Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MWf7WYHJ5MYWLbLo7tF66YgwYdc.roa
File: MWf7WYHJ5MYWLbLo7tF66YgwYdc.roa (raw, json)
Hash identifier: VE0nyhaRfqDW5zzJHbOEQ7W9nXobx7jwcYV2gpyZGRY=
Subject key identifier: 31:67:FB:59:81:C9:E4:C6:16:2D:B2:E8:EE:D1:7A:E9:88:30:61:D7
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C1068A37DD120D1111F2AFE589AEF
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MWf7WYHJ5MYWLbLo7tF66YgwYdc.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 80.96.44.0/23 maxlen: 24
80.96.54.0/23 maxlen: 24
80.96.102.0/23 maxlen: 24
80.96.156.0/22 maxlen: 24
80.97.40.0/21 maxlen: 24
80.97.96.0/23 maxlen: 24
81.180.98.0/23 maxlen: 24
81.180.174.0/23 maxlen: 24
81.180.228.0/23 maxlen: 24
81.180.254.0/23 maxlen: 24
81.181.14.0/23 maxlen: 24
81.181.26.0/23 maxlen: 24
81.181.68.0/23 maxlen: 24
81.181.72.0/23 maxlen: 24
81.181.104.0/21 maxlen: 24
85.120.84.0/23 maxlen: 24
85.121.168.0/22 maxlen: 24
85.121.232.0/21 maxlen: 24
85.122.124.0/22 maxlen: 24
85.122.231.0/24 maxlen: 24
193.226.76.0/22 maxlen: 24
194.102.36.0/22 maxlen: 24
194.102.148.0/23 maxlen: 24
194.102.160.0/23 maxlen: 24
194.102.174.0/23 maxlen: 24
194.102.180.0/22 maxlen: 24
194.102.224.0/22 maxlen: 24
194.105.12.0/22 maxlen: 24
194.153.225.0/24 maxlen: 24
194.153.230.0/23 maxlen: 24
194.153.244.0/23 maxlen: 24
217.156.16.0/23 maxlen: 24
217.156.26.0/24 maxlen: 24
217.156.48.0/22 maxlen: 24
217.156.94.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:10:68:a3:7d:d1:20:d1:11:1f:2a:fe:58:9a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3167fb5981c9e4c6162db2e8eed17ae9883061d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:e7:22:f1:12:98:df:7a:af:39:c7:c8:6a:
38:4f:33:f1:69:35:ae:b5:a0:9a:d5:27:83:5a:f8:
a7:70:b9:54:58:d0:7f:1a:75:54:ff:f3:89:a6:1f:
3c:32:c3:44:40:6e:42:ef:21:c9:7a:65:03:0a:4d:
07:42:a3:0f:3b:51:40:3e:0b:0c:df:3c:33:d6:f8:
8b:86:5c:89:cc:f2:8d:3b:0f:96:6c:92:e4:58:34:
1e:5d:46:31:1e:0c:71:33:a5:09:8f:15:f5:be:84:
35:0b:bf:dc:42:35:86:1e:c2:18:0d:62:23:5d:ae:
f0:de:2e:1d:83:5a:46:54:b4:a9:e3:41:dc:64:db:
2d:2d:58:d8:12:05:e3:10:8e:fd:00:e8:d8:80:b3:
4a:cd:7a:96:31:eb:ee:9f:6b:43:a0:07:39:05:54:
38:5c:34:a7:a3:c2:0c:b9:e5:e3:ac:94:4e:7e:b4:
20:36:43:0d:d5:78:0e:a2:5f:dd:ca:cd:bf:af:24:
24:56:51:e1:03:27:bf:37:ef:58:1f:bf:1f:46:3f:
2a:c7:6d:ba:e1:2a:a7:02:4f:cc:86:be:d5:b8:37:
5a:12:61:7e:ff:91:fb:c8:96:d8:ba:40:fc:e9:08:
e3:1f:ef:19:36:e1:42:25:35:c6:0e:d0:6a:40:4e:
3c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:67:FB:59:81:C9:E4:C6:16:2D:B2:E8:EE:D1:7A:E9:88:30:61:D7
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MWf7WYHJ5MYWLbLo7tF66YgwYdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.97.40.0/21
80.97.96.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.121.168.0/22
85.121.232.0/21
85.122.124.0/22
85.122.231.0/24
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.225.0/24
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.26.0/24
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
70:83:a5:d6:49:c9:31:4d:78:d9:f8:4b:e6:d8:2d:cf:ba:09:
c3:e7:4f:c8:10:5f:0a:1d:40:43:06:c6:28:7e:8b:0d:ea:8f:
2e:83:7c:83:78:b8:27:be:5b:86:7f:59:06:ef:eb:28:eb:af:
8e:d3:23:c8:d7:d7:69:10:e9:19:cf:c4:f8:67:20:bb:c9:ca:
e2:0b:d1:60:8f:17:7c:24:fc:55:50:dc:95:51:37:d0:be:68:
77:ca:d2:d9:6f:9e:e5:24:93:21:d5:ab:73:8e:4b:cb:f9:34:
f2:ec:ec:51:c3:53:85:6d:fc:73:20:ed:1c:ba:a1:fe:51:7c:
82:6e:e8:47:2f:71:3e:4b:35:f1:51:cf:4c:b1:1d:3d:fa:9b:
a0:7d:31:6d:58:ec:f5:57:d0:c2:84:db:7c:34:38:66:0e:d0:
f9:37:2d:d2:4f:8c:4d:a3:c0:27:24:4b:b1:ec:a0:73:ee:b3:
5e:b2:f1:50:9a:4a:6f:51:8c:06:5a:3f:8f:70:9c:8d:11:f3:
35:09:90:70:b6:dc:23:7f:a7:5b:c8:56:cf:b8:be:d0:26:ea:
d9:ff:fe:8d:65:43:ed:a6:00:f9:c0:12:d5:89:5c:60:a8:22:
99:c6:b6:4d:13:82:96:2d:14:06:18:79:94:e5:e7:e4:1c:24:
90:5b:9c:f4
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZQfjBBoo33RINERHyr+WJrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY3ZmI1OTgxYzllNGM2MTYyZGIyZThlZWQxN2FlOTg4MzA2MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs27nIvESmN96rznHyGo4TzPxaTWu
taCa1SeDWvincLlUWNB/GnVU//OJph88MsNEQG5C7yHJemUDCk0HQqMPO1FAPgsM
3zwz1viLhlyJzPKNOw+WbJLkWDQeXUYxHgxxM6UJjxX1voQ1C7/cQjWGHsIYDWIj
Xa7w3i4dg1pGVLSp40HcZNstLVjYEgXjEI79AOjYgLNKzXqWMevun2tDoAc5BVQ4
XDSno8IMueXjrJROfrQgNkMN1XgOol/dys2/ryQkVlHhAye/N+9YH78fRj8qx226
4SqnAk/Mhr7VuDdaEmF+/5H7yJbYukD86QjjH+8ZNuFCJTXGDtBqQE48OwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFDFn+1mByeTGFi2y6O7ReumIMGHXMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvTVdmN1dZSEo1TVlXTGJMbzd0RjY2WWd3WWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBAFQ
YCwDBAFQYDYDBAFQYGYDBAJQYJwDBANQYSgDBAFQYWADBAFRtGIDBAFRtK4DBAFR
tOQDBAFRtP4DBAFRtQ4DBAFRtRoDBAFRtUQDBAFRtUgDBANRtWgDBAFVeFQDBAJV
eagDBANVeegDBAJVenwDBABVeucDBALB4kwDBALCZiQDBAHCZpQDBAHCZqADBAHC
Zq4DBALCZrQDBALCZuADBALCaQwDBADCmeEDBAHCmeYDBAHCmfQDBAHZnBADBADZ
nBoDBALZnDADBAHZnF4wDQYJKoZIhvcNAQELBQADggEBAHCDpdZJyTFNeNn4S+bY
Lc+6CcPnT8gQXwodQEMGxih+iw3qjy6DfIN4uCe+W4Z/WQbv6yjrr47TI8jX12kQ
6RnPxPhnILvJyuIL0WCPF3wk/FVQ3JVRN9C+aHfK0tlvnuUkkyHVq3OOS8v5NPLs
7FHDU4Vt/HMg7Ry6of5RfIJu6EcvcT5LNfFRz0yxHT36m6B9MW1Y7PVX0MKE23w0
OGYO0Pk3LdJPjE2jwCckS7HsoHPus16y8VCaSm9RjAZaP49wnI0R8zUJkHC23CN/
p1vIVs+4vtAm6tn//o1lQ+2mAPnAEtWJXGCoIpnGtk0TgpYtFAYYeZTl5+QcJJBb
nPQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:24:19 2025 by rpki-client