Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/mgqMEWxSTP0DA4ej9FdAab4BQMM.roa
File: mgqMEWxSTP0DA4ej9FdAab4BQMM.roa (raw, json)
Hash identifier: O5EgqlwUyl2UByqk2HZ9/M0rnGmFsHdF9yaut+VOf4c=
Subject key identifier: 9A:0A:8C:11:6C:52:4C:FD:03:03:87:A3:F4:57:40:69:BE:01:40:C3
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 01856BAEA4C51D6D5702C42300518D06E321
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/mgqMEWxSTP0DA4ej9FdAab4BQMM.roa
Signing time: Sun 01 Jan 2023 04:54:45 +0000
ROA not before: Sun 01 Jan 2023 04:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 31.6.31.0/24 maxlen: 24
31.6.37.0/24 maxlen: 24
31.6.36.0/24 maxlen: 24
31.6.38.0/24 maxlen: 24
31.6.34.0/24 maxlen: 24
31.6.33.0/24 maxlen: 24
31.6.35.0/24 maxlen: 24
31.6.32.0/24 maxlen: 24
31.6.39.0/24 maxlen: 24
31.6.40.0/24 maxlen: 24
31.6.20.0/24 maxlen: 24
178.208.186.0/24 maxlen: 24
178.208.189.0/24 maxlen: 24
178.208.191.0/24 maxlen: 24
178.208.190.0/24 maxlen: 24
178.208.188.0/24 maxlen: 24
178.208.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:a4:c5:1d:6d:57:02:c4:23:00:51:8d:06:e3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Jan 1 04:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a0a8c116c524cfd030387a3f4574069be0140c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:65:bd:bb:f5:d8:70:34:1a:c2:f7:54:42:9c:
a6:89:cb:58:eb:e5:40:49:69:cb:c5:29:9a:20:6a:
42:12:f6:86:21:de:23:c1:52:78:d8:13:d0:d1:09:
88:26:21:54:7e:96:a1:64:12:65:0b:17:5e:98:23:
20:8f:77:d9:51:d2:ab:3f:ed:5b:cf:a6:c0:d6:9f:
cc:7e:0e:ac:10:64:80:5b:44:43:c5:98:1a:cf:dc:
41:e5:99:a0:74:d3:cb:63:3e:cb:06:84:81:77:b6:
76:a8:95:d2:bd:34:7f:7c:7c:c0:1b:85:64:59:c1:
5e:dc:58:80:39:dd:bd:f7:7b:45:1a:6d:20:76:36:
23:81:c1:98:df:10:24:84:c4:e0:91:6e:56:0e:b1:
4a:ed:d3:8a:83:2d:e6:ed:44:82:71:b5:34:a6:4c:
39:39:71:73:09:d2:73:d3:d0:ea:b9:cc:0a:31:56:
57:50:61:01:c4:7c:12:e4:79:72:1c:99:73:a6:51:
7d:d1:de:62:2b:e9:41:20:77:4c:ca:56:27:11:35:
e9:37:08:ea:40:5b:1a:e2:23:f4:be:a9:75:2f:bb:
03:da:b8:7e:f0:34:78:ed:fc:5f:f0:72:95:2c:d3:
5b:10:9d:90:b6:1c:fd:2b:74:17:cc:9c:7c:0d:f0:
91:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0A:8C:11:6C:52:4C:FD:03:03:87:A3:F4:57:40:69:BE:01:40:C3
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/mgqMEWxSTP0DA4ej9FdAab4BQMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.20.0/24
31.6.31.0-31.6.40.255
178.208.186.0-178.208.191.255
Signature Algorithm: sha256WithRSAEncryption
96:0e:28:26:d3:6d:2b:4a:80:84:1d:bc:b8:e5:0f:20:f5:17:
a5:cb:00:8a:3a:ae:a2:36:5f:9e:31:a3:90:87:75:96:22:1b:
89:eb:39:e8:b8:31:55:2d:27:5a:b9:7f:f6:7c:66:dd:10:ca:
d2:02:b5:44:ee:b0:c0:11:0a:17:54:c9:f5:84:b2:21:ca:d6:
ee:0c:4a:97:df:d6:af:30:f3:40:73:9d:ee:03:27:8a:f4:f7:
53:31:82:3f:db:0e:bc:d7:16:15:4c:ad:33:21:9b:fe:3e:27:
ff:91:89:c6:c0:68:9c:d4:98:c3:72:0b:ff:03:38:94:a3:0f:
50:75:72:61:7d:67:5f:48:64:c4:5e:32:81:74:f3:54:52:fa:
89:3e:7d:0e:51:da:3c:ef:7e:1e:34:b4:6a:dc:cd:c4:df:6c:
e0:2d:2b:a0:1e:71:52:37:d1:ef:44:1e:f3:e9:f0:6e:3c:27:
53:e8:ea:d3:42:7b:50:ac:f1:4b:2c:31:ac:76:3e:0d:d6:f7:
bf:fe:ef:4e:e0:79:50:a3:1d:06:e4:8d:f6:fc:77:ee:0e:8a:
56:06:75:31:33:dd:84:cd:37:de:ab:48:fc:ee:36:ea:6b:e6:
d4:a3:80:41:c3:ae:2d:1a:9a:c4:40:3f:ea:67:67:47:c3:8a:
68:30:a1:da
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVrrqTFHW1XAsQjAFGNBuMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2VjZTcxZWY2ZWJmNTViYjdiODdlNTA2NjViYTExZmRj
NzdmMDgwHhcNMjMwMTAxMDQ1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTBhOGMxMTZjNTI0Y2ZkMDMwMzg3YTNmNDU3NDA2OWJlMDE0MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+WW9u/XYcDQawvdUQpymictY6+VA
SWnLxSmaIGpCEvaGId4jwVJ42BPQ0QmIJiFUfpahZBJlCxdemCMgj3fZUdKrP+1b
z6bA1p/Mfg6sEGSAW0RDxZgaz9xB5ZmgdNPLYz7LBoSBd7Z2qJXSvTR/fHzAG4Vk
WcFe3FiAOd2993tFGm0gdjYjgcGY3xAkhMTgkW5WDrFK7dOKgy3m7USCcbU0pkw5
OXFzCdJz09DqucwKMVZXUGEBxHwS5HlyHJlzplF90d5iK+lBIHdMylYnETXpNwjq
QFsa4iP0vql1L7sD2rh+8DR47fxf8HKVLNNbEJ2Qthz9K3QXzJx8DfCRTwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJoKjBFsUkz9AwOHo/RXQGm+AUDDMB8GA1UdIwQY
MBaAFNU+znHvbr9Vu3uH5QZluhH9x38IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQt
MWMyNjI2NTkwZDI4LzEvbWdxTUVXeFNUUDBEQTRlajlGZEFhYjRCUU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQtMWMyNjI2NTkwZDI4
LzEvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAHwYUMAwD
BAAfBh8DBAAfBigwDAMEAbLQugMEBrLQgDANBgkqhkiG9w0BAQsFAAOCAQEAlg4o
JtNtK0qAhB28uOUPIPUXpcsAijquojZfnjGjkId1liIbies56LgxVS0nWrl/9nxm
3RDK0gK1RO6wwBEKF1TJ9YSyIcrW7gxKl9/WrzDzQHOd7gMnivT3UzGCP9sOvNcW
FUytMyGb/j4n/5GJxsBonNSYw3IL/wM4lKMPUHVyYX1nX0hkxF4ygXTzVFL6iT59
DlHaPO9+HjS0atzNxN9s4C0roB5xUjfR70Qe8+nwbjwnU+jq00J7UKzxSywxrHY+
Ddb3v/7vTuB5UKMdBuSN9vx37g6KVgZ1MTPdhM033qtI/O426mvm1KOAQcOuLRqa
xEA/6mdnR8OKaDCh2g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:40 2023 by rpki-client on console-fra.rpki-client.org