Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MPfyEzJTM3XNSczkoDIZ9II_ctE.roa
File: MPfyEzJTM3XNSczkoDIZ9II_ctE.roa (raw, json)
Hash identifier: cw5YkhZ+8yogvmdFbx/9WeFGfrL0a/C0kp7QOaRhD2w=
Subject key identifier: 30:F7:F2:13:32:53:33:75:CD:49:CC:E4:A0:32:19:F4:82:3F:72:D1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC22DEAB0E5111F077A46053DAE2BD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MPfyEzJTM3XNSczkoDIZ9II_ctE.roa
Signing time: Wed 01 Jan 2025 17:48:56 +0000
ROA not before: Wed 01 Jan 2025 17:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209963
IP address blocks: 185.147.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:22:de:ab:0e:51:11:f0:77:a4:60:53:da:e2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f7f21332533375cd49cce4a03219f4823f72d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:30:17:26:1a:64:f6:04:e9:c7:2c:8c:17:
af:90:e1:de:52:b5:54:a7:ce:b9:69:1f:e4:ff:fc:
40:5b:5f:0b:f9:38:42:64:21:56:46:a3:74:36:6f:
5b:1b:05:6e:89:0e:31:96:8e:36:9b:a8:5b:f0:48:
49:0b:0f:f8:dc:73:2f:03:77:2e:32:0e:e7:bd:21:
f4:ca:cf:b3:f7:c6:e4:88:21:80:d3:9f:47:d3:a9:
69:21:76:46:3d:d9:58:c6:6f:96:84:f7:ff:ef:d8:
69:0c:95:3c:9c:23:1e:d1:82:fd:6e:04:10:44:7b:
1f:5d:2f:83:b3:e3:6e:f9:79:9b:2d:3c:66:d3:f5:
e9:ba:84:74:8b:73:12:e0:ac:aa:5e:41:5c:4d:13:
29:7f:bb:3d:eb:f9:a7:49:eb:02:bc:c3:c0:c7:c8:
07:fc:6f:a2:f4:6c:e5:7d:ea:ea:80:32:a7:b8:c6:
95:ab:8d:c1:d9:82:4e:49:44:24:53:ac:0f:7e:80:
86:d5:ba:11:18:2a:1f:32:4f:2d:5f:07:60:30:4c:
68:db:82:e3:d8:e5:b8:db:00:a0:a6:c6:96:2a:a9:
31:bf:df:30:30:8a:a0:98:c1:54:ee:ce:c0:2f:d8:
a5:45:7a:5b:cd:15:08:40:59:87:f9:8a:b1:d9:1f:
3c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:F2:13:32:53:33:75:CD:49:CC:E4:A0:32:19:F4:82:3F:72:D1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MPfyEzJTM3XNSczkoDIZ9II_ctE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.49.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:d9:61:26:e5:42:be:ee:6e:25:9f:74:07:6a:08:4a:11:9c:
4c:43:90:9a:ae:e2:db:9d:77:59:9b:13:ea:b2:90:6c:cb:64:
fd:97:45:2c:df:d3:b3:b6:cd:c6:e2:c5:5d:74:39:29:1e:4e:
62:4f:9b:24:fd:03:27:84:bc:89:7c:cd:2f:d6:af:82:a0:b5:
d1:5e:c1:54:d0:63:af:4c:ed:96:4f:c3:7b:66:87:78:59:45:
da:6a:fc:3e:f5:c4:96:c3:06:b3:8d:5b:cc:de:6c:cd:7b:12:
56:b6:28:e7:eb:82:61:0e:0d:0c:e4:15:40:ad:6a:f8:e8:26:
35:93:29:92:cc:49:28:c9:28:82:8a:98:8b:4c:d1:eb:bf:51:
21:ab:37:27:57:a6:fe:45:e6:03:94:07:1b:7a:81:76:94:a4:
fd:99:62:d4:50:3b:cf:af:01:7c:4a:cb:07:78:64:f5:6f:b7:
86:77:1c:18:8a:a9:09:b0:1c:83:b0:74:7e:2f:5f:f2:cd:eb:
ac:4b:c9:23:a3:cc:24:cf:44:80:6d:12:e9:da:e1:f3:79:3b:
43:d0:22:58:fd:51:c6:27:d0:3d:1e:46:d2:f0:01:1a:0e:4c:
2b:6c:3e:ab:ee:49:6e:3d:92:56:dd:07:4a:b9:85:d6:95:3d:
d1:1b:a5:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/CLeqw5REfB3pGBT2uK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY3ZjIxMzMyNTMzMzc1Y2Q0OWNjZTRhMDMyMTlmNDgyM2Y3MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9UwFyYaZPYE6ccsjBevkOHeUrVU
p865aR/k//xAW18L+ThCZCFWRqN0Nm9bGwVuiQ4xlo42m6hb8EhJCw/43HMvA3cu
Mg7nvSH0ys+z98bkiCGA059H06lpIXZGPdlYxm+WhPf/79hpDJU8nCMe0YL9bgQQ
RHsfXS+Ds+Nu+XmbLTxm0/XpuoR0i3MS4KyqXkFcTRMpf7s96/mnSesCvMPAx8gH
/G+i9GzlferqgDKnuMaVq43B2YJOSUQkU6wPfoCG1boRGCofMk8tXwdgMExo24Lj
2OW42wCgpsaWKqkxv98wMIqgmMFU7s7AL9ilRXpbzRUIQFmH+Yqx2R88FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDD38hMyUzN1zUnM5KAyGfSCP3LRMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTVBmeUV6SlRNM1hOU2N6a29ESVo5SUlfY3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZMxMA0G
CSqGSIb3DQEBCwUAA4IBAQCm2WEm5UK+7m4ln3QHaghKEZxMQ5CaruLbnXdZmxPq
spBsy2T9l0Us39Ozts3G4sVddDkpHk5iT5sk/QMnhLyJfM0v1q+CoLXRXsFU0GOv
TO2WT8N7Zod4WUXaavw+9cSWwwazjVvM3mzNexJWtijn64JhDg0M5BVArWr46CY1
kymSzEkoySiCipiLTNHrv1EhqzcnV6b+ReYDlAcbeoF2lKT9mWLUUDvPrwF8SssH
eGT1b7eGdxwYiqkJsByDsHR+L1/yzeusS8kjo8wkz0SAbRLp2uHzeTtD0CJY/VHG
J9A9HkbS8AEaDkwrbD6r7kluPZJW3QdKuYXWlT3RG6Vw
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:27:34 2025 by rpki-client