Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/MwOTM4NTpYgqtlsKuteambtyY6Q.roa
File: MwOTM4NTpYgqtlsKuteambtyY6Q.roa (raw, json)
Hash identifier: 15PRhJOGtpjQfaXM28ile3ZgmOfmdwLuAPfdRlgIuMk=
Subject key identifier: 33:03:93:33:83:53:A5:88:2A:B6:5B:0A:BA:D7:9A:99:BB:72:63:A4
Certificate issuer: /CN=b3e60d38bb37794e72e87e6870d071f2a7dd3e57
Certificate serial: 0194258F494BCE3E6B82EFB8C2DA919B139F
Authority key identifier: B3:E6:0D:38:BB:37:79:4E:72:E8:7E:68:70:D0:71:F2:A7:DD:3E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/MwOTM4NTpYgqtlsKuteambtyY6Q.roa
Signing time: Thu 02 Jan 2025 05:48:54 +0000
ROA not before: Thu 02 Jan 2025 05:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42326
IP address blocks: 158.146.128.0/24 maxlen: 24
158.146.129.0/24 maxlen: 24
158.146.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:49:4b:ce:3e:6b:82:ef:b8:c2:da:91:9b:13:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3e60d38bb37794e72e87e6870d071f2a7dd3e57
Validity
Not Before: Jan 2 05:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=330393338353a5882ab65b0abad79a99bb7263a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fd:d4:d6:52:e5:05:80:dc:6a:e0:48:21:bb:
0e:af:24:ef:28:5c:a7:a2:5b:57:97:5a:5f:47:9b:
2f:da:9b:e3:e5:95:06:70:13:15:2a:b6:51:a9:4e:
a5:23:47:16:48:e5:b2:17:bd:cb:20:7b:f8:1b:31:
c3:ac:61:fd:6a:e9:f9:ce:56:aa:4e:8e:a0:f9:80:
5f:fd:d4:fe:29:c0:b7:09:3b:43:d4:5a:0e:c7:b5:
a6:f2:d1:74:f7:e5:86:36:63:8a:aa:61:44:4f:c4:
2d:78:fa:f1:b6:01:b3:ea:f6:da:ca:3c:7a:06:d6:
0d:76:56:7c:9d:08:c6:94:8a:36:af:93:12:e4:f6:
fa:a9:4d:f9:7a:b8:81:22:8f:58:d5:ed:e5:1c:db:
cf:e8:a8:f2:88:e1:d6:16:15:ce:8a:b5:ef:fc:a7:
64:09:90:27:ce:d1:68:b4:aa:fc:00:43:85:47:15:
75:1e:16:75:03:9e:55:4a:6a:35:60:92:89:a9:bd:
90:0f:8f:6f:67:58:d3:2a:b3:f6:5e:c2:fc:f5:a0:
a1:07:06:95:56:6c:ab:06:a3:27:ad:0c:15:92:60:
0b:82:a5:7c:b0:d9:24:14:79:a4:4e:b6:1e:be:ff:
dc:0e:12:1d:ca:62:d4:3e:b7:21:53:d9:f2:84:1c:
3f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:03:93:33:83:53:A5:88:2A:B6:5B:0A:BA:D7:9A:99:BB:72:63:A4
X509v3 Authority Key Identifier:
keyid:B3:E6:0D:38:BB:37:79:4E:72:E8:7E:68:70:D0:71:F2:A7:DD:3E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/MwOTM4NTpYgqtlsKuteambtyY6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/s-YNOLs3eU5y6H5ocNBx8qfdPlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.146.128.0/23
158.146.137.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:fd:b6:2c:a2:f2:08:48:d0:38:f2:ed:8b:a3:18:4a:de:bf:
82:73:c7:03:33:9a:f4:a3:eb:30:8e:3e:0a:5e:e3:6e:0a:ea:
58:0e:4a:44:0c:27:fd:19:80:a5:c6:fb:48:e0:b7:c2:83:87:
43:c9:f9:da:62:0c:6a:ff:f3:35:6e:c7:7f:dd:74:b2:6b:87:
7b:68:c7:5d:62:77:b8:70:b1:b9:10:40:a2:4a:18:db:06:64:
99:32:d3:f6:82:1a:9f:eb:81:28:46:d4:99:e8:b4:b9:22:ef:
ed:3e:60:b7:2f:8c:94:7f:75:59:b6:f7:3e:ea:c6:6a:06:c2:
bd:e8:6a:05:e5:08:94:ae:82:66:1e:7e:b3:3c:ef:3f:bc:52:
12:7b:a5:3a:27:f0:c5:0b:0b:01:55:e9:32:58:1f:3e:f5:d1:
c0:ca:c2:74:00:08:79:51:51:db:35:0a:93:e2:b1:f1:88:fd:
90:85:00:af:b7:08:0a:8a:85:d3:9e:0f:39:3c:6e:64:4c:e3:
7b:ab:d1:b4:1b:de:81:c9:c1:71:32:e0:67:28:b0:ec:36:55:
06:89:bc:6b:cd:5d:1a:7b:8d:b9:bc:26:4f:16:81:5d:31:9b:
a6:da:fc:1e:e9:be:1f:27:4b:16:64:10:88:29:a9:6a:af:8d:
74:6a:34:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj0lLzj5rgu+4wtqRmxOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZTYwZDM4YmIzNzc5NGU3MmU4N2U2ODcwZDA3MWYyYTdk
ZDNlNTcwHhcNMjUwMTAyMDU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzAzOTMzMzgzNTNhNTg4MmFiNjViMGFiYWQ3OWE5OWJiNzI2M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf3U1lLlBYDcauBIIbsOryTvKFyn
oltXl1pfR5sv2pvj5ZUGcBMVKrZRqU6lI0cWSOWyF73LIHv4GzHDrGH9aun5zlaq
To6g+YBf/dT+KcC3CTtD1FoOx7Wm8tF09+WGNmOKqmFET8QtePrxtgGz6vbayjx6
BtYNdlZ8nQjGlIo2r5MS5Pb6qU35eriBIo9Y1e3lHNvP6KjyiOHWFhXOirXv/Kdk
CZAnztFotKr8AEOFRxV1HhZ1A55VSmo1YJKJqb2QD49vZ1jTKrP2XsL89aChBwaV
VmyrBqMnrQwVkmALgqV8sNkkFHmkTrYevv/cDhIdymLUPrchU9nyhBw/mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMDkzODU6WIKrZbCrrXmpm7cmOkMB8GA1UdIwQY
MBaAFLPmDTi7N3lOcuh+aHDQcfKn3T5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy1ZTk9MczNlVTV5Nkg1b2NOQng4cWZkUGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83Zjc2NWQtZDA3ZS00YTY2LTkyYTUt
N2E5NGM3YzM2MjE3LzEvTXdPVE00TlRwWWdxdGxzS3V0ZWFtYnR5WTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC83Zjc2NWQtZDA3ZS00YTY2LTkyYTUtN2E5NGM3YzM2MjE3
LzEvcy1ZTk9MczNlVTV5Nkg1b2NOQng4cWZkUGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnpKAAwQA
npKJMA0GCSqGSIb3DQEBCwUAA4IBAQAs/bYsovIISNA48u2LoxhK3r+Cc8cDM5r0
o+swjj4KXuNuCupYDkpEDCf9GYClxvtI4LfCg4dDyfnaYgxq//M1bsd/3XSya4d7
aMddYne4cLG5EECiShjbBmSZMtP2ghqf64EoRtSZ6LS5Iu/tPmC3L4yUf3VZtvc+
6sZqBsK96GoF5QiUroJmHn6zPO8/vFISe6U6J/DFCwsBVekyWB8+9dHAysJ0AAh5
UVHbNQqT4rHxiP2QhQCvtwgKioXTng85PG5kTON7q9G0G96BycFxMuBnKLDsNlUG
ibxrzV0ae425vCZPFoFdMZum2vwe6b4fJ0sWZBCIKalqr410ajQr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:04 2025 by rpki-client