Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/MRrAWq-I0vVCKgObnQhuSXPvtLM.roa
File: MRrAWq-I0vVCKgObnQhuSXPvtLM.roa (raw, json)
Hash identifier: zyqn3QM/uq6ohZb9pIdpUM37qu9d2bs4U74Wl/jQtvU=
Subject key identifier: 31:1A:C0:5A:AF:88:D2:F5:42:2A:03:9B:9D:08:6E:49:73:EF:B4:B3
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0187BEB146E05384CE60BFD1D0CBA4580242
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/MRrAWq-I0vVCKgObnQhuSXPvtLM.roa
Signing time: Wed 26 Apr 2023 17:51:41 +0000
ROA not before: Wed 26 Apr 2023 17:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12541
IP address blocks: 185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
2001:ac0:30fd::/48 maxlen: 48
2001:ac0:c880::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c040::/44 maxlen: 44
2001:ac0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:b1:46:e0:53:84:ce:60:bf:d1:d0:cb:a4:58:02:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Apr 26 17:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=311ac05aaf88d2f5422a039b9d086e4973efb4b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:72:bd:5d:56:4b:a3:63:f2:2b:a4:ac:26:3d:
70:6c:ac:47:e1:15:be:5c:45:0e:6b:43:55:4e:0e:
5c:3d:21:4c:d5:61:ae:52:4c:33:11:7b:a1:2c:67:
2a:c0:63:b1:b6:fb:bf:56:5c:9b:b3:7a:39:53:c7:
c4:f1:82:aa:f0:3f:0c:22:a1:e4:c4:59:60:f8:08:
b4:11:5c:31:ed:3e:5d:9d:0d:e0:f4:fd:f9:23:46:
ac:ba:5f:8e:4c:bd:47:a8:bf:98:2e:0e:e4:29:ec:
82:09:07:72:9d:cb:22:54:e5:31:5e:09:39:36:50:
7c:41:46:86:00:13:30:73:b7:db:27:b6:09:7d:05:
c8:1c:e1:6d:1e:50:36:47:c0:e0:ce:2a:50:da:8f:
61:e1:2a:8f:d8:3e:56:e8:f7:e3:6b:84:32:b2:ce:
f9:b6:3c:26:9a:9c:e0:1d:f0:72:81:e7:9c:f8:50:
ea:ef:2d:e2:cd:27:af:cd:5d:b4:de:4e:26:00:de:
cd:7d:8e:5e:37:cc:1d:09:fb:2e:42:45:da:dc:23:
35:d0:04:ea:91:47:40:aa:4d:87:bb:82:60:3a:ba:
37:5f:57:e5:0c:ba:6f:99:9f:5a:26:c5:21:ad:d7:
25:d6:b0:be:8f:62:c5:d3:ee:84:51:d5:95:b9:d5:
72:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1A:C0:5A:AF:88:D2:F5:42:2A:03:9B:9D:08:6E:49:73:EF:B4:B3
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/MRrAWq-I0vVCKgObnQhuSXPvtLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.60.0/22
IPv6:
2001:ac0::/32
Signature Algorithm: sha256WithRSAEncryption
72:37:da:27:a4:d0:3a:f0:46:46:59:09:f7:9d:12:93:60:ae:
a4:92:9b:6b:d0:eb:5c:b0:28:47:46:10:38:ef:d6:5c:56:09:
6c:17:c2:06:76:7b:32:dc:36:60:08:04:0b:77:81:ca:e2:12:
27:16:d6:37:f3:8b:30:94:cb:66:44:fb:56:90:19:f3:da:dc:
80:bf:c0:87:68:af:d1:7b:8a:52:71:c7:81:d4:02:60:e7:2e:
f1:d3:cc:8f:ad:16:0c:c0:3d:c9:dc:b1:26:c6:7c:47:cb:08:
13:99:08:b8:be:16:a8:c1:d1:af:fb:1f:5f:dd:a0:9a:80:18:
1f:86:81:61:b5:80:b9:0a:c1:ca:a2:ab:45:86:a8:44:66:4b:
b0:33:68:09:11:c3:e9:ae:10:75:7e:a5:e2:16:62:e7:61:0f:
c0:73:56:00:4b:21:b2:1a:05:6f:86:a5:a0:40:05:4c:6d:8e:
d3:74:00:80:48:27:d9:7a:56:e8:7c:8d:a4:0b:df:41:33:a9:
a0:d6:04:0a:a9:51:f7:89:62:c7:3e:b6:41:5e:b3:2a:45:9c:
e1:45:95:32:c8:40:55:70:f1:22:aa:77:a5:89:89:6c:80:80:
0d:a4:80:f3:7a:3d:6e:b7:2b:b5:15:d2:4d:32:32:24:53:d3:
c3:a5:e9:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYe+sUbgU4TOYL/R0MukWAJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI2MTc1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTFhYzA1YWFmODhkMmY1NDIyYTAzOWI5ZDA4NmU0OTczZWZiNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXK9XVZLo2PyK6SsJj1wbKxH4RW+
XEUOa0NVTg5cPSFM1WGuUkwzEXuhLGcqwGOxtvu/Vlybs3o5U8fE8YKq8D8MIqHk
xFlg+Ai0EVwx7T5dnQ3g9P35I0asul+OTL1HqL+YLg7kKeyCCQdyncsiVOUxXgk5
NlB8QUaGABMwc7fbJ7YJfQXIHOFtHlA2R8DgzipQ2o9h4SqP2D5W6Pfja4Qyss75
tjwmmpzgHfBygeec+FDq7y3izSevzV203k4mAN7NfY5eN8wdCfsuQkXa3CM10ATq
kUdAqk2Hu4JgOro3X1flDLpvmZ9aJsUhrdcl1rC+j2LF0+6EUdWVudVyWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDEawFqviNL1QioDm50Ibklz77SzMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvTVJyQVdxLUkwdlZDS2dPYm5RaHVTWFB2dExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUI8MA0E
AgACMAcDBQAgAQrAMA0GCSqGSIb3DQEBCwUAA4IBAQByN9onpNA68EZGWQn3nRKT
YK6kkptr0OtcsChHRhA479ZcVglsF8IGdnsy3DZgCAQLd4HK4hInFtY384swlMtm
RPtWkBnz2tyAv8CHaK/Re4pScceB1AJg5y7x08yPrRYMwD3J3LEmxnxHywgTmQi4
vhaowdGv+x9f3aCagBgfhoFhtYC5CsHKoqtFhqhEZkuwM2gJEcPprhB1fqXiFmLn
YQ/Ac1YASyGyGgVvhqWgQAVMbY7TdACASCfZelbofI2kC99BM6mg1gQKqVH3iWLH
PrZBXrMqRZzhRZUyyEBVcPEiqneliYlsgIANpIDzej1utyu1FdJNMjIkU9PDpelq
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:10:22 2025 by rpki-client