Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/MNKeFca4-kxmXtkkyy7NOciyHjk.roa
File: MNKeFca4-kxmXtkkyy7NOciyHjk.roa (raw, json)
Hash identifier: NTdBlyCTpOupRCQTaYwvxQWGdZ5TBGVv5g4/xjugNlk=
Subject key identifier: 30:D2:9E:15:C6:B8:FA:4C:66:5E:D9:24:CB:2E:CD:39:C8:B2:1E:39
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01942445212B913A1DF6F50C3D9AB7F9C3A1
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/MNKeFca4-kxmXtkkyy7NOciyHjk.roa
Signing time: Wed 01 Jan 2025 23:48:17 +0000
ROA not before: Wed 01 Jan 2025 23:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51659
IP address blocks: 45.129.2.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:21:2b:91:3a:1d:f6:f5:0c:3d:9a:b7:f9:c3:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30d29e15c6b8fa4c665ed924cb2ecd39c8b21e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d6:fe:41:4d:8f:74:65:f4:ce:3b:81:15:3f:
53:78:80:8a:20:95:43:af:37:50:a0:af:fc:a3:6e:
09:8c:61:65:1b:62:59:4e:55:dc:11:d4:80:4e:64:
df:fe:e1:06:18:4b:70:1a:f9:b4:35:72:75:88:ed:
db:97:92:35:c9:68:dd:bd:33:68:6b:87:2a:32:a8:
77:29:17:24:9c:de:de:64:7c:a7:c2:2b:e8:77:73:
97:15:d2:ce:1b:ff:27:6a:95:4c:5a:da:4b:53:65:
b6:97:d3:01:ec:49:28:f0:f5:54:38:01:27:3d:89:
35:6f:49:ad:79:d3:7b:37:0c:f6:00:31:0c:3c:63:
b7:82:52:e9:c6:88:66:e9:c1:53:ab:a5:a5:98:fc:
c1:d9:50:ab:e6:40:0d:ba:e9:b0:4a:23:c3:1f:17:
3c:a1:56:7a:57:37:ba:94:15:46:c2:44:3b:a1:e5:
d6:64:17:7e:71:bd:f5:93:c3:db:bc:0d:b8:32:32:
a2:eb:d8:ff:42:0c:df:8f:b0:fb:d7:60:41:64:9c:
d1:0e:b6:be:f1:20:c5:f3:a6:21:af:f1:80:56:7a:
dc:3f:df:1b:c8:73:5e:32:ee:54:38:11:a6:c9:13:
70:60:5b:b4:15:20:75:6a:11:1a:c3:7a:8e:58:08:
8b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D2:9E:15:C6:B8:FA:4C:66:5E:D9:24:CB:2E:CD:39:C8:B2:1E:39
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/MNKeFca4-kxmXtkkyy7NOciyHjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.2.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:b5:17:93:96:ef:19:18:85:68:6b:12:b5:6e:9a:4f:90:5a:
24:25:c2:79:d8:03:1d:ba:4c:70:3d:71:82:c5:4d:69:53:d8:
1d:bd:b9:d6:09:7c:08:1a:5d:a7:89:96:ed:cc:8c:10:62:fa:
00:75:14:a4:db:99:0c:27:df:0e:9e:f1:24:9a:37:f3:ee:68:
76:2f:7c:72:5d:a6:13:18:35:d4:36:2b:85:78:8e:5c:09:bc:
28:de:ca:e6:28:1e:3f:b4:4c:6e:a7:ea:05:6c:d7:fb:94:f2:
86:d4:10:3d:a0:8e:29:a6:92:6e:29:5b:f1:12:9e:cc:81:e3:
c0:d4:fb:f0:ef:ea:e2:32:ca:30:00:04:3d:f7:90:5d:e0:3e:
16:b2:37:14:84:f5:96:44:09:a9:e7:fe:8e:74:a6:c6:3e:c4:
71:26:d6:5c:d7:3a:00:d4:4b:fd:64:41:80:05:8a:cf:df:99:
71:bc:cf:d4:62:fb:ee:8d:0f:ad:e2:f1:37:97:7a:63:dd:57:
3d:9e:05:a7:2e:f4:e7:4b:76:47:2d:42:cd:81:92:01:b7:34:
fd:71:66:67:70:43:ea:f1:0a:fa:b2:85:5a:54:10:6e:d9:71:
fc:04:cb:b6:42:94:44:eb:af:8f:79:41:60:c9:13:bb:4e:32:
47:da:61:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRSErkTod9vUMPZq3+cOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQyOWUxNWM2YjhmYTRjNjY1ZWQ5MjRjYjJlY2QzOWM4YjIxZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9b+QU2PdGX0zjuBFT9TeICKIJVD
rzdQoK/8o24JjGFlG2JZTlXcEdSATmTf/uEGGEtwGvm0NXJ1iO3bl5I1yWjdvTNo
a4cqMqh3KRcknN7eZHynwivod3OXFdLOG/8napVMWtpLU2W2l9MB7Eko8PVUOAEn
PYk1b0mtedN7Nwz2ADEMPGO3glLpxohm6cFTq6WlmPzB2VCr5kANuumwSiPDHxc8
oVZ6Vze6lBVGwkQ7oeXWZBd+cb31k8PbvA24MjKi69j/Qgzfj7D712BBZJzRDra+
8SDF86Yhr/GAVnrcP98byHNeMu5UOBGmyRNwYFu0FSB1ahEaw3qOWAiLTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDSnhXGuPpMZl7ZJMsuzTnIsh45MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvTU5LZUZjYTQta3htWHRra3l5N05PY2l5SGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYECMA0G
CSqGSIb3DQEBCwUAA4IBAQCatReTlu8ZGIVoaxK1bppPkFokJcJ52AMdukxwPXGC
xU1pU9gdvbnWCXwIGl2niZbtzIwQYvoAdRSk25kMJ98OnvEkmjfz7mh2L3xyXaYT
GDXUNiuFeI5cCbwo3srmKB4/tExup+oFbNf7lPKG1BA9oI4pppJuKVvxEp7MgePA
1Pvw7+riMsowAAQ995Bd4D4WsjcUhPWWRAmp5/6OdKbGPsRxJtZc1zoA1Ev9ZEGA
BYrP35lxvM/UYvvujQ+t4vE3l3pj3Vc9ngWnLvTnS3ZHLULNgZIBtzT9cWZncEPq
8Qr6soVaVBBu2XH8BMu2QpRE66+PeUFgyRO7TjJH2mGF
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:37:53 2025 by rpki-client