Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MKyYjoFXgzQBFLxAYRnKrG_AIeY.roa
File: MKyYjoFXgzQBFLxAYRnKrG_AIeY.roa (raw, json)
Hash identifier: IrQ0aJjtslvkPhRMLBu4NV72EhLYL67avd944a8AIno=
Subject key identifier: 30:AC:98:8E:81:57:83:34:01:14:BC:40:61:19:CA:AC:6F:C0:21:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824641E7D5FBAF32367DDCF566841D5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MKyYjoFXgzQBFLxAYRnKrG_AIeY.roa
Signing time: Thu 02 Jan 2025 17:51:01 +0000
ROA not before: Thu 02 Jan 2025 17:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20665
IP address blocks: 217.145.80.0/20 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:64:1e:7d:5f:ba:f3:23:67:dd:cf:56:68:41:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30ac988e815783340114bc406119caac6fc021e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ef:34:6c:ee:bf:b7:ce:e3:be:66:7b:4d:f5:
41:46:54:a6:27:88:9f:66:fd:91:f0:f5:d7:29:3f:
05:97:74:24:d6:59:b1:c6:10:83:e6:bd:18:3c:f7:
f3:23:50:28:63:e9:34:18:a1:1a:76:77:ca:38:72:
e5:51:4c:3b:5b:40:dd:5e:6a:5c:17:b9:7f:00:ec:
95:6f:da:43:38:36:dc:a9:eb:e0:e6:b3:46:40:ad:
eb:34:a7:9d:e2:53:76:7b:96:b3:50:15:46:61:a5:
a0:35:f6:47:92:00:38:82:66:e6:df:ca:92:dd:20:
11:8f:a4:ef:73:18:59:2f:0e:7f:02:69:50:a6:e3:
ad:3b:c9:55:25:f7:d5:7f:d7:af:8d:ad:86:41:a1:
e4:09:5a:3b:4e:b6:03:96:3a:8e:fa:e9:45:c1:5e:
33:8c:96:db:74:d1:13:55:ef:d0:3f:bc:89:92:e4:
62:30:b7:13:fd:e2:e2:cd:27:92:8c:7a:33:ff:f3:
0c:54:81:18:80:7d:48:f8:1e:c9:b1:9f:5f:2c:a4:
85:4c:17:f5:f4:4a:2c:5f:cc:ba:5e:f6:15:9c:d2:
69:c2:16:31:e5:9b:80:42:fc:37:24:92:d0:37:c4:
25:e0:82:dc:b5:46:dc:bc:55:ad:37:11:e8:ea:4e:
d3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AC:98:8E:81:57:83:34:01:14:BC:40:61:19:CA:AC:6F:C0:21:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MKyYjoFXgzQBFLxAYRnKrG_AIeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.80.0/20
Signature Algorithm: sha256WithRSAEncryption
12:2e:1f:37:65:6e:86:23:49:2c:39:0e:db:aa:2a:96:75:4d:
4d:ad:e9:71:75:92:66:3c:b7:0a:96:8b:a4:98:77:37:3b:37:
cb:93:7f:71:3b:bf:e4:57:fb:3c:38:b3:0a:ea:45:e3:9c:7b:
8b:d4:76:51:1f:2a:16:37:7e:21:44:d8:42:c6:17:33:d8:9a:
83:62:9a:2d:56:9f:29:e0:61:10:c7:5a:ad:10:5d:20:71:61:
29:86:70:f5:f5:c7:04:3d:65:b4:bf:34:b2:97:63:e4:9f:5b:
d5:c1:a9:61:fa:e1:36:3e:9a:bf:a3:3d:7e:ef:f3:ca:2b:02:
d1:af:45:9e:93:8d:57:66:a9:f1:2b:12:c9:62:e5:75:b5:ae:
36:02:bc:cf:78:d3:22:6e:c0:1d:2d:14:c8:bc:c0:53:d9:b3:
87:bb:e8:e4:dd:13:3b:58:36:b0:10:14:11:f6:fb:ae:50:6c:
f0:7d:28:45:22:5f:76:c6:41:f0:34:93:d0:1f:c5:de:c2:21:
4a:40:20:55:fb:52:35:71:d3:22:4d:2e:60:9f:e1:7d:13:6e:
a5:30:77:74:c7:44:ef:68:9c:cc:18:c6:62:db:c6:67:43:2e:
31:a7:6c:dc:3d:09:aa:82:e3:70:e6:b8:01:ae:8f:1a:63:dc:
0e:4d:d3:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJGQefV+68yNn3c9WaEHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFjOTg4ZTgxNTc4MzM0MDExNGJjNDA2MTE5Y2FhYzZmYzAyMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu80bO6/t87jvmZ7TfVBRlSmJ4if
Zv2R8PXXKT8Fl3Qk1lmxxhCD5r0YPPfzI1AoY+k0GKEadnfKOHLlUUw7W0DdXmpc
F7l/AOyVb9pDODbcqevg5rNGQK3rNKed4lN2e5azUBVGYaWgNfZHkgA4gmbm38qS
3SARj6TvcxhZLw5/AmlQpuOtO8lVJffVf9evja2GQaHkCVo7TrYDljqO+ulFwV4z
jJbbdNETVe/QP7yJkuRiMLcT/eLizSeSjHoz//MMVIEYgH1I+B7JsZ9fLKSFTBf1
9EosX8y6XvYVnNJpwhYx5ZuAQvw3JJLQN8Ql4ILctUbcvFWtNxHo6k7TDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCsmI6BV4M0ARS8QGEZyqxvwCHmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTUt5WWpvRlhnelFCRkx4QVlSbktyR19BSWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZFQMA0G
CSqGSIb3DQEBCwUAA4IBAQASLh83ZW6GI0ksOQ7bqiqWdU1NrelxdZJmPLcKlouk
mHc3OzfLk39xO7/kV/s8OLMK6kXjnHuL1HZRHyoWN34hRNhCxhcz2JqDYpotVp8p
4GEQx1qtEF0gcWEphnD19ccEPWW0vzSyl2Pkn1vVwalh+uE2Ppq/oz1+7/PKKwLR
r0Wek41XZqnxKxLJYuV1ta42ArzPeNMibsAdLRTIvMBT2bOHu+jk3RM7WDawEBQR
9vuuUGzwfShFIl92xkHwNJPQH8XewiFKQCBV+1I1cdMiTS5gn+F9E26lMHd0x0Tv
aJzMGMZi28ZnQy4xp2zcPQmqguNw5rgBro8aY9wOTdOo
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:10 2025 by rpki-client