Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/MHA27ceZEUOwLDRSg61cuSJh9DI.roa
File: MHA27ceZEUOwLDRSg61cuSJh9DI.roa (raw, json)
Hash identifier: YErgy5K2y0ejiLK+ZYhKV1YexGDAm167ASa4wcdVyWo=
Subject key identifier: 30:70:36:ED:C7:99:11:43:B0:2C:34:52:83:AD:5C:B9:22:61:F4:32
Certificate issuer: /CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Certificate serial: 11508E87
Authority key identifier: 81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/MHA27ceZEUOwLDRSg61cuSJh9DI.roa
Signing time: Wed 16 Feb 2022 09:54:00 +0000
ROA not before: Wed 16 Feb 2022 09:54:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 95.131.166.0/24 maxlen: 24
95.131.165.0/24 maxlen: 24
95.131.164.0/24 maxlen: 24
95.131.163.0/24 maxlen: 24
95.131.162.0/24 maxlen: 24
95.131.160.0/21 maxlen: 21
95.131.161.0/24 maxlen: 24
95.131.167.0/24 maxlen: 24
185.127.145.0/24 maxlen: 24
185.127.144.0/22 maxlen: 22
185.127.144.0/24 maxlen: 24
83.142.244.0/24 maxlen: 24
83.142.243.0/24 maxlen: 24
83.142.242.0/24 maxlen: 24
83.142.240.0/21 maxlen: 21
83.142.241.0/24 maxlen: 24
83.142.246.0/24 maxlen: 24
83.142.245.0/24 maxlen: 24
83.142.247.0/24 maxlen: 24
185.127.147.0/24 maxlen: 24
185.127.146.0/24 maxlen: 24
83.142.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290492039 (0x11508e87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Validity
Not Before: Feb 16 09:54:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=307036edc7991143b02c345283ad5cb92261f432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:5b:d1:03:d2:cb:48:f4:9b:61:1c:4b:48:
aa:c9:68:a7:80:ab:c4:da:39:8b:8e:a6:51:4b:a9:
6b:97:b9:2c:a7:b5:be:9d:c3:86:ea:7f:ff:38:5d:
d4:9c:41:15:b4:c2:5f:76:6f:bd:27:88:06:76:bf:
15:32:a2:31:e3:48:a0:2c:ea:9d:a1:f1:8e:70:6f:
5e:91:eb:5b:00:40:42:66:b5:ce:0a:10:29:f2:77:
e1:d5:eb:72:6e:36:aa:ba:f3:9e:d0:d2:da:a5:39:
5a:39:34:05:95:09:83:f3:24:a8:a9:fa:4c:8f:a5:
92:29:9f:54:82:49:3e:b9:15:f7:7a:ef:11:4c:84:
c6:fa:37:76:75:07:e8:a6:8e:7b:8a:04:28:11:6c:
8c:54:73:e1:53:ec:ed:40:0b:29:b7:2b:27:93:7d:
eb:93:d3:30:a0:69:4b:97:b1:dd:c0:90:31:30:fe:
29:a8:7f:97:48:22:5f:ad:77:fa:8a:b6:ea:7f:32:
93:5d:0c:9c:67:d4:dd:2b:38:34:ee:59:2c:9f:fe:
02:6b:4c:99:6d:50:d9:ff:bf:51:c9:65:76:f1:27:
e6:49:a4:77:f3:a7:0b:6c:7a:06:34:3a:62:10:22:
5b:5e:d0:62:51:43:e8:cf:e6:d8:22:c1:cd:ae:54:
65:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:70:36:ED:C7:99:11:43:B0:2C:34:52:83:AD:5C:B9:22:61:F4:32
X509v3 Authority Key Identifier:
keyid:81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/MHA27ceZEUOwLDRSg61cuSJh9DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/gQLT4NXyHscsdFcxpkH7eQN4feA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.240.0/21
95.131.160.0/21
185.127.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c4:1b:d9:5b:85:bf:61:f2:93:73:83:45:5c:ea:8e:ef:b8:
ec:e4:6e:05:a2:3d:46:c5:f8:1e:e0:61:8a:4f:dc:35:4f:96:
ef:2e:eb:b4:7e:b5:a3:59:e2:ce:78:f0:8b:6b:b1:80:cd:55:
4c:0b:82:a3:b2:9c:29:af:5c:92:a7:58:b1:e4:68:d7:58:0d:
2b:a8:fc:07:bc:c5:53:08:74:70:6a:c4:ce:a0:a2:a1:9f:75:
9a:db:20:74:5e:b4:1b:5a:b2:2c:1e:aa:39:25:64:17:0e:00:
46:5e:cd:a3:40:15:02:fb:56:3b:e6:a6:41:4c:e5:64:26:2a:
7f:27:de:ef:ca:34:8f:b3:8c:0b:b6:19:c2:ce:24:bd:4c:fb:
ee:61:82:53:3b:2a:d8:29:d2:ef:b7:d8:22:94:41:57:82:44:
65:1e:d0:ca:f5:d4:0e:00:28:27:79:32:5b:24:6f:c3:da:ef:
2b:62:e7:82:86:e1:b8:8f:e6:56:85:08:cb:f6:70:5c:7d:23:
7a:b0:21:32:75:52:31:9e:93:28:90:49:03:c9:92:4f:75:84:
ea:30:7d:fd:64:c1:56:7e:97:50:37:0b:c2:35:12:fa:24:57:
6d:c5:b4:82:a6:85:76:f2:af:b7:b9:43:a4:62:88:de:2f:0d:
b6:2e:8e:c0
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEVCOhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTAyZDNlMGQ1ZjIxZWM3MmM3NDU3MzFhNjQxZmI3OTAzNzg3ZGUwMB4XDTIyMDIx
NjA5NTQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA3MDM2ZWRjNzk5
MTE0M2IwMmMzNDUyODNhZDVjYjkyMjYxZjQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMR/W9ED0stI9JthHEtIqslop4CrxNo5i46mUUupa5e5LKe1
vp3Dhup//zhd1JxBFbTCX3ZvvSeIBna/FTKiMeNIoCzqnaHxjnBvXpHrWwBAQma1
zgoQKfJ34dXrcm42qrrzntDS2qU5Wjk0BZUJg/MkqKn6TI+lkimfVIJJPrkV93rv
EUyExvo3dnUH6KaOe4oEKBFsjFRz4VPs7UALKbcrJ5N965PTMKBpS5ex3cCQMTD+
Kah/l0giX613+oq26n8yk10MnGfU3Ss4NO5ZLJ/+AmtMmW1Q2f+/UclldvEn5kmk
d/OnC2x6BjQ6YhAiW17QYlFD6M/m2CLBza5UZfsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQwcDbtx5kRQ7AsNFKDrVy5ImH0MjAfBgNVHSMEGDAWgBSBAtPg1fIexyx0
VzGmQft5A3h94DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRTFQ0Tlh5SHNjc2RGY3hwa0g3ZVFONGZlQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8x
L01IQTI3Y2VaRVVPd0xEUlNnNjFjdVNKaDlESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8xL2dRTFQ0Tlh5SHNj
c2RGY3hwa0g3ZVFONGZlQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1OO8AMEA1+DoAMEArl/kDANBgkq
hkiG9w0BAQsFAAOCAQEAisQb2VuFv2Hyk3ODRVzqju+47ORuBaI9RsX4HuBhik/c
NU+W7y7rtH61o1niznjwi2uxgM1VTAuCo7KcKa9ckqdYseRo11gNK6j8B7zFUwh0
cGrEzqCioZ91mtsgdF60G1qyLB6qOSVkFw4ARl7No0AVAvtWO+amQUzlZCYqfyfe
78o0j7OMC7YZws4kvUz77mGCUzsq2CnS77fYIpRBV4JEZR7QyvXUDgAoJ3kyWyRv
w9rvK2LngobhuI/mVoUIy/ZwXH0jerAhMnVSMZ6TKJBJA8mST3WE6jB9/WTBVn6X
UDcLwjUS+iRXbcW0gqaFdvKvt7lDpGKI3i8Nti6OwA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:31 2025 by rpki-client