Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MZ2kktuiyVUt5EGW4N-gXy1V0dI.roa
File: MZ2kktuiyVUt5EGW4N-gXy1V0dI.roa (raw, json)
Hash identifier: wdIebYUYqSFcEAiWTYqmHl5sbeqN0obX6WEDlCFj7EA=
Subject key identifier: 31:9D:A4:92:DB:A2:C9:55:2D:E4:41:96:E0:DF:A0:5F:2D:55:D1:D2
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 018CB79843E7190EA05A91C8005E1C0D9E0A
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MZ2kktuiyVUt5EGW4N-gXy1V0dI.roa
Signing time: Fri 29 Dec 2023 22:00:58 +0000
ROA not before: Fri 29 Dec 2023 22:00:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25145
IP address blocks: 185.198.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b7:98:43:e7:19:0e:a0:5a:91:c8:00:5e:1c:0d:9e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Dec 29 22:00:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=319da492dba2c9552de44196e0dfa05f2d55d1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:22:4e:86:dc:c2:f0:2e:0b:96:a1:d6:6a:46:
31:be:cd:fb:65:a7:67:19:54:0b:a6:4c:5b:e2:18:
28:d5:4e:1a:ee:7e:9f:cd:3b:f2:6d:da:10:17:7e:
53:c8:7a:93:97:e4:d9:e7:6f:ee:a6:72:8a:24:cf:
b2:ad:1b:a2:4a:2a:ca:d2:00:17:5c:97:74:5d:cc:
e6:9a:9e:0e:ea:06:0b:26:51:93:cc:6b:2c:16:50:
a2:ba:3e:c3:b3:8b:72:bb:4d:c1:bf:f2:fd:2e:80:
82:ec:f4:ed:c6:f9:5d:ce:48:63:99:11:a0:02:7b:
ae:25:80:54:63:57:ec:b6:d2:1a:6b:8c:4d:0a:27:
6d:3c:a1:b0:db:38:0e:16:d1:f4:a5:24:e7:cb:54:
72:27:b4:49:62:af:39:f7:34:b7:f7:38:61:1a:87:
8e:20:52:84:45:b6:71:91:9e:16:8f:a9:54:96:d0:
b1:1f:a4:c5:72:19:22:9c:16:23:93:e0:73:a3:5f:
a2:e8:fe:40:77:04:56:47:1c:1e:25:4c:1e:a4:da:
cc:9d:a6:72:03:c9:27:4d:0b:25:61:90:1e:aa:d5:
30:01:a1:73:d3:c1:db:0b:8c:fc:72:eb:fb:98:0d:
95:b9:af:b6:02:3b:cf:87:1f:61:8e:9a:39:ea:e5:
ee:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9D:A4:92:DB:A2:C9:55:2D:E4:41:96:E0:DF:A0:5F:2D:55:D1:D2
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MZ2kktuiyVUt5EGW4N-gXy1V0dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.73.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:ae:4c:26:6c:1f:5f:9b:d2:ef:a1:8e:c9:02:28:a1:db:eb:
36:6f:eb:03:bb:88:bd:96:bb:03:82:96:d4:89:d4:09:2c:00:
7c:92:d1:ad:1d:46:e4:83:ce:d7:54:f7:65:9a:16:38:76:74:
d3:eb:ed:48:51:df:26:38:16:37:8e:4d:51:50:18:00:e5:6e:
26:c1:e7:9d:d3:69:f1:24:b5:d9:a3:fb:3f:11:a3:44:63:d0:
0d:e6:54:17:9c:af:e7:c4:55:5f:fe:ab:ce:fe:6e:9b:7f:bb:
fb:d6:0f:e4:c9:f5:f4:46:2e:be:a6:f4:1f:b6:e0:1b:79:34:
ff:c5:3d:3c:8c:74:71:d8:63:39:36:39:53:f5:bb:d1:31:74:
87:75:60:72:aa:6e:b8:26:f3:41:3c:55:4c:8c:f0:e8:ae:64:
45:a8:7c:ff:09:b6:ad:ac:58:3d:a0:e6:2b:5b:b3:8b:55:b7:
55:25:90:c0:ee:87:e8:93:a9:f9:42:e7:ad:b6:a2:fb:f5:d1:
d7:1b:e4:eb:3e:67:9f:9b:f9:5e:2c:48:b7:f6:35:04:da:28:
b4:87:38:d7:ba:c2:90:88:04:b7:58:67:63:c3:fb:d6:a3:75:
ab:d7:94:5e:59:d0:0c:6f:77:8b:4e:a5:1b:35:18:52:ff:43:
58:f5:86:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy3mEPnGQ6gWpHIAF4cDZ4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjMxMjI5MjIwMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTlkYTQ5MmRiYTJjOTU1MmRlNDQxOTZlMGRmYTA1ZjJkNTVkMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSJOhtzC8C4LlqHWakYxvs37Zadn
GVQLpkxb4hgo1U4a7n6fzTvybdoQF35TyHqTl+TZ52/upnKKJM+yrRuiSirK0gAX
XJd0Xczmmp4O6gYLJlGTzGssFlCiuj7Ds4tyu03Bv/L9LoCC7PTtxvldzkhjmRGg
AnuuJYBUY1fsttIaa4xNCidtPKGw2zgOFtH0pSTny1RyJ7RJYq859zS39zhhGoeO
IFKERbZxkZ4Wj6lUltCxH6TFchkinBYjk+Bzo1+i6P5AdwRWRxweJUwepNrMnaZy
A8knTQslYZAeqtUwAaFz08HbC4z8cuv7mA2Vua+2AjvPhx9hjpo56uXusQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGdpJLboslVLeRBluDfoF8tVdHSMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvTVoya2t0dWl5VlV0NUVHVzROLWdYeTFWMGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucZJMA0G
CSqGSIb3DQEBCwUAA4IBAQAarkwmbB9fm9LvoY7JAiih2+s2b+sDu4i9lrsDgpbU
idQJLAB8ktGtHUbkg87XVPdlmhY4dnTT6+1IUd8mOBY3jk1RUBgA5W4mweed02nx
JLXZo/s/EaNEY9AN5lQXnK/nxFVf/qvO/m6bf7v71g/kyfX0Ri6+pvQftuAbeTT/
xT08jHRx2GM5NjlT9bvRMXSHdWByqm64JvNBPFVMjPDormRFqHz/CbatrFg9oOYr
W7OLVbdVJZDA7ofok6n5QuettqL79dHXG+TrPmefm/leLEi39jUE2ii0hzjXusKQ
iAS3WGdjw/vWo3Wr15ReWdAMb3eLTqUbNRhS/0NY9YYJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:05 2025 by rpki-client