Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/mRJh86hhMIuuz0F4JdkKm8gt7xY.roa
File: mRJh86hhMIuuz0F4JdkKm8gt7xY.roa (raw, json)
Hash identifier: g80dhtWCudUtbF2gKKybc+DRC8YvKy0hvPyylBby+b0=
Subject key identifier: 99:12:61:F3:A8:61:30:8B:AE:CF:41:78:25:D9:0A:9B:C8:2D:EF:16
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01956790D5DDF1423BF6C273B9C3BABC8C3A
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/mRJh86hhMIuuz0F4JdkKm8gt7xY.roa
Signing time: Wed 05 Mar 2025 18:28:20 +0000
ROA not before: Wed 05 Mar 2025 18:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 84.239.18.0/24 maxlen: 24
84.239.30.0/23 maxlen: 23
84.239.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:90:d5:dd:f1:42:3b:f6:c2:73:b9:c3:ba:bc:8c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Mar 5 18:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=991261f3a861308baecf417825d90a9bc82def16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:25:a8:88:c4:b2:9b:e7:b0:f8:c8:07:0f:0c:
09:99:2f:1f:22:2d:5a:d2:b7:2f:e3:35:53:1f:90:
2f:20:8b:37:04:c7:47:38:49:15:b6:e2:1a:c3:cb:
92:12:7b:86:73:98:00:0c:9c:33:de:4a:81:80:cd:
ad:af:ec:cd:57:52:c2:6b:88:ef:b1:88:67:52:08:
3a:5d:d2:10:c5:34:9b:27:1d:04:87:23:e0:2e:e1:
a6:33:b6:5a:66:c0:56:21:8a:60:29:63:c8:23:88:
0b:52:c9:89:cc:6d:4b:3b:61:cf:6b:74:66:d0:78:
b0:ff:38:d7:0e:11:d2:ff:70:da:f1:62:2c:14:76:
bf:a2:49:ee:a9:a0:a3:87:31:c4:23:14:e5:f4:5c:
11:04:45:e9:0f:67:3f:eb:8f:88:52:74:91:72:8e:
a6:08:f9:bd:bb:43:8d:d1:0d:79:4d:c0:d8:a2:e0:
31:71:ec:83:7e:c8:d6:c2:c2:37:a8:16:49:d9:c5:
7c:de:0d:87:98:35:1b:26:15:ee:c0:2e:84:2b:6d:
35:32:e3:40:cb:80:0f:17:a3:d0:19:9f:b8:1d:39:
9f:89:fd:06:ff:a7:5d:02:d6:76:e2:9e:2c:cd:52:
cf:3d:98:1a:46:be:e6:de:a4:16:de:0e:3b:1e:4b:
ee:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:12:61:F3:A8:61:30:8B:AE:CF:41:78:25:D9:0A:9B:C8:2D:EF:16
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/mRJh86hhMIuuz0F4JdkKm8gt7xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.18.0/24
84.239.30.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:7a:e2:22:7e:8e:b8:5d:3f:cd:16:fa:10:2b:15:ac:6e:d0:
9d:96:4b:8f:04:b4:3a:00:71:4a:60:72:47:46:20:d0:0b:15:
cc:d4:08:50:59:35:43:cf:ac:1f:6f:11:9e:6b:0f:fe:8e:f4:
60:61:0f:56:6c:f4:1b:fd:7e:ab:e6:46:9c:17:fd:54:37:ca:
1a:d7:71:91:7c:b7:74:0c:bf:cb:fb:40:e7:00:d6:b8:39:bc:
70:f7:ca:de:6a:04:6b:19:10:2e:d8:ed:27:7c:61:eb:81:e7:
82:78:ab:e9:4d:7e:1d:9e:d2:1c:af:ed:bc:33:75:7e:81:82:
04:39:14:ec:90:e8:42:a9:3e:a2:cc:07:20:be:09:4d:6c:57:
db:e6:98:c7:ce:43:f6:44:dd:b1:30:a6:61:92:63:82:30:c1:
0c:a3:8e:4e:af:67:d0:30:d1:b7:4e:74:98:d9:af:00:d5:ea:
c7:ba:25:58:18:d3:9d:52:4d:5b:50:c5:9c:55:18:f3:2a:ad:
84:90:7e:42:9e:49:b0:d1:bd:4a:ea:36:8b:39:2c:ad:2d:52:
c9:37:ab:52:07:3b:ac:3e:45:59:3e:f6:3c:ab:1d:38:e2:d7:
a2:06:5c:74:0b:c7:12:f5:3d:de:e3:be:14:1b:f4:46:f7:5b:
fb:07:7e:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVnkNXd8UI79sJzucO6vIw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMzA1MTgyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTEyNjFmM2E4NjEzMDhiYWVjZjQxNzgyNWQ5MGE5YmM4MmRlZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSWoiMSym+ew+MgHDwwJmS8fIi1a
0rcv4zVTH5AvIIs3BMdHOEkVtuIaw8uSEnuGc5gADJwz3kqBgM2tr+zNV1LCa4jv
sYhnUgg6XdIQxTSbJx0EhyPgLuGmM7ZaZsBWIYpgKWPII4gLUsmJzG1LO2HPa3Rm
0Hiw/zjXDhHS/3Da8WIsFHa/oknuqaCjhzHEIxTl9FwRBEXpD2c/64+IUnSRco6m
CPm9u0ON0Q15TcDYouAxceyDfsjWwsI3qBZJ2cV83g2HmDUbJhXuwC6EK201MuNA
y4APF6PQGZ+4HTmfif0G/6ddAtZ24p4szVLPPZgaRr7m3qQW3g47HkvuJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJkSYfOoYTCLrs9BeCXZCpvILe8WMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvbVJKaDg2aGhNSXV1ejBGNEpka0ttOGd0N3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVO8SAwQB
VO8eMA0GCSqGSIb3DQEBCwUAA4IBAQB/euIifo64XT/NFvoQKxWsbtCdlkuPBLQ6
AHFKYHJHRiDQCxXM1AhQWTVDz6wfbxGeaw/+jvRgYQ9WbPQb/X6r5kacF/1UN8oa
13GRfLd0DL/L+0DnANa4Obxw98reagRrGRAu2O0nfGHrgeeCeKvpTX4dntIcr+28
M3V+gYIEORTskOhCqT6izAcgvglNbFfb5pjHzkP2RN2xMKZhkmOCMMEMo45Or2fQ
MNG3TnSY2a8A1erHuiVYGNOdUk1bUMWcVRjzKq2EkH5Cnkmw0b1K6jaLOSytLVLJ
N6tSBzusPkVZPvY8qx044teiBlx0C8cS9T3e474UG/RG91v7B37v
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:14:50 2025 by rpki-client