Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/MbStNmXQF3r8BjIEIY6alBv8fXM.roa
File: MbStNmXQF3r8BjIEIY6alBv8fXM.roa (raw, json)
Hash identifier: qBMHoSNp30r52ggSq1NF5Ja+ou1kpfZ0GNdRTXuZlMk=
Subject key identifier: 31:B4:AD:36:65:D0:17:7A:FC:06:32:04:21:8E:9A:94:1B:FC:7D:73
Certificate issuer: /CN=86022e162f6e6b9755ce4ce845120e62939506f7
Certificate serial: 01942826D91EB84D9CA6B6E803D915901758
Authority key identifier: 86:02:2E:16:2F:6E:6B:97:55:CE:4C:E8:45:12:0E:62:93:95:06:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/MbStNmXQF3r8BjIEIY6alBv8fXM.roa
Signing time: Thu 02 Jan 2025 17:53:42 +0000
ROA not before: Thu 02 Jan 2025 17:53:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61049
IP address blocks: 83.136.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:d9:1e:b8:4d:9c:a6:b6:e8:03:d9:15:90:17:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86022e162f6e6b9755ce4ce845120e62939506f7
Validity
Not Before: Jan 2 17:53:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31b4ad3665d0177afc063204218e9a941bfc7d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:12:30:c1:80:54:31:c3:80:0e:eb:f2:35:
0b:4a:cf:0d:02:b9:ab:be:90:b4:0d:62:7e:5d:45:
81:b8:5b:d2:7e:db:6f:d3:c2:9d:12:b8:fc:0a:fa:
ee:d3:88:d4:76:52:0c:e4:f4:3a:32:dc:9c:17:00:
9e:39:5e:88:b7:36:93:14:ed:ce:1d:17:ea:12:41:
a5:04:68:2d:65:8b:95:f1:ef:6e:89:a7:34:e2:b2:
9b:77:79:4e:cb:a4:2d:d6:ce:7f:36:34:ba:4d:62:
78:c1:91:6d:bd:8e:d8:2d:b6:6a:ff:2c:8c:2f:12:
fa:d7:24:3a:e7:79:04:44:19:a3:2e:1e:f1:a8:78:
8c:9f:c4:85:c7:ee:0c:e7:2b:a9:7b:26:64:57:48:
58:91:9b:aa:34:f0:ff:58:36:7d:c4:bc:da:c2:ba:
c1:7a:77:1b:4c:25:b8:4e:f4:e5:1a:2a:e9:76:98:
61:20:54:30:21:b0:3e:5e:0f:d9:25:21:4b:91:3f:
2b:05:48:c4:98:dc:a1:aa:bf:22:d6:27:c5:d0:25:
2a:b5:e9:5b:d0:f9:2e:33:4e:41:32:c9:0c:f1:40:
34:7b:c2:b0:ab:7c:9e:4b:79:da:13:28:b9:0b:26:
9c:6e:92:8d:e8:b0:ed:26:5a:ca:48:5f:0d:32:d1:
94:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B4:AD:36:65:D0:17:7A:FC:06:32:04:21:8E:9A:94:1B:FC:7D:73
X509v3 Authority Key Identifier:
keyid:86:02:2E:16:2F:6E:6B:97:55:CE:4C:E8:45:12:0E:62:93:95:06:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/MbStNmXQF3r8BjIEIY6alBv8fXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.52.0/22
Signature Algorithm: sha256WithRSAEncryption
69:8d:c0:c6:64:2e:35:d5:b3:a2:7f:06:d2:cf:98:26:7e:9e:
68:ce:85:fe:5f:eb:2e:99:e3:d4:4e:da:aa:6c:a8:9b:ab:70:
2c:e3:c9:79:63:3e:8d:f6:8a:06:b4:18:89:92:39:41:5a:e8:
28:05:e8:32:a0:8e:85:76:81:a2:31:59:90:e3:9a:ef:a9:8a:
0c:59:d1:da:2c:c4:1a:a9:5b:bf:bf:9d:c3:ac:60:4b:f9:be:
23:45:d5:d1:01:d1:54:76:c3:c6:7f:9f:45:44:0c:67:b3:2b:
d0:0d:53:cf:df:33:6a:33:18:b9:52:0a:d2:f5:a4:e9:d6:0d:
17:5c:ad:04:24:bf:4b:96:54:1e:37:a9:66:47:27:50:23:94:
a1:e2:93:f3:48:a4:53:af:d7:6a:20:27:54:73:72:07:f2:1c:
b3:e8:fb:24:be:53:d8:58:af:b5:b8:8f:0c:c7:c1:05:4d:0e:
00:ff:46:52:f7:9f:04:23:c5:68:26:a8:e0:f0:c6:0a:0f:e4:
86:9c:e2:be:bf:77:00:ea:f9:ef:34:eb:dc:79:bd:89:67:88:
89:5f:f6:19:89:c0:d8:8a:8f:81:f6:86:37:be:25:6e:20:99:
a0:4f:e0:10:00:da:bf:b0:e2:7d:12:a3:36:76:c3:3d:7d:09:
70:2e:ed:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJtkeuE2cprboA9kVkBdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MDIyZTE2MmY2ZTZiOTc1NWNlNGNlODQ1MTIwZTYyOTM5
NTA2ZjcwHhcNMjUwMTAyMTc1MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI0YWQzNjY1ZDAxNzdhZmMwNjMyMDQyMThlOWE5NDFiZmM3ZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx08SMMGAVDHDgA7r8jULSs8NArmr
vpC0DWJ+XUWBuFvSfttv08KdErj8Cvru04jUdlIM5PQ6MtycFwCeOV6ItzaTFO3O
HRfqEkGlBGgtZYuV8e9uiac04rKbd3lOy6Qt1s5/NjS6TWJ4wZFtvY7YLbZq/yyM
LxL61yQ653kERBmjLh7xqHiMn8SFx+4M5yupeyZkV0hYkZuqNPD/WDZ9xLzawrrB
encbTCW4TvTlGirpdphhIFQwIbA+Xg/ZJSFLkT8rBUjEmNyhqr8i1ifF0CUqtelb
0PkuM05BMskM8UA0e8Kwq3yeS3naEyi5CyacbpKN6LDtJlrKSF8NMtGU0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDG0rTZl0Bd6/AYyBCGOmpQb/H1zMB8GA1UdIwQY
MBaAFIYCLhYvbmuXVc5M6EUSDmKTlQb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGdJdUZpOXVhNWRWemt6b1JSSU9ZcE9WQnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC83ODJjMDctNGJiYS00ODEwLWI5OGIt
MDU5ZGJjYzhkY2VmLzEvTWJTdE5tWFFGM3I4QmpJRUlZNmFsQnY4ZlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC83ODJjMDctNGJiYS00ODEwLWI5OGItMDU5ZGJjYzhkY2Vm
LzEvaGdJdUZpOXVhNWRWemt6b1JSSU9ZcE9WQnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU4g0MA0G
CSqGSIb3DQEBCwUAA4IBAQBpjcDGZC411bOifwbSz5gmfp5ozoX+X+sumePUTtqq
bKibq3As48l5Yz6N9ooGtBiJkjlBWugoBegyoI6FdoGiMVmQ45rvqYoMWdHaLMQa
qVu/v53DrGBL+b4jRdXRAdFUdsPGf59FRAxnsyvQDVPP3zNqMxi5UgrS9aTp1g0X
XK0EJL9LllQeN6lmRydQI5Sh4pPzSKRTr9dqICdUc3IH8hyz6PskvlPYWK+1uI8M
x8EFTQ4A/0ZS958EI8VoJqjg8MYKD+SGnOK+v3cA6vnvNOvceb2JZ4iJX/YZicDY
io+B9oY3viVuIJmgT+AQANq/sOJ9EqM2dsM9fQlwLu2P
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:11:08 2025 by rpki-client