:a0:8a:a4:fc:51:98:d9:a2:8d:00:58:cf:e2:
3c:56:c1:f6:ff:1a:f2:c3:22:e7:4f:94:3b:13:58:
e5:57:da:f1:41:a1:db:cd:d7:51:76:79:6f:86:1a:
2e:08:5f:65:e0:dc:6f:1a:89:ff:ac:a8:1a:67:8f:
34:48:4b:9a:b0:b6:61:ab:cc:38:86:db:6d:03:88:
39:1b:8a:6a:db:a3:f9:f3:63:1c:57:af:c8:a2:42:
55:c8:ed:0a:66:22:17:bc:b6:4e:3d:c2:4a:77:53:
31:bd:d5:ed:dd:ef:ee:2a:01:3c:a0:4b:95:02:88:
89:62:da:78:6c:65:2e:5d:ee:99:9e:d1:64:72:ac:
ee:69:01:07:65:08:15:50:61:b8:cc:be:99:af:d6:
45:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7C:9D:95:AA:3E:D7:20:53:4E:C0:9D:A7:76:C1:7B:86:C3:9E:47
X509v3 Authority Key Identifier:
keyid:8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/MHydlao-1yBTTsCdp3bBe4bDnkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/irPpZch0fi-l3dEoV2c_BgQu-kM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.28.0/24
193.105.47.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:66:3b:33:8f:7c:63:5f:cd:f1:0b:d8:4b:9c:3e:df:76:d0:
55:2e:0e:e5:34:c9:82:d4:f8:67:3a:ec:af:3f:b5:46:be:d2:
5c:ed:44:bc:68:b3:fd:e4:d4:74:e8:65:57:91:a4:ec:4b:07:
4b:cb:5f:c8:e2:9a:7e:eb:2e:0b:0d:34:ea:e8:6d:90:f4:d8:
f6:67:76:4c:b9:6c:b1:e1:a2:1a:73:cf:3c:78:3c:e4:ca:18:
7a:00:e4:d5:51:a9:04:11:f6:d6:8b:f8:80:db:8a:04:3f:f8:
32:0c:d9:37:1b:e0:eb:fd:27:9e:f6:b7:a6:48:2e:11:e4:b1:
30:bc:a2:dc:fe:4d:a7:4e:f9:db:65:07:34:25:68:36:c2:cd:
39:f0:9a:c5:de:ee:4a:66:2a:55:76:b5:79:4c:f4:b6:e6:e6:
65:1f:50:d2:49:74:15:b0:67:1d:0e:c2:6e:63:27:4e:8e:ed:
c4:77:b6:cd:ba:2a:23:8a:9a:c6:ce:ee:b5:24:aa:fe:21:6a:
c9:f5:4e:f4:11:7d:27:19:9c:4e:a9:8d:ad:73:d6:39:38:65:
d7:a6:b2:7f:52:3f:ab:7c:d3:33:7a:51:dc:11:bb:cc:2c:ed:
b0:4f:47:6c:34:d5:4b:7e:55:44:47:59:70:2b:81:f7:b3:a4:
b5:c5:6f:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijkNWZOSFguDkPGXobLlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjNlOTY1Yzg3NDdlMmZhNWRkZDEyODU3NjczZjA2MDQy
ZWZhNDMwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdjOWQ5NWFhM2VkNzIwNTM0ZWMwOWRhNzc2YzE3Yjg2YzM5ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxNqJWIE1PzYUbTEl1P8apku6lL1
hZjeKK5nsGqymEVZ2h7kJl5dY6ucdvwpeGCG/HNMF5ct/YdkXH3umD/XaXUUWtL+
mwvj7pPjleIeXYhfZ71I74BpRAfbsGjLRwoXtB5pNwiFJ9b2daCKpPxRmNmijQBY
z+I8VsH2/xrywyLnT5Q7E1jlV9rxQaHbzddRdnlvhhouCF9l4NxvGon/rKgaZ480
SEuasLZhq8w4htttA4g5G4pq26P582McV6/IokJVyO0KZiIXvLZOPcJKd1MxvdXt
3e/uKgE8oEuVAoiJYtp4bGUuXe6ZntFkcqzuaQEHZQgVUGG4zL6Zr9ZFbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDB8nZWqPtcgU07Anad2wXuGw55HMB8GA1UdIwQY
MBaAFIqz6WXIdH4vpd3RKFdnPwYELvpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzIt
MDQ0MjdhOTlmMWM1LzEvTUh5ZGxhby0xeUJUVHNDZHAzYkJlNGJEbmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzItMDQ0MjdhOTlmMWM1
LzEvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9AcAwQA
wWkvMA0GCSqGSIb3DQEBCwUAA4IBAQBtZjszj3xjX83xC9hLnD7fdtBVLg7lNMmC
1PhnOuyvP7VGvtJc7US8aLP95NR06GVXkaTsSwdLy1/I4pp+6y4LDTTq6G2Q9Nj2
Z3ZMuWyx4aIac888eDzkyhh6AOTVUakEEfbWi/iA24oEP/gyDNk3G+Dr/See9rem
SC4R5LEwvKLc/k2nTvnbZQc0JWg2ws058JrF3u5KZipVdrV5TPS25uZlH1DSSXQV
sGcdDsJuYydOju3Ed7bNuiojiprGzu61JKr+IWrJ9U70EX0nGZxOqY2tc9Y5OGXX
prJ/Uj+rfNMzelHcEbvMLO2wT0dsNNVLflVER1lwK4H3s6S1xW8Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:10:03 2025 by rpki-client