Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/POmxIMVdcWr7e3aGn_msshLLPds.roa
File: POmxIMVdcWr7e3aGn_msshLLPds.roa (raw, json)
Hash identifier: 0b1DwkyDSHkWaJx+Ye3fwTqtcQFSCniv+9fPzmWyARk=
Subject key identifier: 3C:E9:B1:20:C5:5D:71:6A:FB:7B:76:86:9F:F9:AC:B2:12:CB:3D:DB
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 019421B1C1CAAA3A414C5C08D90FA72D3837
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/POmxIMVdcWr7e3aGn_msshLLPds.roa
Signing time: Wed 01 Jan 2025 11:48:05 +0000
ROA not before: Wed 01 Jan 2025 11:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60446
IP address blocks: 5.252.206.0/24 maxlen: 24
45.67.232.0/24 maxlen: 24
45.67.233.0/24 maxlen: 24
45.67.234.0/24 maxlen: 24
91.230.149.0/24 maxlen: 24
185.130.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c1:ca:aa:3a:41:4c:5c:08:d9:0f:a7:2d:38:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ce9b120c55d716afb7b76869ff9acb212cb3ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9c:4c:9e:66:18:f2:78:69:49:ef:a7:82:ae:
87:f9:f1:35:23:a9:6c:20:52:d4:41:a3:6f:82:e5:
8a:4d:16:c7:17:d2:85:60:59:35:da:0e:45:98:87:
4b:ef:02:69:33:b0:de:b5:88:9a:15:e0:a8:0e:b1:
19:48:06:c6:eb:d1:b5:27:81:9b:63:45:9f:90:7b:
fe:ba:22:1e:5c:3d:16:9f:42:40:2d:7b:6f:de:54:
0e:55:e1:e7:b4:00:30:d2:cb:9c:d8:11:e8:57:5d:
fd:c3:df:26:60:d7:fb:59:b1:36:e2:dc:e2:5e:56:
6d:6e:b1:82:22:72:e2:c5:2d:7a:a4:0f:c4:81:30:
11:f6:68:db:a9:11:b0:b2:4b:27:d4:da:49:46:ce:
6b:5c:42:97:bb:be:89:e0:d3:f4:6c:97:d7:dc:88:
c6:cf:13:d1:59:59:fd:91:6d:29:78:03:10:4c:d1:
05:38:e1:aa:20:89:86:6d:6b:ec:38:64:19:b5:89:
09:11:e0:0f:e4:db:c9:45:8a:ef:f4:5d:6e:b3:ed:
24:0b:aa:db:fb:a9:eb:d1:3c:e2:0d:03:16:10:ab:
4f:05:50:c4:74:88:f8:60:de:24:e3:19:87:83:43:
15:11:ed:02:b6:4d:fd:6f:fa:6f:5f:30:01:8f:00:
ce:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E9:B1:20:C5:5D:71:6A:FB:7B:76:86:9F:F9:AC:B2:12:CB:3D:DB
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/POmxIMVdcWr7e3aGn_msshLLPds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.206.0/24
45.67.232.0-45.67.234.255
91.230.149.0/24
185.130.56.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d3:ed:ac:14:10:48:76:d1:45:5e:b0:37:cb:77:bb:bd:4c:
37:5b:47:32:94:37:7e:12:20:14:09:3f:9a:12:33:95:a6:95:
69:c6:19:23:a0:2d:c9:a5:49:96:8a:82:3e:11:dc:27:e1:fc:
df:52:88:22:74:47:ef:00:a0:e1:4c:ff:7c:f6:c5:63:c3:4b:
29:0c:d0:bc:48:f9:c8:f2:cf:59:28:29:41:92:be:e5:d1:97:
3a:3d:dc:53:57:ed:58:85:73:ab:b8:87:73:43:7f:f5:1c:df:
34:cb:a7:24:a8:32:a1:e5:cd:89:b5:08:80:0e:20:37:b5:d0:
bb:51:cf:4f:bd:24:45:b5:00:cc:88:3a:72:de:b5:3b:83:7c:
46:d1:18:7d:52:02:80:d5:de:44:e2:0e:69:23:66:10:7d:35:
ee:ea:77:c9:4d:6e:79:f8:68:58:de:69:a6:c9:a3:90:a6:22:
bd:c6:1f:2e:95:0a:07:af:86:a9:64:9f:b7:22:70:35:75:5d:
95:7c:ab:fe:e2:91:c3:57:75:27:fe:f3:75:bf:16:36:77:4b:
3f:b4:21:22:d0:f5:2b:5b:31:71:44:e1:7c:55:ba:e1:bc:fc:
4d:fb:ad:50:be:c0:18:f4:05:4d:4f:9c:54:6f:5f:50:54:28:
9c:27:da:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQhscHKqjpBTFwI2Q+nLTg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U5YjEyMGM1NWQ3MTZhZmI3Yjc2ODY5ZmY5YWNiMjEyY2IzZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5xMnmYY8nhpSe+ngq6H+fE1I6ls
IFLUQaNvguWKTRbHF9KFYFk12g5FmIdL7wJpM7DetYiaFeCoDrEZSAbG69G1J4Gb
Y0WfkHv+uiIeXD0Wn0JALXtv3lQOVeHntAAw0suc2BHoV139w98mYNf7WbE24tzi
XlZtbrGCInLixS16pA/EgTAR9mjbqRGwsksn1NpJRs5rXEKXu76J4NP0bJfX3IjG
zxPRWVn9kW0peAMQTNEFOOGqIImGbWvsOGQZtYkJEeAP5NvJRYrv9F1us+0kC6rb
+6nr0TziDQMWEKtPBVDEdIj4YN4k4xmHg0MVEe0Ctk39b/pvXzABjwDOGwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDzpsSDFXXFq+3t2hp/5rLISyz3bMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvUE9teElNVmRjV3I3ZTNhR25fbXNzaExMUGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABfzOMAwD
BAMtQ+gDBAAtQ+oDBABb5pUDBAC5gjgwDQYJKoZIhvcNAQELBQADggEBAEjT7awU
EEh20UVesDfLd7u9TDdbRzKUN34SIBQJP5oSM5WmlWnGGSOgLcmlSZaKgj4R3Cfh
/N9SiCJ0R+8AoOFM/3z2xWPDSykM0LxI+cjyz1koKUGSvuXRlzo93FNX7ViFc6u4
h3NDf/Uc3zTLpySoMqHlzYm1CIAOIDe10LtRz0+9JEW1AMyIOnLetTuDfEbRGH1S
AoDV3kTiDmkjZhB9Ne7qd8lNbnn4aFjeaabJo5CmIr3GHy6VCgevhqlkn7cicDV1
XZV8q/7ikcNXdSf+83W/FjZ3Sz+0ISLQ9StbMXFE4XxVuuG8/E37rVC+wBj0BU1P
nFRvX1BUKJwn2l8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:32:03 2025 by rpki-client