Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/M9l_V1BTIeSu1ZnfNaC36Xd-xlE.roa
File: M9l_V1BTIeSu1ZnfNaC36Xd-xlE.roa (raw, json)
Hash identifier: Uw+h3nuT4dm77P0A8mV2uu33wQQ4Wt1ZQ8OlpdImPX8=
Subject key identifier: 33:D9:7F:57:50:53:21:E4:AE:D5:99:DF:35:A0:B7:E9:77:7E:C6:51
Certificate issuer: /CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Certificate serial: 0184D2DC109EAADE207DA0AE0793CB2FCFEC
Authority key identifier: CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/M9l_V1BTIeSu1ZnfNaC36Xd-xlE.roa
Signing time: Fri 02 Dec 2022 12:42:28 +0000
ROA not before: Fri 02 Dec 2022 12:42:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212598
IP address blocks: 5.42.202.0/24 maxlen: 24
194.31.64.0/24 maxlen: 24
194.31.59.0/24 maxlen: 24
194.31.79.0/24 maxlen: 24
194.31.87.0/24 maxlen: 24
2a0f:a440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:dc:10:9e:aa:de:20:7d:a0:ae:07:93:cb:2f:cf:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf10ad912ef942aacb4d10add39903c6e9fbb03a
Validity
Not Before: Dec 2 12:42:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33d97f57505321e4aed599df35a0b7e9777ec651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:f3:a0:da:fd:51:44:84:74:06:c5:dc:43:
4b:51:b7:da:3d:8e:90:d4:63:d1:10:d3:0a:35:2c:
da:c3:21:36:0b:32:30:69:6d:13:e8:ba:ed:2e:e5:
a9:e5:d1:12:33:a0:83:06:fc:6a:5a:7c:9a:70:72:
5d:60:47:42:17:0c:54:48:70:a9:ac:fd:2e:35:be:
40:4d:e8:57:44:be:b1:27:10:73:bc:46:d5:3b:e8:
c5:ab:31:44:47:b3:b5:ae:cc:d3:9e:a7:3f:03:a6:
fc:30:a3:55:73:09:94:52:f6:01:ab:d4:f3:de:9b:
14:2d:ae:b8:7c:5d:d0:81:7b:86:83:0a:8d:eb:3b:
a4:bb:7a:9b:94:79:b9:9f:9e:6d:3e:bb:28:50:5f:
dd:32:97:2b:45:72:be:70:8a:e3:56:19:21:3c:ac:
c6:25:04:ed:8d:95:f7:f7:ff:88:c1:45:a0:8f:eb:
e3:a9:45:31:e1:ba:f1:96:58:e2:5c:9c:8a:b5:69:
da:ff:51:c9:a6:a1:64:45:eb:3b:15:3a:8b:9f:8c:
62:a8:b5:ed:39:b4:ca:ac:8a:48:09:ce:d6:59:5e:
e1:6c:b1:d6:a7:be:ac:67:6e:54:d9:30:52:9e:fa:
c9:c0:1e:dc:89:81:91:9c:68:81:f5:51:b3:32:2b:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D9:7F:57:50:53:21:E4:AE:D5:99:DF:35:A0:B7:E9:77:7E:C6:51
X509v3 Authority Key Identifier:
keyid:CF:10:AD:91:2E:F9:42:AA:CB:4D:10:AD:D3:99:03:C6:E9:FB:B0:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxCtkS75QqrLTRCt05kDxun7sDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/M9l_V1BTIeSu1ZnfNaC36Xd-xlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/161b52-24f2-4535-8382-e7fe9c47660f/1/zxCtkS75QqrLTRCt05kDxun7sDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.202.0/24
194.31.59.0/24
194.31.64.0/24
194.31.79.0/24
194.31.87.0/24
IPv6:
2a0f:a440::/29
Signature Algorithm: sha256WithRSAEncryption
16:f9:68:61:c2:8e:9d:88:e9:90:5b:15:2b:54:3a:41:45:61:
95:36:4b:3b:45:2e:55:99:a5:33:2c:df:e4:83:31:3b:e1:7f:
bf:e6:a2:ae:96:ab:94:ab:6d:fa:6c:41:52:46:9c:db:31:da:
91:ad:1a:be:a1:24:f2:f6:b7:13:e3:a0:b4:b0:1b:62:e8:c8:
6b:3f:a8:e4:58:63:e5:88:bf:c1:8b:39:5f:ab:90:a5:a0:2f:
b7:55:20:63:fa:63:c1:93:85:9c:47:9d:72:f7:22:7d:9f:10:
90:c1:b0:4f:d7:3a:11:85:2a:a6:f3:6a:26:62:22:f0:05:41:
ba:7a:03:1c:12:8f:c4:36:22:10:2b:ae:9a:05:91:dd:69:3e:
28:8f:72:0b:b4:b3:9b:7c:a4:d2:47:5a:e8:d7:d8:bf:26:f4:
18:99:3d:73:76:89:b7:49:02:17:f2:82:1b:a5:e3:f6:18:cd:
5e:69:c5:9d:68:10:9b:37:ae:4d:98:8b:1b:a0:8c:b2:64:40:
ba:fa:5d:02:cc:68:8b:6c:44:4b:a4:c6:2f:5f:e3:76:fc:76:
5b:1e:5e:e4:94:6b:ee:a9:da:e4:4e:10:3e:71:28:08:e6:6a:
9e:26:b8:d7:c0:78:c6:be:84:8f:67:cd:4f:11:6f:5b:1c:da:
01:c4:77:ae
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYTS3BCeqt4gfaCuB5PLL8/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTBhZDkxMmVmOTQyYWFjYjRkMTBhZGQzOTkwM2M2ZTlm
YmIwM2EwHhcNMjIxMjAyMTI0MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q5N2Y1NzUwNTMyMWU0YWVkNTk5ZGYzNWEwYjdlOTc3N2VjNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJvzoNr9UUSEdAbF3ENLUbfaPY6Q
1GPRENMKNSzawyE2CzIwaW0T6LrtLuWp5dESM6CDBvxqWnyacHJdYEdCFwxUSHCp
rP0uNb5ATehXRL6xJxBzvEbVO+jFqzFER7O1rszTnqc/A6b8MKNVcwmUUvYBq9Tz
3psULa64fF3QgXuGgwqN6zuku3qblHm5n55tPrsoUF/dMpcrRXK+cIrjVhkhPKzG
JQTtjZX39/+IwUWgj+vjqUUx4brxlljiXJyKtWna/1HJpqFkRes7FTqLn4xiqLXt
ObTKrIpICc7WWV7hbLHWp76sZ25U2TBSnvrJwB7ciYGRnGiB9VGzMiv51QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDPZf1dQUyHkrtWZ3zWgt+l3fsZRMB8GA1UdIwQY
MBaAFM8QrZEu+UKqy00QrdOZA8bp+7A6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhDdGtTNzVRcXJMVFJDdDA1a0R4dW43c0RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNjFiNTItMjRmMi00NTM1LTgzODIt
ZTdmZTljNDc2NjBmLzEvTTlsX1YxQlRJZVN1MVpuZk5hQzM2WGQteGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNjFiNTItMjRmMi00NTM1LTgzODItZTdmZTljNDc2NjBm
LzEvenhDdGtTNzVRcXJMVFJDdDA1a0R4dW43c0RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQABSrKAwQA
wh87AwQAwh9AAwQAwh9PAwQAwh9XMA0EAgACMAcDBQMqD6RAMA0GCSqGSIb3DQEB
CwUAA4IBAQAW+Whhwo6diOmQWxUrVDpBRWGVNks7RS5VmaUzLN/kgzE74X+/5qKu
lquUq236bEFSRpzbMdqRrRq+oSTy9rcT46C0sBti6MhrP6jkWGPliL/Bizlfq5Cl
oC+3VSBj+mPBk4WcR51y9yJ9nxCQwbBP1zoRhSqm82omYiLwBUG6egMcEo/ENiIQ
K66aBZHdaT4oj3ILtLObfKTSR1ro19i/JvQYmT1zdom3SQIX8oIbpeP2GM1eacWd
aBCbN65NmIsboIyyZEC6+l0CzGiLbERLpMYvX+N2/HZbHl7klGvuqdrkThA+cSgI
5mqeJrjXwHjGvoSPZ81PEW9bHNoBxHeu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:37 2025 by rpki-client