Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/MXjGchA1tthe9hBaCTy34XWuIys.roa
File: MXjGchA1tthe9hBaCTy34XWuIys.roa (raw, json)
Hash identifier: m9xSPEOr8P6pGopF9XMr9mPGzbIw3wWqJY/1QxjlC64=
Subject key identifier: 31:78:C6:72:10:35:B6:D8:5E:F6:10:5A:09:3C:B7:E1:75:AE:23:2B
Certificate issuer: /CN=8ac14985cb544c6d23d19bb43ac93711afe91f18
Certificate serial: 019427B6464BF25D1AA4DC85B3E620A4CF59
Authority key identifier: 8A:C1:49:85:CB:54:4C:6D:23:D1:9B:B4:3A:C9:37:11:AF:E9:1F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isFJhctUTG0j0Zu0Osk3Ea_pHxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/MXjGchA1tthe9hBaCTy34XWuIys.roa
Signing time: Thu 02 Jan 2025 15:50:44 +0000
ROA not before: Thu 02 Jan 2025 15:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51621
IP address blocks: 185.216.49.0/24 maxlen: 24
185.217.130.0/24 maxlen: 24
2a10:a900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:46:4b:f2:5d:1a:a4:dc:85:b3:e6:20:a4:cf:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ac14985cb544c6d23d19bb43ac93711afe91f18
Validity
Not Before: Jan 2 15:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3178c6721035b6d85ef6105a093cb7e175ae232b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3b:ab:88:11:54:e1:04:b0:5b:ae:df:7c:1a:
56:4c:1c:06:25:02:ab:00:6a:20:f8:91:56:bb:23:
f0:9b:00:b4:7d:5d:57:67:94:51:e2:29:23:95:7f:
a9:ef:c7:6b:92:44:a1:f7:ad:a5:a2:72:59:47:f2:
d8:a9:ba:f9:fb:6f:50:f5:db:97:48:3c:4f:c9:cc:
c1:82:a1:eb:7a:07:01:71:f0:85:bf:73:74:81:dd:
9d:b6:6a:35:1f:ce:9b:fb:b4:ab:d7:f0:27:4b:d9:
83:f8:20:67:56:1c:6d:d2:03:d3:41:f0:20:fe:a4:
b0:0e:e0:4f:d4:d5:f0:01:7d:61:94:9d:3b:e4:c6:
0b:c9:1d:b7:dd:6e:8e:ca:09:9a:b7:7f:f4:cb:f6:
52:d3:f7:41:6a:80:e1:62:95:d4:d9:fd:2d:cf:b9:
1a:fa:49:87:3d:38:22:80:58:9b:77:c0:74:f5:e7:
9e:ad:75:30:83:0c:52:64:06:a0:e6:a3:03:62:1b:
68:cc:45:41:69:b7:12:dd:ca:f0:13:01:21:a2:0b:
b5:11:0b:f0:b2:00:69:a3:63:1a:2d:88:fd:30:54:
31:70:9b:b5:63:d6:1d:ee:1d:6f:71:20:77:bc:99:
98:1f:ba:d0:2a:8a:66:b9:d6:5b:7e:ec:48:8c:c5:
a8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:78:C6:72:10:35:B6:D8:5E:F6:10:5A:09:3C:B7:E1:75:AE:23:2B
X509v3 Authority Key Identifier:
keyid:8A:C1:49:85:CB:54:4C:6D:23:D1:9B:B4:3A:C9:37:11:AF:E9:1F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isFJhctUTG0j0Zu0Osk3Ea_pHxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/MXjGchA1tthe9hBaCTy34XWuIys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/isFJhctUTG0j0Zu0Osk3Ea_pHxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.49.0/24
185.217.130.0/24
IPv6:
2a10:a900::/29
Signature Algorithm: sha256WithRSAEncryption
ac:83:d0:28:17:65:ff:0d:cf:36:c0:e0:0b:bf:19:db:7e:84:
09:fb:44:6d:68:e3:86:19:93:13:d7:54:6b:ea:97:08:44:30:
4e:99:16:da:4b:fd:e4:5f:33:7a:05:7c:59:a8:4f:9d:42:9d:
2f:ac:89:0d:42:13:31:bc:7f:fb:bd:48:e6:57:3e:2e:e3:ee:
c3:7e:27:8e:a5:10:64:69:03:25:da:43:2b:98:7d:40:b1:d7:
d2:cd:17:c4:54:e8:89:bc:58:1a:a4:ea:97:74:69:11:a1:29:
57:bf:bb:c6:a0:d3:19:9c:e6:65:e4:78:69:9a:33:a1:8b:4c:
a3:c6:fc:e5:17:e7:a1:26:5b:cd:84:22:cf:29:cf:57:15:1f:
d7:ba:ea:66:14:e5:be:41:f9:b9:9e:e2:4d:0e:c4:15:0b:9e:
69:ae:c0:f8:88:1a:ff:06:1f:52:ca:17:16:d6:0c:6c:4d:8c:
4b:da:c8:75:0b:08:69:46:1b:3f:69:1a:e3:18:e3:44:7a:76:
ab:0f:7b:b6:92:99:d5:f6:49:73:3c:c3:0f:b8:c3:e1:28:ec:
ca:cf:db:23:eb:ce:20:d3:40:7b:6d:22:64:74:be:12:7a:74:
58:cc:99:cb:9f:55:c7:c7:72:5f:ad:cf:7b:b4:2c:0f:37:d4:
42:af:7a:7e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntkZL8l0apNyFs+YgpM9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzE0OTg1Y2I1NDRjNmQyM2QxOWJiNDNhYzkzNzExYWZl
OTFmMTgwHhcNMjUwMTAyMTU1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc4YzY3MjEwMzViNmQ4NWVmNjEwNWEwOTNjYjdlMTc1YWUyMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDuriBFU4QSwW67ffBpWTBwGJQKr
AGog+JFWuyPwmwC0fV1XZ5RR4ikjlX+p78drkkSh962lonJZR/LYqbr5+29Q9duX
SDxPyczBgqHregcBcfCFv3N0gd2dtmo1H86b+7Sr1/AnS9mD+CBnVhxt0gPTQfAg
/qSwDuBP1NXwAX1hlJ075MYLyR233W6Oygmat3/0y/ZS0/dBaoDhYpXU2f0tz7ka
+kmHPTgigFibd8B09eeerXUwgwxSZAag5qMDYhtozEVBabcS3crwEwEhogu1EQvw
sgBpo2MaLYj9MFQxcJu1Y9Yd7h1vcSB3vJmYH7rQKopmudZbfuxIjMWofQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDF4xnIQNbbYXvYQWgk8t+F1riMrMB8GA1UdIwQY
MBaAFIrBSYXLVExtI9GbtDrJNxGv6R8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNGSmhjdFVURzBqMFp1ME9zazNFYV9wSHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS81ODZmNzctNmYzMi00Yjk2LTk4Mzgt
YTU4OTQ2OTNhZjEwLzEvTVhqR2NoQTF0dGhlOWhCYUNUeTM0WFd1SXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS81ODZmNzctNmYzMi00Yjk2LTk4MzgtYTU4OTQ2OTNhZjEw
LzEvaXNGSmhjdFVURzBqMFp1ME9zazNFYV9wSHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAudgxAwQA
udmCMA0EAgACMAcDBQMqEKkAMA0GCSqGSIb3DQEBCwUAA4IBAQCsg9AoF2X/Dc82
wOALvxnbfoQJ+0RtaOOGGZMT11Rr6pcIRDBOmRbaS/3kXzN6BXxZqE+dQp0vrIkN
QhMxvH/7vUjmVz4u4+7DfieOpRBkaQMl2kMrmH1AsdfSzRfEVOiJvFgapOqXdGkR
oSlXv7vGoNMZnOZl5HhpmjOhi0yjxvzlF+ehJlvNhCLPKc9XFR/XuupmFOW+Qfm5
nuJNDsQVC55prsD4iBr/Bh9SyhcW1gxsTYxL2sh1CwhpRhs/aRrjGONEenarD3u2
kpnV9klzPMMPuMPhKOzKz9sj684g00B7bSJkdL4SenRYzJnLn1XHx3Jfrc97tCwP
N9RCr3p+
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:52:56 2025 by rpki-client