Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/MSrSUIwYGP5OzMFaA9dwr3mO4jY.roa
File: MSrSUIwYGP5OzMFaA9dwr3mO4jY.roa (raw, json)
Hash identifier: OHzV5kP6uhO1eFoIB7t+WKfJjHs90j+a/iXQqOXuv30=
Subject key identifier: 31:2A:D2:50:8C:18:18:FE:4E:CC:C1:5A:03:D7:70:AF:79:8E:E2:36
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0194221F876379FBF292E14C14D9A16B0F75
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/MSrSUIwYGP5OzMFaA9dwr3mO4jY.roa
Signing time: Wed 01 Jan 2025 13:47:59 +0000
ROA not before: Wed 01 Jan 2025 13:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142019
IP address blocks: 81.19.134.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:87:63:79:fb:f2:92:e1:4c:14:d9:a1:6b:0f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 1 13:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=312ad2508c1818fe4eccc15a03d770af798ee236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:16:7e:8e:2e:dc:26:06:70:98:7f:47:84:
f7:29:cd:ba:27:bd:d8:5c:e7:7b:8f:e2:80:28:7c:
59:31:e9:b7:10:4b:15:7f:5f:04:44:bb:6d:0e:a9:
83:7c:c6:27:e0:3d:cb:be:4e:ae:4f:59:2d:db:be:
84:ca:29:1d:20:78:7d:56:dc:26:62:b4:cf:e7:32:
32:2c:a0:87:39:fb:9d:24:a2:b9:fb:4b:e4:cc:4e:
f4:8a:54:20:40:fb:e8:8e:20:b2:28:64:f1:07:2d:
82:1a:4c:d0:c2:08:1e:86:0e:32:5e:48:fb:46:4f:
e9:f3:19:5c:10:67:15:0b:8f:ae:90:a7:90:aa:5b:
7a:f8:f9:e7:8f:eb:06:d4:f9:e2:c8:00:9d:47:55:
20:fa:a7:9c:0a:4e:50:74:d7:3d:63:ba:8f:cc:1e:
ba:7c:32:d0:2f:45:2d:0c:02:33:02:2a:3f:66:ff:
ce:19:31:d6:d2:c3:bc:2d:31:e0:3d:5d:7c:0e:0a:
f3:49:91:55:fb:35:74:f7:09:99:b2:8a:90:7d:b1:
7a:cb:27:7d:6c:a9:dd:30:a9:31:5f:cd:9d:33:68:
f2:61:eb:81:63:43:4b:4d:8f:ae:f5:c5:b6:3f:0d:
23:ec:bb:f2:d6:59:fc:ca:99:2b:37:dd:19:a1:3d:
44:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2A:D2:50:8C:18:18:FE:4E:CC:C1:5A:03:D7:70:AF:79:8E:E2:36
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/MSrSUIwYGP5OzMFaA9dwr3mO4jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.134.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:1a:57:89:aa:9d:fb:68:cf:6f:13:41:35:79:c3:4f:7c:f4:
b3:43:83:d0:c5:73:1a:71:bb:22:3f:32:c1:f9:53:91:6a:07:
64:1e:93:28:7b:34:77:c6:e1:b8:aa:8c:6b:da:f6:33:be:fa:
f4:a9:68:7c:a0:a1:8d:8b:2b:d8:41:d4:23:4d:e5:a8:2c:83:
97:82:fc:82:12:20:98:e4:e0:62:33:f9:b3:74:e3:e8:a1:a4:
50:5e:cc:b5:9e:bf:6c:10:e3:d4:cf:1b:a2:fd:5e:21:11:3d:
2b:66:b5:fd:f4:87:32:e0:14:66:53:db:9a:e0:75:a8:a4:21:
31:4a:6b:68:3b:c3:28:31:14:96:13:ca:ee:5b:6f:b0:7e:b6:
c3:08:28:12:fb:15:3d:91:b8:fd:48:f6:74:d6:2a:b8:48:ba:
87:10:96:b0:b1:ed:25:f3:63:3d:aa:6d:7e:3d:81:a8:e3:16:
a1:8b:d8:37:20:04:b7:90:7a:5a:71:34:6f:d2:95:40:34:d8:
41:25:45:30:21:68:c0:01:57:ee:86:c1:a4:15:d4:c3:ae:b6:
74:a4:0c:5f:1c:9f:bb:42:c9:03:aa:29:02:54:36:4d:6a:fc:
51:86:15:e1:a3:b2:ea:7f:60:a9:30:69:e6:3a:17:9f:65:09:
56:9e:d3:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4djefvykuFMFNmhaw91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMTAxMTM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJhZDI1MDhjMTgxOGZlNGVjY2MxNWEwM2Q3NzBhZjc5OGVlMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0QWfo4u3CYGcJh/R4T3Kc26J73Y
XOd7j+KAKHxZMem3EEsVf18ERLttDqmDfMYn4D3Lvk6uT1kt276EyikdIHh9Vtwm
YrTP5zIyLKCHOfudJKK5+0vkzE70ilQgQPvojiCyKGTxBy2CGkzQwggehg4yXkj7
Rk/p8xlcEGcVC4+ukKeQqlt6+Pnnj+sG1PniyACdR1Ug+qecCk5QdNc9Y7qPzB66
fDLQL0UtDAIzAio/Zv/OGTHW0sO8LTHgPV18DgrzSZFV+zV09wmZsoqQfbF6yyd9
bKndMKkxX82dM2jyYeuBY0NLTY+u9cW2Pw0j7Lvy1ln8ypkrN90ZoT1EewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEq0lCMGBj+TszBWgPXcK95juI2MB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvTVNyU1VJd1lHUDVPek1GYUE5ZHdyM21PNGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUROGMA0G
CSqGSIb3DQEBCwUAA4IBAQBPGleJqp37aM9vE0E1ecNPfPSzQ4PQxXMacbsiPzLB
+VORagdkHpMoezR3xuG4qoxr2vYzvvr0qWh8oKGNiyvYQdQjTeWoLIOXgvyCEiCY
5OBiM/mzdOPooaRQXsy1nr9sEOPUzxui/V4hET0rZrX99Icy4BRmU9ua4HWopCEx
SmtoO8MoMRSWE8ruW2+wfrbDCCgS+xU9kbj9SPZ01iq4SLqHEJawse0l82M9qm1+
PYGo4xahi9g3IAS3kHpacTRv0pVANNhBJUUwIWjAAVfuhsGkFdTDrrZ0pAxfHJ+7
QskDqikCVDZNavxRhhXho7Lqf2CpMGnmOhefZQlWntP4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:49 2025 by rpki-client