Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/3ff48f-f300-4d6d-84b1-215a34a00778/1/MXpjfgEwxFwqvIMeg8maQAByHLw.roa
File: MXpjfgEwxFwqvIMeg8maQAByHLw.roa (raw, json)
Hash identifier: HgaYcYsD/QtxpQYJgH44KHCcqXe5mihWYunB9UeMF/w=
Subject key identifier: 31:7A:63:7E:01:30:C4:5C:2A:BC:83:1E:83:C9:9A:40:00:72:1C:BC
Certificate issuer: /CN=d4b2721932903f98313cdc1a6fd4b7f2edaa4355
Certificate serial: 0185718321FC4246C4778F13D668A2EC78A0
Authority key identifier: D4:B2:72:19:32:90:3F:98:31:3C:DC:1A:6F:D4:B7:F2:ED:AA:43:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LJyGTKQP5gxPNwab9S38u2qQ1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/3ff48f-f300-4d6d-84b1-215a34a00778/1/MXpjfgEwxFwqvIMeg8maQAByHLw.roa
Signing time: Mon 02 Jan 2023 08:04:57 +0000
ROA not before: Mon 02 Jan 2023 08:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205402
IP address blocks: 94.199.232.0/21 maxlen: 24
185.108.92.0/22 maxlen: 24
185.108.95.0/24 maxlen: 24
2a02:8d0::/32 maxlen: 32
2a02:8d4::/30 maxlen: 32
2a02:8d1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:21:fc:42:46:c4:77:8f:13:d6:68:a2:ec:78:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b2721932903f98313cdc1a6fd4b7f2edaa4355
Validity
Not Before: Jan 2 08:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317a637e0130c45c2abc831e83c99a4000721cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1d:82:2f:d3:7a:64:6b:ae:02:15:60:5a:78:
f8:22:17:85:9d:4e:2b:ca:eb:1e:3f:13:79:7b:ff:
6c:c6:b8:2f:ba:b3:c8:eb:ca:b4:8f:9e:d4:4f:4d:
bf:2c:df:cb:af:4a:0c:82:78:0a:5b:d9:93:f1:86:
75:9b:47:62:1f:7f:e4:3a:e8:b7:dc:7b:5d:b8:d0:
7a:3d:ab:f4:ca:6c:47:44:33:a7:1d:2a:42:22:85:
35:e6:17:d6:2b:59:73:63:f6:c1:36:c8:50:ab:2b:
2a:ae:a5:3a:b1:cf:1f:4e:6b:a6:b6:7f:6d:76:a0:
d3:44:44:56:35:7f:6a:39:79:a2:27:33:64:70:4d:
91:e8:a6:a9:8e:db:f4:c2:6a:f2:f0:60:28:48:42:
c4:31:65:dd:ba:ce:2a:80:90:6f:ad:0c:6a:b7:c1:
2d:2e:09:50:a7:e9:09:65:f5:db:f1:e5:d7:f0:2c:
76:4b:81:fc:98:34:9d:c0:9c:f5:41:9a:dd:0a:fa:
a2:e4:fa:bc:7c:b4:d5:29:fe:a4:cf:c7:0e:95:c1:
06:3d:44:c1:77:a5:7f:08:38:18:5b:14:f4:4e:b5:
fa:0f:26:99:f4:18:78:75:c4:4b:94:6b:b0:06:2d:
4c:64:a2:f8:7b:19:71:c4:0f:42:33:7d:74:1a:e1:
11:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7A:63:7E:01:30:C4:5C:2A:BC:83:1E:83:C9:9A:40:00:72:1C:BC
X509v3 Authority Key Identifier:
keyid:D4:B2:72:19:32:90:3F:98:31:3C:DC:1A:6F:D4:B7:F2:ED:AA:43:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LJyGTKQP5gxPNwab9S38u2qQ1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/3ff48f-f300-4d6d-84b1-215a34a00778/1/MXpjfgEwxFwqvIMeg8maQAByHLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/3ff48f-f300-4d6d-84b1-215a34a00778/1/1LJyGTKQP5gxPNwab9S38u2qQ1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.232.0/21
185.108.92.0/22
IPv6:
2a02:8d0::/31
2a02:8d4::/30
Signature Algorithm: sha256WithRSAEncryption
39:d8:3f:0f:7e:57:b3:a7:1e:6d:0e:c1:16:4f:b4:72:ff:4a:
f4:cc:d6:a2:03:e6:ea:f4:26:48:cf:ce:72:4a:b5:b4:eb:b5:
c2:07:d1:7b:96:00:ed:1d:74:32:f7:bf:95:83:00:c2:0b:3e:
69:99:d6:97:91:ed:3a:d5:04:4b:5a:fe:67:f1:ca:ae:c2:c8:
b5:67:6a:e7:a3:17:7c:aa:51:75:1d:10:eb:7e:bc:49:a2:c1:
8d:d2:e9:e9:77:97:cd:3f:27:f0:f5:af:f7:46:98:20:ae:39:
ca:19:89:8a:f9:bf:f8:bd:a8:72:ca:98:d7:5b:19:1f:67:21:
0c:3f:b1:a3:51:f4:2b:ab:3b:b9:c6:dc:98:4f:10:ff:2c:a9:
08:23:8a:51:83:2c:02:f4:2c:e7:3c:48:78:97:59:e5:35:cf:
3e:00:4d:53:6f:47:b0:6e:f8:63:ed:07:97:15:84:ed:16:6a:
62:a5:45:50:31:1b:b7:ff:ae:bc:6b:8b:9c:fe:be:ac:e6:2e:
7f:30:07:1f:d0:88:23:0b:d5:a1:53:dc:25:c0:25:b3:75:31:
3b:f4:6a:15:a7:ab:53:cb:9d:7d:3b:a6:d1:cf:fe:38:ad:6b:
a5:b7:83:6c:87:42:c4:72:c1:e8:b1:c4:10:f6:5c:1a:be:0f:
6e:43:cd:47
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxgyH8QkbEd48T1mii7HigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YjI3MjE5MzI5MDNmOTgzMTNjZGMxYTZmZDRiN2YyZWRh
YTQzNTUwHhcNMjMwMTAyMDgwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdhNjM3ZTAxMzBjNDVjMmFiYzgzMWU4M2M5OWE0MDAwNzIxY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB2CL9N6ZGuuAhVgWnj4IheFnU4r
yusePxN5e/9sxrgvurPI68q0j57UT02/LN/Lr0oMgngKW9mT8YZ1m0diH3/kOui3
3HtduNB6Pav0ymxHRDOnHSpCIoU15hfWK1lzY/bBNshQqysqrqU6sc8fTmumtn9t
dqDTRERWNX9qOXmiJzNkcE2R6Kapjtv0wmry8GAoSELEMWXdus4qgJBvrQxqt8Et
LglQp+kJZfXb8eXX8Cx2S4H8mDSdwJz1QZrdCvqi5Pq8fLTVKf6kz8cOlcEGPUTB
d6V/CDgYWxT0TrX6DyaZ9Bh4dcRLlGuwBi1MZKL4exlxxA9CM310GuERDQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDF6Y34BMMRcKryDHoPJmkAAchy8MB8GA1UdIwQY
MBaAFNSychkykD+YMTzcGm/Ut/LtqkNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxKeUdUS1FQNWd4UE53YWI5UzM4dTJxUTFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zZmY0OGYtZjMwMC00ZDZkLTg0YjEt
MjE1YTM0YTAwNzc4LzEvTVhwamZnRXd4RndxdklNZWc4bWFRQUJ5SEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zZmY0OGYtZjMwMC00ZDZkLTg0YjEtMjE1YTM0YTAwNzc4
LzEvMUxKeUdUS1FQNWd4UE53YWI5UzM4dTJxUTFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDXsfoAwQC
uWxcMBQEAgACMA4DBQEqAgjQAwUCKgII1DANBgkqhkiG9w0BAQsFAAOCAQEAOdg/
D35Xs6cebQ7BFk+0cv9K9MzWogPm6vQmSM/Ockq1tOu1wgfRe5YA7R10Mve/lYMA
wgs+aZnWl5HtOtUES1r+Z/HKrsLItWdq56MXfKpRdR0Q6368SaLBjdLp6XeXzT8n
8PWv90aYIK45yhmJivm/+L2ocsqY11sZH2chDD+xo1H0K6s7ucbcmE8Q/yypCCOK
UYMsAvQs5zxIeJdZ5TXPPgBNU29HsG74Y+0HlxWE7RZqYqVFUDEbt/+uvGuLnP6+
rOYufzAHH9CIIwvVoVPcJcAls3UxO/RqFaerU8udfTum0c/+OK1rpbeDbIdCxHLB
6LHEEPZcGr4PbkPNRw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:39 2025 by rpki-client