Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/MhHg4JFChvahbVNUw3bJFSkkmEg.roa
File: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (raw, json)
Hash identifier: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=
Subject key identifier: 32:11:E0:E0:91:42:86:F6:A1:6D:53:54:C3:76:C9:15:29:24:98:48
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 0194266BD331069FEA51C068BF1EDFD3F18C
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/MhHg4JFChvahbVNUw3bJFSkkmEg.roa
Signing time: Thu 02 Jan 2025 09:49:47 +0000
ROA not before: Thu 02 Jan 2025 09:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206288
IP address blocks: 185.178.180.0/22 maxlen: 22
2a0a:6780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d3:31:06:9f:ea:51:c0:68:bf:1e:df:d3:f1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Jan 2 09:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3211e0e0914286f6a16d5354c376c91529249848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:50:e1:dc:77:43:7f:88:fb:c6:83:66:d9:65:
90:65:75:9d:99:ee:28:24:7b:1d:5b:19:88:3b:89:
e4:32:38:72:c1:d0:3a:10:87:a9:d7:dc:48:c2:89:
8b:14:08:a8:53:b1:7e:05:f5:e8:dd:ad:63:39:29:
86:4b:67:02:31:1d:99:cd:27:aa:be:eb:1e:55:f6:
75:9b:65:3f:20:60:23:bd:fa:34:5f:1b:6a:b8:65:
97:a1:92:01:9b:b6:9a:cf:a3:06:43:fc:4f:20:45:
f8:67:09:71:e8:e0:b3:5f:ba:3e:19:c8:90:c4:72:
4c:af:0d:9e:a2:40:bd:ef:2b:f4:f1:75:27:64:d0:
fd:ef:85:53:b2:82:fb:77:65:e6:54:0c:66:7e:4f:
3c:3c:01:c6:6a:d7:99:79:e8:2e:8c:62:b6:5a:9f:
e9:93:a1:69:7e:5a:c6:21:fa:7c:c6:87:30:6a:fd:
ea:96:fe:97:19:4f:33:10:82:44:23:9a:12:a0:23:
05:a1:df:b2:11:5a:5e:66:13:9e:74:d7:6b:57:2f:
72:4f:34:08:59:83:b8:16:04:d7:a4:7e:a1:ff:8d:
c6:95:a8:c6:47:95:c2:ad:26:db:da:96:3c:95:75:
d7:04:d2:04:01:17:2c:8d:77:b7:02:34:7a:bc:92:
83:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:11:E0:E0:91:42:86:F6:A1:6D:53:54:C3:76:C9:15:29:24:98:48
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/MhHg4JFChvahbVNUw3bJFSkkmEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.180.0/22
IPv6:
2a0a:6780::/29
Signature Algorithm: sha256WithRSAEncryption
33:0c:38:fd:11:76:f3:97:3f:a4:30:b6:6c:bd:65:37:a4:22:
7b:d6:38:12:fc:30:91:36:b9:3a:9d:ad:bb:bb:ed:30:8d:ee:
bf:51:c8:51:45:b8:3d:cb:5c:84:1d:66:a0:43:eb:13:91:b4:
81:42:fe:ca:a9:48:1b:2f:e0:28:c7:e8:99:2d:d6:5e:ad:fa:
4c:5c:7c:6f:ea:20:fb:3b:76:f7:de:25:af:13:fe:26:60:0c:
11:ad:22:0a:06:02:38:7c:5f:8a:b2:8d:f7:5d:b7:51:e9:87:
1e:ce:4e:fd:9f:cd:21:f7:c9:cf:9d:cd:9b:30:7d:62:50:73:
fa:2a:3e:ad:6c:c9:52:bf:e3:f2:71:3c:b3:29:37:b8:6a:90:
36:49:63:4e:1e:19:e2:63:c2:82:46:2f:28:07:03:d9:f0:5e:
12:c4:1b:ed:05:4b:6e:7a:3d:6d:70:b2:42:0f:6a:d8:60:ad:
f2:70:5e:ff:0b:5a:51:2a:b4:6e:27:b6:86:1a:a4:10:74:cf:
c2:c8:0c:f3:63:ba:05:c4:59:05:24:b8:21:87:51:d2:04:2a:
bc:49:3e:9c:97:af:47:36:9f:f0:bb:5a:ec:84:21:77:9f:a7:
8c:8f:09:c8:8f:24:2d:f7:d5:80:bb:10:63:0a:35:e6:e4:60:
92:dc:cf:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma9MxBp/qUcBovx7f0/GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjUwMTAyMDk0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjExZTBlMDkxNDI4NmY2YTE2ZDUzNTRjMzc2YzkxNTI5MjQ5ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlDh3HdDf4j7xoNm2WWQZXWdme4o
JHsdWxmIO4nkMjhywdA6EIep19xIwomLFAioU7F+BfXo3a1jOSmGS2cCMR2ZzSeq
vuseVfZ1m2U/IGAjvfo0XxtquGWXoZIBm7aaz6MGQ/xPIEX4Zwlx6OCzX7o+GciQ
xHJMrw2eokC97yv08XUnZND974VTsoL7d2XmVAxmfk88PAHGateZeegujGK2Wp/p
k6FpflrGIfp8xocwav3qlv6XGU8zEIJEI5oSoCMFod+yEVpeZhOedNdrVy9yTzQI
WYO4FgTXpH6h/43GlajGR5XCrSbb2pY8lXXXBNIEARcsjXe3AjR6vJKDqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDIR4OCRQob2oW1TVMN2yRUpJJhIMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvTWhIZzRKRkNodmFoYlZOVXczYkpGU2trbUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubK0MA0E
AgACMAcDBQMqCmeAMA0GCSqGSIb3DQEBCwUAA4IBAQAzDDj9EXbzlz+kMLZsvWU3
pCJ71jgS/DCRNrk6na27u+0wje6/UchRRbg9y1yEHWagQ+sTkbSBQv7KqUgbL+Ao
x+iZLdZerfpMXHxv6iD7O3b33iWvE/4mYAwRrSIKBgI4fF+Kso33XbdR6Ycezk79
n80h98nPnc2bMH1iUHP6Kj6tbMlSv+PycTyzKTe4apA2SWNOHhniY8KCRi8oBwPZ
8F4SxBvtBUtuej1tcLJCD2rYYK3ycF7/C1pRKrRuJ7aGGqQQdM/CyAzzY7oFxFkF
JLghh1HSBCq8ST6cl69HNp/wu1rshCF3n6eMjwnIjyQt99WAuxBjCjXm5GCS3M/U
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:10 2025 by rpki-client