Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/Mxsx50Ph9_qr5vUqU-Gjhz8TFEo.roa
File: Mxsx50Ph9_qr5vUqU-Gjhz8TFEo.roa (raw, json)
Hash identifier: r/sY/VoJqmcdsNcKGmTBnZbt3tc9vj95Qx95jR+/+BY=
Subject key identifier: 33:1B:31:E7:43:E1:F7:FA:AB:E6:F5:2A:53:E1:A3:87:3F:13:14:4A
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 019423D7D8240B152EBE68720B33A0068CFB
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/Mxsx50Ph9_qr5vUqU-Gjhz8TFEo.roa
Signing time: Wed 01 Jan 2025 21:48:55 +0000
ROA not before: Wed 01 Jan 2025 21:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 378
IP address blocks: 128.139.0.0/16 maxlen: 16
128.139.0.0/17 maxlen: 17
128.139.4.0/24 maxlen: 24
128.139.6.0/24 maxlen: 24
128.139.128.0/17 maxlen: 17
128.139.199.0/24 maxlen: 24
128.139.200.0/24 maxlen: 24
132.78.0.0/16 maxlen: 16
185.115.212.0/22 maxlen: 22
192.114.0.0/21 maxlen: 21
192.114.16.0/21 maxlen: 21
192.114.48.0/21 maxlen: 21
192.114.56.0/22 maxlen: 22
192.114.60.0/23 maxlen: 23
192.114.92.0/22 maxlen: 22
192.114.96.0/20 maxlen: 20
192.114.100.0/24 maxlen: 24
192.114.101.0/24 maxlen: 24
192.114.102.0/24 maxlen: 24
192.114.124.0/22 maxlen: 22
192.114.128.0/20 maxlen: 20
192.114.192.0/18 maxlen: 18
192.115.32.0/20 maxlen: 20
192.115.46.0/24 maxlen: 24
192.115.64.0/22 maxlen: 22
192.115.164.0/22 maxlen: 22
192.115.168.0/21 maxlen: 21
192.115.192.0/21 maxlen: 21
192.117.80.0/20 maxlen: 20
2001:bf8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d8:24:0b:15:2e:be:68:72:0b:33:a0:06:8c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Jan 1 21:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=331b31e743e1f7faabe6f52a53e1a3873f13144a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:88:38:c7:8e:2a:83:f8:d2:7d:b1:56:06:
88:21:d1:a7:f2:38:ce:a2:1a:e3:ee:7d:49:76:e3:
78:1c:c7:5e:be:80:d0:ad:f3:d3:c1:aa:89:e6:2d:
b9:b0:20:da:df:3e:b0:27:cc:27:f4:18:8e:69:35:
fd:97:cf:5c:f1:2a:04:1e:f0:7d:1b:2c:e8:56:7a:
dc:a4:92:32:57:68:6d:e4:63:88:3e:8d:b3:bc:16:
30:0d:b8:26:89:27:af:36:4b:f0:28:64:01:8c:10:
65:b1:ff:7c:89:cd:89:b0:08:3c:96:ff:f7:b3:4c:
98:85:2a:1a:1e:25:0c:a1:e3:11:22:ac:7b:1b:aa:
67:ef:8b:47:38:fc:77:98:92:c8:e1:7b:aa:36:64:
ab:75:54:b8:52:58:55:b0:da:64:43:82:87:58:36:
84:2c:c5:d7:2d:26:15:f7:86:b1:e1:d6:a6:b2:77:
cb:91:7d:70:70:3f:3f:7a:b4:2b:f6:0c:d9:22:41:
80:a7:e2:ed:b4:57:76:ba:8c:85:74:7f:cb:89:8d:
ab:15:e6:5d:f4:db:2a:80:bd:9d:e9:9e:8d:0a:d8:
3b:ff:d7:3b:b6:db:f5:e4:43:11:23:97:06:77:b2:
a8:e9:f7:0d:f7:7b:00:6f:b4:48:39:60:ea:28:d8:
a8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1B:31:E7:43:E1:F7:FA:AB:E6:F5:2A:53:E1:A3:87:3F:13:14:4A
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/Mxsx50Ph9_qr5vUqU-Gjhz8TFEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
132.78.0.0/16
185.115.212.0/22
192.114.0.0/21
192.114.16.0/21
192.114.48.0-192.114.61.255
192.114.92.0-192.114.111.255
192.114.124.0-192.114.143.255
192.114.192.0/18
192.115.32.0/20
192.115.64.0/22
192.115.164.0-192.115.175.255
192.115.192.0/21
192.117.80.0/20
IPv6:
2001:bf8::/32
Signature Algorithm: sha256WithRSAEncryption
a5:30:a8:cb:38:20:80:c3:61:95:22:49:d5:10:06:c5:03:9e:
69:cf:8e:80:a1:d4:7f:fd:95:39:cb:65:aa:87:df:9e:e4:75:
01:ac:df:5d:c6:6b:5a:b8:ba:92:17:5d:1b:a7:f6:20:1e:16:
58:17:6c:4e:37:07:18:f5:e8:79:9a:4b:e6:57:a2:d5:2c:3f:
38:36:24:57:2f:aa:27:1e:05:60:73:0b:6d:75:2e:af:65:2c:
54:d1:bd:5d:75:a3:c8:9a:60:e1:d0:39:97:53:54:fd:eb:fa:
39:45:fb:32:65:17:fa:d8:d5:cf:40:9c:81:a9:e1:a4:2a:ba:
e0:65:12:34:0d:25:a7:22:74:cd:bf:04:b0:f1:9f:f7:b7:7e:
00:b4:76:92:29:0c:97:73:47:ac:3b:e0:16:0c:4d:14:a9:b1:
b3:36:b3:7b:d5:de:48:1a:bc:2c:30:de:06:aa:c6:00:02:02:
22:09:40:0e:19:90:1f:1d:00:6a:ac:e8:8c:7a:c3:01:5c:1a:
e1:3c:64:f0:ea:dd:b2:f2:ab:78:3b:fe:4e:56:b7:d6:21:65:
eb:1d:32:26:d9:0e:93:cc:3f:de:b6:93:62:93:70:53:f5:14:
0b:bb:36:64:b7:4a:95:90:7e:25:71:ed:cc:9b:2b:db:b6:f7:
2e:db:a1:bf
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZQj19gkCxUuvmhyCzOgBoz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjUwMTAxMjE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFiMzFlNzQzZTFmN2ZhYWJlNmY1MmE1M2UxYTM4NzNmMTMxNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupKIOMeOKoP40n2xVgaIIdGn8jjO
ohrj7n1JduN4HMdevoDQrfPTwaqJ5i25sCDa3z6wJ8wn9BiOaTX9l89c8SoEHvB9
GyzoVnrcpJIyV2ht5GOIPo2zvBYwDbgmiSevNkvwKGQBjBBlsf98ic2JsAg8lv/3
s0yYhSoaHiUMoeMRIqx7G6pn74tHOPx3mJLI4XuqNmSrdVS4UlhVsNpkQ4KHWDaE
LMXXLSYV94ax4damsnfLkX1wcD8/erQr9gzZIkGAp+LttFd2uoyFdH/LiY2rFeZd
9NsqgL2d6Z6NCtg7/9c7ttv15EMRI5cGd7Ko6fcN93sAb7RIOWDqKNioOQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFDMbMedD4ff6q+b1KlPho4c/ExRKMB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvTXhzeDUwUGg5X3FyNXZVcVUtR2poejhURkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwMAgIsD
AwCETgMEArlz1AMEA8ByAAMEA8ByEDAMAwQEwHIwAwQBwHI8MAwDBALAclwDBATA
cmAwDAMEAsByfAMEBMBygAMEBsBywAMEBMBzIAMEAsBzQDAMAwQCwHOkAwQEwHOg
AwQDwHPAAwQEwHVQMA0EAgACMAcDBQAgAQv4MA0GCSqGSIb3DQEBCwUAA4IBAQCl
MKjLOCCAw2GVIknVEAbFA55pz46AodR//ZU5y2Wqh9+e5HUBrN9dxmtauLqSF10b
p/YgHhZYF2xONwcY9eh5mkvmV6LVLD84NiRXL6onHgVgcwttdS6vZSxU0b1ddaPI
mmDh0DmXU1T96/o5RfsyZRf62NXPQJyBqeGkKrrgZRI0DSWnInTNvwSw8Z/3t34A
tHaSKQyXc0esO+AWDE0UqbGzNrN71d5IGrwsMN4GqsYAAgIiCUAOGZAfHQBqrOiM
esMBXBrhPGTw6t2y8qt4O/5OVrfWIWXrHTIm2Q6TzD/etpNik3BT9RQLuzZkt0qV
kH4lce3Mmyvbtvcu26G/
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:13:12 2025 by rpki-client