Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/MyEKusbRlYPzWaPfu35rICl8j8s.roa
File: MyEKusbRlYPzWaPfu35rICl8j8s.roa (raw, json)
Hash identifier: MHKGP2AKFb7Ec5gE81fl6aK8qZ8atyv9x8xE8bP0sPU=
Subject key identifier: 33:21:0A:BA:C6:D1:95:83:F3:59:A3:DF:BB:7E:6B:20:29:7C:8F:CB
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01856ED4BF0FA272DBFD32E9B94DAA267C11
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/MyEKusbRlYPzWaPfu35rICl8j8s.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 193.31.126.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
194.99.26.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:bf:0f:a2:72:db:fd:32:e9:b9:4d:aa:26:7c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33210abac6d19583f359a3dfbb7e6b20297c8fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:26:0e:c8:fc:66:99:ee:48:1b:a5:03:30:9e:
4e:cb:41:67:7d:f3:03:3b:25:5b:c1:86:f1:5c:68:
82:04:d8:52:62:1d:01:d8:3c:53:d9:70:6b:9c:3e:
61:b3:d9:de:ca:51:74:ce:18:6d:9b:96:37:9e:94:
65:ca:7b:77:10:6d:70:08:04:2c:23:56:44:9f:b3:
b6:67:7a:18:39:1c:f8:f4:a4:6e:e5:e6:10:61:d0:
f3:60:9b:a7:f3:e1:70:7a:68:7f:bb:57:01:b7:77:
5d:9d:9d:5b:14:16:d1:f1:1e:a8:07:e6:b8:38:9d:
eb:08:55:76:8a:92:b5:24:9f:9f:9b:82:d7:af:ea:
db:7b:fe:de:9d:f4:d2:0a:e5:0f:57:6e:ac:65:49:
a3:34:53:05:e5:04:4e:c1:b9:c1:20:f3:ae:e9:94:
8e:99:36:78:1f:e2:de:13:22:7f:e2:08:9c:08:7d:
d8:43:d8:03:e3:d0:bd:4b:47:5f:53:17:fb:7f:ff:
59:88:6e:7e:86:f8:0e:46:28:e0:15:c4:d1:44:41:
df:cf:69:9e:04:d1:36:2d:96:0b:4a:06:6c:3e:cb:
3d:62:06:1c:31:74:66:61:db:5e:ac:1c:f8:c4:62:
5f:90:5e:00:78:93:5b:2f:b2:9e:c6:b9:f6:2e:26:
c7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:21:0A:BA:C6:D1:95:83:F3:59:A3:DF:BB:7E:6B:20:29:7C:8F:CB
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/MyEKusbRlYPzWaPfu35rICl8j8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.24.0/22
193.31.126.0/24
193.151.189.0-193.151.191.255
194.99.24.0/24
194.99.26.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:18:7d:ab:36:cc:01:02:ab:c0:99:17:e6:01:bf:4f:77:46:
34:47:c6:0f:73:ac:e3:09:a2:00:8b:58:31:2b:59:20:69:a2:
34:a6:d8:c8:29:83:20:85:0a:b2:14:29:04:98:c5:33:d5:23:
18:ca:57:a2:4d:6b:b8:6f:c6:8c:f1:c8:98:ac:de:41:ff:0f:
ba:70:bc:a9:c1:11:0c:4c:a1:24:c2:05:0d:8d:b2:be:b9:7d:
21:90:cb:3d:9d:f9:26:85:79:6d:c6:10:52:1c:d9:ca:f3:79:
f3:35:57:1e:3b:19:11:ad:26:e6:61:ef:f6:e7:5e:72:20:cf:
df:1a:cb:c0:72:90:99:78:89:22:4c:5a:3b:86:f4:ef:47:01:
3c:50:30:a5:28:bd:64:34:6e:f4:bf:bc:23:76:62:e8:36:01:
39:be:74:92:d2:0d:9a:83:e0:87:73:33:31:24:5a:0d:2d:39:
17:ad:8a:e5:2c:fe:85:5a:60:03:f7:42:3f:96:ab:17:e4:55:
c4:01:75:d1:8a:56:4e:15:ab:76:34:89:db:0a:fb:0c:c1:56:
8c:7e:de:b5:28:17:a1:72:97:b2:6b:5d:d1:ef:11:db:e9:97:
d3:4d:29:da:a7:13:97:84:7c:25:69:7c:7f:a0:b9:41:ae:48:
6f:db:bb:99
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVu1L8PonLb/TLpuU2qJnwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzIxMGFiYWM2ZDE5NTgzZjM1OWEzZGZiYjdlNmIyMDI5N2M4ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiYOyPxmme5IG6UDMJ5Oy0FnffMD
OyVbwYbxXGiCBNhSYh0B2DxT2XBrnD5hs9neylF0zhhtm5Y3npRlynt3EG1wCAQs
I1ZEn7O2Z3oYORz49KRu5eYQYdDzYJun8+Fwemh/u1cBt3ddnZ1bFBbR8R6oB+a4
OJ3rCFV2ipK1JJ+fm4LXr+rbe/7enfTSCuUPV26sZUmjNFMF5QROwbnBIPOu6ZSO
mTZ4H+LeEyJ/4gicCH3YQ9gD49C9S0dfUxf7f/9ZiG5+hvgORijgFcTRREHfz2me
BNE2LZYLSgZsPss9YgYcMXRmYdterBz4xGJfkF4AeJNbL7Kexrn2LibH4QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDMhCrrG0ZWD81mj37t+ayApfI/LMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvTXlFS3VzYlJsWVB6V2FQZnUzNXJJQ2w4ajhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCTVMYAwQA
wR9+MAwDBADBl70DBAbBl4ADBADCYxgDBADCYxowDQYJKoZIhvcNAQELBQADggEB
AGwYfas2zAECq8CZF+YBv093RjRHxg9zrOMJogCLWDErWSBpojSm2MgpgyCFCrIU
KQSYxTPVIxjKV6JNa7hvxozxyJis3kH/D7pwvKnBEQxMoSTCBQ2Nsr65fSGQyz2d
+SaFeW3GEFIc2crzefM1Vx47GRGtJuZh7/bnXnIgz98ay8BykJl4iSJMWjuG9O9H
ATxQMKUovWQ0bvS/vCN2Yug2ATm+dJLSDZqD4IdzMzEkWg0tORetiuUs/oVaYAP3
Qj+WqxfkVcQBddGKVk4Vq3Y0idsK+wzBVox+3rUoF6Fyl7JrXdHvEdvpl9NNKdqn
E5eEfCVpfH+guUGuSG/bu5k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:25:38 2025 by rpki-client