Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/MB9T19vthK7MTZHpTh1OqER4AWs.roa
File: MB9T19vthK7MTZHpTh1OqER4AWs.roa (raw, json)
Hash identifier: B1sGRlrnBGDGT0J9HTZJLXEdy3QoRPR556tv7l6zzGg=
Subject key identifier: 30:1F:53:D7:DB:ED:84:AE:CC:4D:91:E9:4E:1D:4E:A8:44:78:01:6B
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019425FD4A0D815AD4F4E10745D1F562A972
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/MB9T19vthK7MTZHpTh1OqER4AWs.roa
Signing time: Thu 02 Jan 2025 07:49:04 +0000
ROA not before: Thu 02 Jan 2025 07:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4a:0d:81:5a:d4:f4:e1:07:45:d1:f5:62:a9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 2 07:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=301f53d7dbed84aecc4d91e94e1d4ea84478016b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:80:14:a9:84:0b:be:36:ce:8a:79:31:7c:
d7:6d:75:17:57:0d:53:2b:7b:d9:a2:b4:f3:b0:57:
1c:0b:cf:90:9d:d5:81:89:63:21:ae:82:02:f6:c8:
48:bf:5f:a0:68:b7:0b:93:0c:36:13:b1:fa:d7:e5:
46:53:7f:73:03:b5:4c:c8:42:43:d9:64:25:37:72:
d2:90:24:a8:22:0a:3b:ba:7d:83:87:11:20:c8:2a:
0c:3f:8c:a6:46:f0:50:1f:f6:60:98:ba:bf:df:fe:
87:36:61:b7:03:1f:38:e3:8e:6e:2d:d7:b9:a2:d1:
f5:02:a6:9e:26:ad:70:c4:84:3f:32:89:b3:13:ea:
38:2b:6a:7c:61:27:0b:29:a2:a7:ab:dd:ee:9b:0d:
d1:96:cf:59:b5:65:67:4a:4b:be:26:97:d8:30:5b:
ae:5e:5e:31:25:a5:24:a1:8d:28:0e:84:75:6c:5c:
cf:93:be:d7:4d:7a:9f:2e:86:59:14:dc:2b:27:32:
57:ce:79:b0:c2:22:85:e1:96:06:7f:56:33:09:ae:
a3:43:ee:9d:5f:a7:6e:0b:74:cf:e7:6c:18:5b:5a:
58:d2:fa:01:f1:1e:8c:09:86:b9:da:bd:61:ed:1b:
80:54:49:5b:fd:13:77:80:84:0d:30:86:2c:85:d8:
ac:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1F:53:D7:DB:ED:84:AE:CC:4D:91:E9:4E:1D:4E:A8:44:78:01:6B
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/MB9T19vthK7MTZHpTh1OqER4AWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.252.0/23
194.33.150.0/24
Signature Algorithm: sha256WithRSAEncryption
08:86:10:0b:fb:da:dc:fa:2d:28:d0:6c:53:61:22:2c:1d:44:
77:3a:05:0a:b8:43:ce:7d:48:c6:77:96:8a:44:e2:16:ee:a0:
6b:36:c4:01:5b:b2:ee:69:6e:b5:d8:ec:65:65:d4:e3:4f:c9:
cd:f7:0f:08:38:dc:87:f8:4c:63:db:bf:dd:f0:30:e3:62:d6:
b5:6a:57:54:2e:9a:20:4f:2e:0a:9d:6a:95:5f:ca:64:c0:24:
86:e8:39:0d:46:7c:8f:fa:ba:92:43:28:1d:b6:58:4f:9f:10:
bc:65:e5:7b:9f:48:d7:6a:d4:05:dd:ab:2d:74:eb:1d:19:cc:
f6:f8:e2:d3:2a:1f:f5:31:68:08:30:e7:da:4b:7c:e4:04:3d:
15:c2:6f:b7:9a:f0:e2:cc:e7:b8:8a:2f:7d:65:ff:e6:b8:a6:
4c:df:88:8e:69:04:77:ee:32:d3:75:01:a8:8f:9b:77:de:8b:
78:b6:22:5f:1e:17:0f:db:a8:72:b0:ba:4f:68:4d:8a:6a:48:
68:00:90:c9:9c:0e:78:02:ac:57:f4:89:df:27:5f:1d:ac:aa:
c0:df:fa:c9:bf:7a:5e:2f:51:f3:f8:31:16:47:3e:86:26:fb:
ae:6f:32:40:bb:f3:be:22:10:17:17:3c:19:b4:e1:39:d2:f4:
fa:21:f0:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/UoNgVrU9OEHRdH1YqlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwMTAyMDc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFmNTNkN2RiZWQ4NGFlY2M0ZDkxZTk0ZTFkNGVhODQ0NzgwMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BeAFKmEC742zop5MXzXbXUXVw1T
K3vZorTzsFccC8+QndWBiWMhroIC9shIv1+gaLcLkww2E7H61+VGU39zA7VMyEJD
2WQlN3LSkCSoIgo7un2DhxEgyCoMP4ymRvBQH/ZgmLq/3/6HNmG3Ax84445uLde5
otH1AqaeJq1wxIQ/MomzE+o4K2p8YScLKaKnq93umw3Rls9ZtWVnSku+JpfYMFuu
Xl4xJaUkoY0oDoR1bFzPk77XTXqfLoZZFNwrJzJXznmwwiKF4ZYGf1YzCa6jQ+6d
X6duC3TP52wYW1pY0voB8R6MCYa52r1h7RuAVElb/RN3gIQNMIYshdisNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAfU9fb7YSuzE2R6U4dTqhEeAFrMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvTUI5VDE5dnRoSzdNVFpIcFRoMU9xRVI0QVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTo/8AwQA
wiGWMA0GCSqGSIb3DQEBCwUAA4IBAQAIhhAL+9rc+i0o0GxTYSIsHUR3OgUKuEPO
fUjGd5aKROIW7qBrNsQBW7LuaW612OxlZdTjT8nN9w8IONyH+Exj27/d8DDjYta1
aldULpogTy4KnWqVX8pkwCSG6DkNRnyP+rqSQygdtlhPnxC8ZeV7n0jXatQF3ast
dOsdGcz2+OLTKh/1MWgIMOfaS3zkBD0Vwm+3mvDizOe4ii99Zf/muKZM34iOaQR3
7jLTdQGoj5t33ot4tiJfHhcP26hysLpPaE2KakhoAJDJnA54AqxX9InfJ18drKrA
3/rJv3peL1Hz+DEWRz6GJvuubzJAu/O+IhAXFzwZtOE50vT6IfDP
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:11 2025 by rpki-client