Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/lMG-MbpwKixzG9irxD_nVMIqhAQ.roa
File: lMG-MbpwKixzG9irxD_nVMIqhAQ.roa (raw, json)
Hash identifier: uC6Epy1/dmwLAA2Y1Uy00aYyeSC9OBBxmLjF43DAq6Q=
Subject key identifier: 94:C1:BE:31:BA:70:2A:2C:73:1B:D8:AB:C4:3F:E7:54:C2:2A:84:04
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0194266B1AB4A399A03423862536627B680B
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/lMG-MbpwKixzG9irxD_nVMIqhAQ.roa
Signing time: Thu 02 Jan 2025 09:49:00 +0000
ROA not before: Thu 02 Jan 2025 09:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 79.110.168.0/22 maxlen: 24
139.28.204.0/22 maxlen: 24
217.145.236.0/22 maxlen: 24
2a06:1e80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:1a:b4:a3:99:a0:34:23:86:25:36:62:7b:68:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 2 09:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94c1be31ba702a2c731bd8abc43fe754c22a8404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:46:e4:7b:33:91:38:44:b2:a0:05:cb:5b:f1:
5e:b8:83:a5:40:25:cf:fc:f3:7c:0b:3e:c4:d1:67:
f4:62:9d:33:e9:e7:94:72:c9:21:47:93:9c:51:fd:
28:5a:4c:cd:c7:61:45:d3:82:d8:f4:72:b6:29:11:
d0:a9:a8:c0:11:f7:92:33:86:5d:eb:14:f1:a1:51:
26:a8:8b:a7:0d:6a:dd:f6:b9:bf:8e:3c:45:43:8d:
72:89:9e:49:fb:33:93:45:8b:9d:de:62:07:f0:78:
b9:b0:9e:b2:a5:e3:9c:7a:c2:55:2c:b7:c6:c1:3b:
47:03:7f:f2:50:63:b2:3b:20:15:15:3c:f2:3d:8a:
9c:77:54:45:25:4c:e4:4f:cf:2e:96:84:70:98:25:
c9:68:fd:b7:a5:95:03:c6:3c:de:9a:50:78:23:d4:
74:bc:b1:21:69:3e:7f:69:5d:2a:16:45:55:3e:36:
28:36:63:9b:6a:df:98:1f:52:a4:7f:35:ed:eb:a7:
c6:54:71:5a:e8:90:48:9a:34:ae:84:05:f0:bb:d5:
0d:d5:d4:13:ac:f9:00:8d:4c:89:0e:6f:a7:23:4e:
9c:d4:0a:c3:23:6c:7f:da:0d:9c:c9:5e:a8:de:fe:
64:22:b1:9d:1d:3a:9f:08:e2:11:5d:52:8c:29:20:
62:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C1:BE:31:BA:70:2A:2C:73:1B:D8:AB:C4:3F:E7:54:C2:2A:84:04
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/lMG-MbpwKixzG9irxD_nVMIqhAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/22
139.28.204.0/22
217.145.236.0/22
IPv6:
2a06:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
2e:b0:09:f5:8d:4f:bb:35:62:69:67:94:9b:6c:58:7e:44:09:
e4:e0:c0:a1:2e:fb:b9:5c:c6:51:eb:22:6f:1e:30:63:b2:1e:
31:cc:46:d5:b0:f4:95:29:c0:fd:62:65:b8:68:cc:18:9c:2a:
2a:a2:59:4f:da:b1:10:cb:b3:a2:54:45:88:4f:99:97:ec:6c:
ca:bf:fe:86:2f:26:ce:ff:97:fb:ff:18:fc:13:80:df:67:2f:
98:a9:57:4c:48:b1:c3:6c:2f:10:1c:21:66:f5:63:1c:a9:85:
9c:a1:5b:7f:9c:3c:27:45:a7:0b:6b:a6:da:64:d4:27:29:1e:
84:4f:2c:78:e2:16:5f:95:e6:e3:21:43:3c:37:ef:f8:d1:98:
ec:ed:2a:1a:d2:5e:8a:86:40:96:47:75:a0:ab:ea:e4:cb:9c:
93:a4:1d:e9:52:99:7c:65:b8:80:17:36:da:e2:cf:a7:aa:5e:
66:61:ae:8f:44:98:0b:a1:d9:bf:d7:0d:bf:6d:aa:a8:80:96:
18:76:8e:05:98:fc:70:20:70:70:e9:da:09:6b:58:41:cb:9a:
0a:28:c6:b8:8d:c5:97:8c:a5:65:0c:f0:92:a7:68:c5:a9:ef:
4a:85:8b:af:61:c4:4a:36:15:33:52:0a:ff:22:aa:0b:10:b9:
3f:62:59:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQmaxq0o5mgNCOGJTZie2gLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjUwMTAyMDk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGMxYmUzMWJhNzAyYTJjNzMxYmQ4YWJjNDNmZTc1NGMyMmE4NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0bkezOROESyoAXLW/FeuIOlQCXP
/PN8Cz7E0Wf0Yp0z6eeUcskhR5OcUf0oWkzNx2FF04LY9HK2KRHQqajAEfeSM4Zd
6xTxoVEmqIunDWrd9rm/jjxFQ41yiZ5J+zOTRYud3mIH8Hi5sJ6ypeOcesJVLLfG
wTtHA3/yUGOyOyAVFTzyPYqcd1RFJUzkT88uloRwmCXJaP23pZUDxjzemlB4I9R0
vLEhaT5/aV0qFkVVPjYoNmObat+YH1KkfzXt66fGVHFa6JBImjSuhAXwu9UN1dQT
rPkAjUyJDm+nI06c1ArDI2x/2g2cyV6o3v5kIrGdHTqfCOIRXVKMKSBizwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJTBvjG6cCoscxvYq8Q/51TCKoQEMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvbE1HLU1icHdLaXh6RzlpcnhEX25WTUlxaEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCT26oAwQC
ixzMAwQC2ZHsMA0EAgACMAcDBQMqBh6AMA0GCSqGSIb3DQEBCwUAA4IBAQAusAn1
jU+7NWJpZ5SbbFh+RAnk4MChLvu5XMZR6yJvHjBjsh4xzEbVsPSVKcD9YmW4aMwY
nCoqollP2rEQy7OiVEWIT5mX7GzKv/6GLybO/5f7/xj8E4DfZy+YqVdMSLHDbC8Q
HCFm9WMcqYWcoVt/nDwnRacLa6baZNQnKR6ETyx44hZflebjIUM8N+/40Zjs7Soa
0l6KhkCWR3Wgq+rky5yTpB3pUpl8ZbiAFzba4s+nql5mYa6PRJgLodm/1w2/baqo
gJYYdo4FmPxwIHBw6doJa1hBy5oKKMa4jcWXjKVlDPCSp2jFqe9KhYuvYcRKNhUz
Ugr/IqoLELk/Ylln
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:19:34 2025 by rpki-client