Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/MROw4gFzcWIJiW-57fk1zpXQhBk.roa
File: MROw4gFzcWIJiW-57fk1zpXQhBk.roa (raw, json)
Hash identifier: hWAGq+JyynXafr3/kTLPO6K2XTKtATKTBF5Bwv0mE6A=
Subject key identifier: 31:13:B0:E2:01:73:71:62:09:89:6F:B9:ED:F9:35:CE:95:D0:84:19
Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa
Certificate serial: 019421B20B9CA3E97AD72B8E48996DBF3C27
Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/MROw4gFzcWIJiW-57fk1zpXQhBk.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 378
IP address blocks: 132.70.0.0/15 maxlen: 15
132.70.0.0/16 maxlen: 16
132.71.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0b:9c:a3:e9:7a:d7:2b:8e:48:99:6d:bf:3c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3113b0e20173716209896fb9edf935ce95d08419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:34:44:02:65:0d:7c:1e:27:af:6b:24:5c:
bd:4e:c8:8e:29:ea:97:f5:67:04:5c:5c:83:99:43:
f3:a0:27:75:5a:0a:4c:b3:d3:e1:bd:b4:57:ce:2d:
00:04:88:11:4d:9a:82:9e:fa:97:05:55:17:9d:6b:
c8:26:20:bf:64:ea:2d:3b:c8:19:65:20:53:39:d4:
09:fe:0d:3c:99:34:d1:a5:58:92:28:d2:c2:d6:2b:
29:32:f5:e0:a2:c9:e1:da:59:a2:8f:9d:cd:cf:b5:
76:91:68:e4:9f:c8:de:71:6a:e5:6a:2a:31:ba:73:
6e:bc:c5:fa:42:07:46:3b:ce:70:7f:12:e3:ed:14:
6c:31:10:3c:49:8e:18:94:02:7d:ed:87:27:60:7a:
30:a5:9f:d4:db:2e:39:53:d1:17:25:8f:d9:75:b9:
e2:5a:96:f1:eb:37:73:d0:64:ac:cc:f2:73:a7:e5:
95:ff:ea:f8:66:d5:5a:37:83:fc:76:06:20:6e:be:
10:30:27:fd:2c:16:b9:94:82:e8:32:56:f6:43:18:
9d:17:5c:e5:40:7d:f3:b0:5d:29:42:67:ba:9f:66:
be:2d:e2:57:4a:34:da:c9:16:c2:1e:b2:c7:c9:a9:
1e:f4:ee:1a:56:f3:ab:b5:90:52:3e:26:cb:a0:dd:
9d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:13:B0:E2:01:73:71:62:09:89:6F:B9:ED:F9:35:CE:95:D0:84:19
X509v3 Authority Key Identifier:
keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/MROw4gFzcWIJiW-57fk1zpXQhBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3d:c5:6d:be:4a:e3:67:63:ab:f1:5d:c6:ab:8f:fb:d6:f0:23:
3b:36:c9:aa:b4:83:14:65:df:90:fc:e1:03:f1:ae:63:8e:c7:
2f:c9:cd:07:18:44:6e:01:71:f7:48:2f:e7:b1:8b:5c:0e:b6:
73:bb:08:fa:7d:bb:b6:45:81:58:81:ca:35:8a:e4:32:41:ec:
41:f1:49:8e:00:50:9a:8a:ed:a3:d2:ea:51:90:af:cd:5e:04:
05:97:6e:32:aa:b4:6e:1c:78:6e:70:d5:90:38:ab:b5:09:6a:
8c:1a:d4:6c:71:7e:19:d6:05:f4:04:ad:bd:b6:56:5c:5a:09:
35:0d:fa:b0:65:61:a2:7e:e3:b2:2d:70:fd:a9:be:03:f9:dc:
c2:4d:05:55:53:07:fe:82:d7:e6:97:c2:5c:91:c4:35:09:d7:
80:ce:11:91:0a:09:11:98:85:3f:d6:1e:42:41:a1:25:73:76:
69:6b:31:9c:80:70:bb:f1:7c:b2:6a:bf:15:84:12:cc:b4:d5:
7f:15:46:b1:88:34:fc:97:f6:cc:76:b2:17:63:a1:fa:49:37:
19:8c:b1:4f:03:73:df:bd:36:32:04:ee:c9:85:5a:c3:d1:91:
ec:ef:2d:1e:46:9b:3a:9b:cf:e2:22:15:e2:14:80:b3:53:51:
19:91:b6:ac
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQhsguco+l61yuOSJltvzwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk
YmI0ZmEwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTEzYjBlMjAxNzM3MTYyMDk4OTZmYjllZGY5MzVjZTk1ZDA4NDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPk0RAJlDXweJ69rJFy9TsiOKeqX
9WcEXFyDmUPzoCd1WgpMs9PhvbRXzi0ABIgRTZqCnvqXBVUXnWvIJiC/ZOotO8gZ
ZSBTOdQJ/g08mTTRpViSKNLC1ispMvXgosnh2lmij53Nz7V2kWjkn8jecWrlaiox
unNuvMX6QgdGO85wfxLj7RRsMRA8SY4YlAJ97YcnYHowpZ/U2y45U9EXJY/Zdbni
Wpbx6zdz0GSszPJzp+WV/+r4ZtVaN4P8dgYgbr4QMCf9LBa5lILoMlb2QxidF1zl
QH3zsF0pQme6n2a+LeJXSjTayRbCHrLHyake9O4aVvOrtZBSPibLoN2d/QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDETsOIBc3FiCYlvue35Nc6V0IQZMB8GA1UdIwQY
MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt
ZjlhYzE1ZTY2Mzg2LzEvTVJPdzRnRnpjV0lKaVctNTdmazF6cFhRaEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2
LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ
KoZIhvcNAQELBQADggEBAD3Fbb5K42djq/FdxquP+9bwIzs2yaq0gxRl35D84QPx
rmOOxy/JzQcYRG4BcfdIL+exi1wOtnO7CPp9u7ZFgViByjWK5DJB7EHxSY4AUJqK
7aPS6lGQr81eBAWXbjKqtG4ceG5w1ZA4q7UJaowa1GxxfhnWBfQErb22VlxaCTUN
+rBlYaJ+47ItcP2pvgP53MJNBVVTB/6C1+aXwlyRxDUJ14DOEZEKCRGYhT/WHkJB
oSVzdmlrMZyAcLvxfLJqvxWEEsy01X8VRrGINPyX9sx2shdjofpJNxmMsU8Dc9+9
NjIE7smFWsPRkezvLR5Gmzqbz+IiFeIUgLNTURmRtqw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:18:36 2025 by rpki-client