Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/MfO1xzaCGvzf-Tdk8sWipKC3t-8.roa
File: MfO1xzaCGvzf-Tdk8sWipKC3t-8.roa (raw, json)
Hash identifier: TSPXY1leU0O4gZ6iWESlm1g1sCeRvbsOHxtBl16fH1g=
Subject key identifier: 31:F3:B5:C7:36:82:1A:FC:DF:F9:37:64:F2:C5:A2:A4:A0:B7:B7:EF
Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Certificate serial: 019424B37455A5428EC0782981338B84A623
Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/MfO1xzaCGvzf-Tdk8sWipKC3t-8.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202365
IP address blocks: 45.153.248.0/22 maxlen: 24
185.170.9.0/24 maxlen: 24
2a10:f9c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:74:55:a5:42:8e:c0:78:29:81:33:8b:84:a6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31f3b5c736821afcdff93764f2c5a2a4a0b7b7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6c:d9:30:b8:86:09:a8:08:1c:77:b9:74:90:
86:5b:5b:33:f5:62:61:bb:b1:90:65:9f:bf:1e:b1:
e6:88:e7:99:41:94:a9:31:51:07:55:e7:2a:ba:6d:
57:e1:66:4c:d2:7a:9e:3b:14:06:c6:db:44:88:35:
73:39:6d:0c:d3:2b:c2:12:23:74:f4:d0:b2:01:6c:
d8:34:18:3c:3b:18:0b:95:96:6f:97:a4:0d:ef:46:
c4:c7:dc:c1:2d:64:cc:52:be:f5:f1:79:4f:2f:9b:
8f:4f:b5:62:51:94:c5:90:55:8a:a8:43:c7:55:58:
ec:3d:50:42:91:d2:6f:3c:2c:43:fa:b1:6a:53:75:
9d:41:8e:22:3e:2b:62:0c:88:20:87:b6:bb:ea:a0:
6b:1e:60:20:e7:f8:ff:90:54:38:a9:f9:d2:c6:1b:
29:29:b4:19:db:81:d4:26:9b:f6:c1:2a:96:dd:c1:
b0:97:e2:a7:f1:7b:5e:f4:ae:6b:3c:ba:ff:a0:e2:
08:a5:23:97:bb:54:13:d7:5f:11:1a:10:fd:af:71:
56:65:49:7f:3e:82:56:7e:0b:a1:b1:09:76:f8:24:
35:ea:39:35:91:a3:76:15:00:31:07:ff:7c:4e:a9:
79:d5:ae:a5:97:b2:12:99:cd:31:98:6d:74:23:76:
43:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F3:B5:C7:36:82:1A:FC:DF:F9:37:64:F2:C5:A2:A4:A0:B7:B7:EF
X509v3 Authority Key Identifier:
keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/MfO1xzaCGvzf-Tdk8sWipKC3t-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.248.0/22
185.170.9.0/24
IPv6:
2a10:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:9a:d5:96:16:a0:62:fb:8e:85:9b:2d:64:1c:26:34:b0:5e:
48:e6:89:1c:d7:35:98:bf:81:8e:c6:f3:9e:58:15:ed:f9:e7:
67:f9:a5:39:9b:e4:c1:cf:f9:20:17:25:57:04:d1:f0:d0:7d:
f8:c1:ef:5e:2a:13:d1:16:c2:c8:7b:1a:23:c8:ad:e9:3e:54:
42:59:15:aa:74:a0:c2:a1:cf:9a:9d:25:b3:c6:74:b1:e6:cc:
4e:1f:be:8a:71:82:b8:ba:c1:69:ca:52:f3:27:58:ce:70:e7:
47:f3:3c:79:b9:d8:6f:ae:c4:47:61:b7:cc:e1:8a:04:45:12:
d3:91:32:40:58:0f:f5:e9:fe:95:13:e9:9c:15:d0:dd:3a:f1:
15:6d:64:91:c4:97:5d:dd:98:71:c5:8f:a0:48:c8:62:bf:ab:
85:f6:2f:16:9a:6e:02:79:5a:f4:65:03:9e:4d:43:8b:57:fd:
43:b8:73:68:fc:08:b6:2b:c4:31:6f:74:58:2a:a9:05:7d:db:
c7:15:27:9c:c9:e8:c2:7c:d4:b7:17:62:c4:bc:8e:7a:58:db:
6a:2c:f9:9c:9f:b1:54:03:d7:76:b2:56:3f:67:cf:94:03:61:
3f:89:4d:8e:5b:3e:3f:2a:14:2b:0b:c9:bc:13:db:6e:de:42:
83:4f:d5:ff
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks3RVpUKOwHgpgTOLhKYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjBhMjA0ZjRlMDljYzgzYTYyNThkN2FhNDRmN2QyZjBm
YTQ0YTAwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWYzYjVjNzM2ODIxYWZjZGZmOTM3NjRmMmM1YTJhNGEwYjdiN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GzZMLiGCagIHHe5dJCGW1sz9WJh
u7GQZZ+/HrHmiOeZQZSpMVEHVecqum1X4WZM0nqeOxQGxttEiDVzOW0M0yvCEiN0
9NCyAWzYNBg8OxgLlZZvl6QN70bEx9zBLWTMUr718XlPL5uPT7ViUZTFkFWKqEPH
VVjsPVBCkdJvPCxD+rFqU3WdQY4iPitiDIggh7a76qBrHmAg5/j/kFQ4qfnSxhsp
KbQZ24HUJpv2wSqW3cGwl+Kn8Xte9K5rPLr/oOIIpSOXu1QT118RGhD9r3FWZUl/
PoJWfguhsQl2+CQ16jk1kaN2FQAxB/98Tql51a6ll7ISmc0xmG10I3ZDeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDHztcc2ghr83/k3ZPLFoqSgt7fvMB8GA1UdIwQY
MBaAFLUgogT04JzIOmJY16pE99Lw+kSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAt
YjhiMWU0YjRlY2I5LzEvTWZPMXh6YUNHdnpmLVRkazhzV2lwS0MzdC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAtYjhiMWU0YjRlY2I5
LzEvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZn4AwQA
uaoJMA0EAgACMAcDBQMqEPnAMA0GCSqGSIb3DQEBCwUAA4IBAQAumtWWFqBi+46F
my1kHCY0sF5I5okc1zWYv4GOxvOeWBXt+edn+aU5m+TBz/kgFyVXBNHw0H34we9e
KhPRFsLIexojyK3pPlRCWRWqdKDCoc+anSWzxnSx5sxOH76KcYK4usFpylLzJ1jO
cOdH8zx5udhvrsRHYbfM4YoERRLTkTJAWA/16f6VE+mcFdDdOvEVbWSRxJdd3Zhx
xY+gSMhiv6uF9i8Wmm4CeVr0ZQOeTUOLV/1DuHNo/Ai2K8Qxb3RYKqkFfdvHFSec
yejCfNS3F2LEvI56WNtqLPmcn7FUA9d2slY/Z8+UA2E/iU2OWz4/KhQrC8m8E9tu
3kKDT9X/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:32 2025 by rpki-client