Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/mdzOjm97CLLzPCbjlPobKIT1pLw.roa
File: mdzOjm97CLLzPCbjlPobKIT1pLw.roa (raw, json)
Hash identifier: t6RlQNOZ4r0YZ3Um/Nvgu1T4czU0EwLc7Ga8Lg+Wxu4=
Subject key identifier: 99:DC:CE:8E:6F:7B:08:B2:F3:3C:26:E3:94:FA:1B:28:84:F5:A4:BC
Certificate issuer: /CN=c3bd26fe2295e462be2678533efa531e23b7f102
Certificate serial: 01941F8C7822F6C5B36F9726A15FB1873173
Authority key identifier: C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/mdzOjm97CLLzPCbjlPobKIT1pLw.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57773
IP address blocks: 85.208.80.0/22 maxlen: 22
91.208.188.0/24 maxlen: 24
171.22.68.0/22 maxlen: 22
185.141.112.0/22 maxlen: 22
185.205.48.0/22 maxlen: 22
185.205.48.0/23 maxlen: 23
185.205.50.0/23 maxlen: 23
194.33.80.0/24 maxlen: 24
2a09:3b40::/29 maxlen: 29
2a0b:140::/29 maxlen: 29
2a0b:143::/48 maxlen: 48
2a0b:145::/43 maxlen: 43
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:78:22:f6:c5:b3:6f:97:26:a1:5f:b1:87:31:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3bd26fe2295e462be2678533efa531e23b7f102
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99dcce8e6f7b08b2f33c26e394fa1b2884f5a4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:30:9b:c4:ef:8d:d8:5f:2f:52:6f:85:8f:cc:
94:73:cb:5c:ee:3f:82:c1:4b:93:ba:41:ca:4c:ee:
8b:df:13:20:c1:30:61:c0:f3:e3:a9:ae:70:54:6b:
18:03:81:33:45:85:c8:08:3b:dc:c8:58:90:61:22:
8b:3d:0d:38:98:26:3b:d8:77:0a:a2:46:67:e0:83:
2c:f9:29:7b:23:ba:f6:e1:e5:02:6f:08:dc:b0:2f:
65:40:a3:bd:50:cc:fc:ac:06:45:aa:12:ea:9a:ea:
1e:f0:5c:84:be:25:9f:0f:37:91:e6:42:e5:7f:28:
66:02:53:73:ba:cc:b8:a9:86:60:0b:b2:b7:d9:01:
e9:1f:2a:0d:bd:e3:96:76:c8:07:c6:39:b7:1c:ff:
e4:76:0f:e0:62:a9:07:6c:92:e4:ce:11:8d:a9:b0:
87:ae:fe:19:73:e3:bc:8b:30:b9:68:8e:76:45:09:
31:23:88:25:2c:79:a7:26:ac:04:7a:1f:81:f0:7e:
c6:d9:9c:f2:73:0d:d7:da:b0:e5:b7:f9:3e:29:01:
ec:e8:bc:bf:88:e4:4a:43:69:d0:2d:61:44:b6:4a:
3d:af:3f:4a:62:c0:0e:fe:36:cc:f4:a7:91:b8:fc:
a6:af:1e:f2:d8:0d:40:36:ed:5e:6c:af:c2:3a:78:
21:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DC:CE:8E:6F:7B:08:B2:F3:3C:26:E3:94:FA:1B:28:84:F5:A4:BC
X509v3 Authority Key Identifier:
keyid:C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/mdzOjm97CLLzPCbjlPobKIT1pLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.80.0/22
91.208.188.0/24
171.22.68.0/22
185.141.112.0/22
185.205.48.0/22
194.33.80.0/24
IPv6:
2a09:3b40::/29
2a0b:140::/29
Signature Algorithm: sha256WithRSAEncryption
3f:d6:7e:e0:5c:d5:ae:d4:33:1a:41:dd:e9:fa:1f:e3:4b:64:
95:ff:27:78:21:a3:e6:52:02:a9:3a:54:73:aa:a2:1c:f6:49:
ee:1f:2e:b5:12:a2:8a:41:c4:9b:08:ad:0a:a3:16:36:d7:7d:
16:e1:12:de:1f:dc:7e:d1:6b:37:f4:ae:0e:2a:95:2b:2d:be:
6f:b3:b9:2a:76:ff:64:93:b4:a1:2f:23:08:c6:97:50:98:8f:
ed:9a:e5:e7:b4:87:12:92:68:0c:1f:e4:e4:7c:ed:88:db:62:
c1:a8:4c:f2:6d:72:22:b5:10:af:52:8e:75:0a:20:46:08:f2:
cd:be:98:be:05:68:6d:7a:6c:53:af:5d:88:25:dc:1a:4f:6e:
9e:e0:16:f1:83:a0:64:73:d8:65:ed:79:95:3a:a1:b0:36:c8:
88:7c:d8:f5:f6:c6:fd:34:6d:f2:02:e8:de:ca:42:17:54:f6:
9b:ff:e0:73:76:72:74:8b:e9:2a:3d:06:67:23:5a:1c:b0:e0:
4d:d0:8c:30:7f:2f:c3:7e:7a:29:db:19:12:d6:ed:76:35:22:
9f:97:b6:a5:2e:7f:a1:de:83:3b:4e:3f:55:15:22:58:bd:54:
9a:7a:f4:1d:7b:47:6a:c1:36:28:54:83:42:68:51:ff:5b:1e:
e4:59:e6:db
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQfjHgi9sWzb5cmoV+xhzFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYmQyNmZlMjI5NWU0NjJiZTI2Nzg1MzNlZmE1MzFlMjNi
N2YxMDIwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWRjY2U4ZTZmN2IwOGIyZjMzYzI2ZTM5NGZhMWIyODg0ZjVhNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TCbxO+N2F8vUm+Fj8yUc8tc7j+C
wUuTukHKTO6L3xMgwTBhwPPjqa5wVGsYA4EzRYXICDvcyFiQYSKLPQ04mCY72HcK
okZn4IMs+Sl7I7r24eUCbwjcsC9lQKO9UMz8rAZFqhLqmuoe8FyEviWfDzeR5kLl
fyhmAlNzusy4qYZgC7K32QHpHyoNveOWdsgHxjm3HP/kdg/gYqkHbJLkzhGNqbCH
rv4Zc+O8izC5aI52RQkxI4glLHmnJqwEeh+B8H7G2Zzycw3X2rDlt/k+KQHs6Ly/
iORKQ2nQLWFEtko9rz9KYsAO/jbM9KeRuPymrx7y2A1ANu1ebK/COnghyQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJnczo5vewiy8zwm45T6GyiE9aS8MB8GA1UdIwQY
MBaAFMO9Jv4ileRiviZ4Uz76Ux4jt/ECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgt
OGJkOTc2OTEwZGJmLzEvbWR6T2ptOTdDTEx6UENiamxQb2JLSVQxcEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgtOGJkOTc2OTEwZGJm
LzEvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCVdBQAwQA
W9C8AwQCqxZEAwQCuY1wAwQCuc0wAwQAwiFQMBQEAgACMA4DBQMqCTtAAwUDKgsB
QDANBgkqhkiG9w0BAQsFAAOCAQEAP9Z+4FzVrtQzGkHd6fof40tklf8neCGj5lIC
qTpUc6qiHPZJ7h8utRKiikHEmwitCqMWNtd9FuES3h/cftFrN/SuDiqVKy2+b7O5
Knb/ZJO0oS8jCMaXUJiP7Zrl57SHEpJoDB/k5HztiNtiwahM8m1yIrUQr1KOdQog
Rgjyzb6YvgVobXpsU69diCXcGk9unuAW8YOgZHPYZe15lTqhsDbIiHzY9fbG/TRt
8gLo3spCF1T2m//gc3ZydIvpKj0GZyNaHLDgTdCMMH8vw356KdsZEtbtdjUin5e2
pS5/od6DO04/VRUiWL1Umnr0HXtHasE2KFSDQmhR/1se5Fnm2w==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:53 2025 by rpki-client