Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/MzxQnXbI2W7tTUv9-GpYRiwer6Y.roa
File: MzxQnXbI2W7tTUv9-GpYRiwer6Y.roa (raw, json)
Hash identifier: ShncGR7jcZH4xdPF/fjNQO1+bVZJWb8hKZoGUpL2aXI=
Subject key identifier: 33:3C:50:9D:76:C8:D9:6E:ED:4D:4B:FD:F8:6A:58:46:2C:1E:AF:A6
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 01942143B0656F33D7304C1FF9A8BCA8FCEA
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/MzxQnXbI2W7tTUv9-GpYRiwer6Y.roa
Signing time: Wed 01 Jan 2025 09:47:51 +0000
ROA not before: Wed 01 Jan 2025 09:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211557
IP address blocks: 195.85.201.0/24 maxlen: 24
195.85.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b0:65:6f:33:d7:30:4c:1f:f9:a8:bc:a8:fc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Jan 1 09:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=333c509d76c8d96eed4d4bfdf86a58462c1eafa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:14:e3:33:3d:b8:91:5a:17:2b:13:ce:f9:86:
17:a5:11:1c:3b:b4:dd:59:4e:7c:ac:ab:19:71:3f:
45:89:45:6c:f2:d1:1b:4b:0f:5b:e2:c8:b6:0c:8e:
f0:a3:d2:12:6e:33:e2:5c:a3:45:a4:ad:8f:f2:4e:
ff:36:a2:4f:32:88:1e:df:a0:34:61:b7:43:b8:1f:
74:0f:3a:d5:cb:b5:f9:5f:61:e2:87:c6:72:36:32:
20:82:d7:d4:8a:d9:5b:d8:ef:e1:31:72:23:d2:29:
7c:14:fa:6e:8d:52:24:ac:a3:e3:d9:84:fe:1a:8e:
a7:a1:b2:99:87:72:db:12:9c:7c:eb:87:5b:3d:cd:
89:d5:55:50:70:99:fd:d0:06:ca:86:72:65:f2:96:
09:02:c8:52:a8:f9:1f:78:37:e1:21:e2:ea:01:a8:
c1:b2:25:5b:59:58:42:d5:52:1d:a3:55:c2:d1:52:
c3:b2:40:9d:57:6a:f2:6d:af:bf:a2:e5:25:94:aa:
be:99:6b:67:4c:8b:51:cd:a4:1b:1a:30:9b:48:27:
45:70:fb:fd:76:7e:1c:b2:d9:4f:2c:c7:d6:40:e1:
b5:18:47:24:91:93:23:15:74:55:0e:97:70:7a:e9:
83:bc:50:39:6f:88:60:05:bf:75:8e:8c:0a:10:68:
68:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3C:50:9D:76:C8:D9:6E:ED:4D:4B:FD:F8:6A:58:46:2C:1E:AF:A6
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/MzxQnXbI2W7tTUv9-GpYRiwer6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.201.0/24
195.85.205.0/24
Signature Algorithm: sha256WithRSAEncryption
64:80:7a:4f:54:ca:4a:a2:bf:a0:69:39:c6:3b:46:c7:11:81:
b6:7d:5d:26:b7:73:18:af:57:28:e5:71:a0:b9:e9:1b:ff:2c:
61:fc:4b:2e:3f:0a:74:f3:67:88:2f:a8:88:e8:2a:b8:1f:8b:
f3:fd:79:76:74:6c:09:08:15:73:44:d2:db:a9:32:1c:51:64:
ec:6d:5a:ba:b4:21:b0:ce:ed:de:a0:b8:64:26:11:6c:89:45:
97:b1:35:bb:d0:db:11:bd:bf:26:0b:74:c4:72:30:9a:93:fc:
8d:77:38:ab:32:43:cc:32:f1:a1:82:3f:b9:c2:66:d6:58:c2:
ac:c0:b6:a1:a0:8d:98:23:dc:6a:9d:c0:eb:9b:5e:42:f3:e6:
2c:71:8e:c5:8d:8e:03:af:f5:53:ce:45:59:7e:ff:9e:af:cc:
05:85:3a:03:d2:89:c6:6c:98:af:b0:f2:12:62:8a:dd:3e:3b:
13:99:37:e9:df:49:c2:7c:ff:ee:4a:2e:7f:25:eb:35:11:9d:
b2:f7:68:a6:9a:79:ea:c2:b4:4c:cf:4f:c0:6a:a0:25:37:04:
16:61:21:7b:47:96:84:8e:23:ea:74:c8:83:0f:28:11:c3:d1:
b7:9a:dd:d7:9e:f5:7e:67:e5:37:b9:02:6f:ea:a6:52:d8:db:
6d:05:2d:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ7BlbzPXMEwf+ai8qPzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjUwMTAxMDk0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNjNTA5ZDc2YzhkOTZlZWQ0ZDRiZmRmODZhNTg0NjJjMWVhZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxTjMz24kVoXKxPO+YYXpREcO7Td
WU58rKsZcT9FiUVs8tEbSw9b4si2DI7wo9ISbjPiXKNFpK2P8k7/NqJPMoge36A0
YbdDuB90DzrVy7X5X2Hih8ZyNjIggtfUitlb2O/hMXIj0il8FPpujVIkrKPj2YT+
Go6nobKZh3LbEpx864dbPc2J1VVQcJn90AbKhnJl8pYJAshSqPkfeDfhIeLqAajB
siVbWVhC1VIdo1XC0VLDskCdV2ryba+/ouUllKq+mWtnTItRzaQbGjCbSCdFcPv9
dn4cstlPLMfWQOG1GEckkZMjFXRVDpdweumDvFA5b4hgBb91jowKEGho5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDM8UJ12yNlu7U1L/fhqWEYsHq+mMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvTXp4UW5YYkkyVzd0VFV2OS1HcFlSaXdlcjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw1XJAwQA
w1XNMA0GCSqGSIb3DQEBCwUAA4IBAQBkgHpPVMpKor+gaTnGO0bHEYG2fV0mt3MY
r1co5XGguekb/yxh/EsuPwp082eIL6iI6Cq4H4vz/Xl2dGwJCBVzRNLbqTIcUWTs
bVq6tCGwzu3eoLhkJhFsiUWXsTW70NsRvb8mC3TEcjCak/yNdzirMkPMMvGhgj+5
wmbWWMKswLahoI2YI9xqncDrm15C8+YscY7FjY4Dr/VTzkVZfv+er8wFhToD0onG
bJivsPISYordPjsTmTfp30nCfP/uSi5/Jes1EZ2y92immnnqwrRMz0/AaqAlNwQW
YSF7R5aEjiPqdMiDDygRw9G3mt3XnvV+Z+U3uQJv6qZS2NttBS1U
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:23:37 2025 by rpki-client