Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/83cf73-b7ce-4440-a4ad-7c523b58decf/1/d_MgrBI_XqLm3vPMbVfOHRCRjlM.roa
File: d_MgrBI_XqLm3vPMbVfOHRCRjlM.roa (raw, json)
Hash identifier: 8wS5nxJpvzUto4TBQuuJYHRS4iSYHZpu3buUsV2eb9o=
Subject key identifier: 77:F3:20:AC:12:3F:5E:A2:E6:DE:F3:CC:6D:57:CE:1D:10:91:8E:53
Certificate issuer: /CN=53700731c5adc70bcb713e57a51a403e64ed91c8
Certificate serial: 0195B8FA5A65058C81AE56DBF01352F81C40
Authority key identifier: 53:70:07:31:C5:AD:C7:0B:CB:71:3E:57:A5:1A:40:3E:64:ED:91:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3AHMcWtxwvLcT5XpRpAPmTtkcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/83cf73-b7ce-4440-a4ad-7c523b58decf/1/d_MgrBI_XqLm3vPMbVfOHRCRjlM.roa
Signing time: Fri 21 Mar 2025 13:52:49 +0000
ROA not before: Fri 21 Mar 2025 13:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60022
IP address blocks: 45.133.160.0/22 maxlen: 24
185.62.68.0/22 maxlen: 24
2a03:60::/32 maxlen: 32
2a03:61::/32 maxlen: 32
2a03:62::/32 maxlen: 32
2a03:63::/32 maxlen: 32
2a03:64::/32 maxlen: 32
2a03:65::/32 maxlen: 32
2a03:66::/32 maxlen: 32
2a03:67::/32 maxlen: 32
2a0e:7640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:fa:5a:65:05:8c:81:ae:56:db:f0:13:52:f8:1c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53700731c5adc70bcb713e57a51a403e64ed91c8
Validity
Not Before: Mar 21 13:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77f320ac123f5ea2e6def3cc6d57ce1d10918e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b1:02:13:82:a1:a7:25:53:5a:a9:1b:95:0a:
bf:f6:a2:45:03:eb:47:b4:7b:26:55:58:b2:65:4b:
43:ca:3d:e3:7c:13:ae:45:5c:ab:e5:48:70:00:3b:
55:fd:f7:54:79:33:41:dd:04:37:ab:6d:ba:a5:f5:
05:25:ae:45:2f:2e:20:26:43:4d:54:be:44:d5:59:
cb:38:52:95:22:c1:00:d9:89:88:70:a1:d7:79:b6:
e4:01:c7:96:79:b2:d3:67:57:ee:ef:59:b8:34:55:
6f:1a:d4:80:32:d6:72:7d:8f:c9:da:e3:92:49:b0:
ab:d4:58:5f:b3:58:c9:88:01:ab:6a:d2:40:d8:fd:
ac:bc:e1:7f:4f:8e:65:c4:08:60:63:60:b3:25:d3:
f3:7f:57:dc:c1:f5:c1:6b:26:06:19:c2:f8:02:c6:
60:22:fa:4c:e2:9b:c5:bb:c0:f2:fd:5c:77:30:6b:
e0:76:4a:7f:10:a0:4b:58:ed:6a:04:58:02:c4:9f:
5a:dc:45:ed:e0:cc:b6:d5:3a:2b:af:05:69:f0:7c:
12:02:31:6d:e7:d9:55:03:c8:92:23:0e:09:b0:37:
df:6c:87:0a:ff:bb:6b:07:f2:8d:82:ed:61:70:e9:
f9:e5:40:29:95:7b:99:86:91:0a:cd:8f:35:8f:f1:
6b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F3:20:AC:12:3F:5E:A2:E6:DE:F3:CC:6D:57:CE:1D:10:91:8E:53
X509v3 Authority Key Identifier:
keyid:53:70:07:31:C5:AD:C7:0B:CB:71:3E:57:A5:1A:40:3E:64:ED:91:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3AHMcWtxwvLcT5XpRpAPmTtkcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/83cf73-b7ce-4440-a4ad-7c523b58decf/1/d_MgrBI_XqLm3vPMbVfOHRCRjlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/83cf73-b7ce-4440-a4ad-7c523b58decf/1/U3AHMcWtxwvLcT5XpRpAPmTtkcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.160.0/22
185.62.68.0/22
IPv6:
2a03:60::/29
2a0e:7640::/29
Signature Algorithm: sha256WithRSAEncryption
6e:7a:ce:ef:8b:7a:a6:89:5e:66:07:a5:e7:92:50:97:53:e7:
2e:23:52:55:24:de:26:17:b2:a9:79:42:8d:f9:59:05:ba:1e:
e1:0a:93:cd:b7:90:1a:41:47:26:97:63:fd:49:61:39:67:6b:
6f:cd:10:6d:70:63:8c:e8:f6:8f:34:39:c3:88:9b:d1:fd:46:
18:21:d2:cd:04:1c:a6:4e:e1:7d:05:35:f7:d9:54:22:b0:61:
bc:d1:5e:7c:a1:c5:b3:9c:bb:31:f8:0c:c1:32:f8:49:83:00:
81:de:f1:c2:97:aa:49:80:be:40:37:84:f6:79:cc:e6:b4:de:
b2:ad:16:c4:c3:ae:d0:24:4c:e1:83:d9:34:55:77:e5:e0:5e:
3d:b1:a2:d3:82:bb:84:8e:9e:71:1e:58:a2:e5:ab:70:38:3a:
4e:71:1c:12:d7:58:30:99:9b:fb:36:dc:83:75:16:08:0a:a2:
18:fb:45:f1:b1:6b:7c:ef:3f:3a:14:ca:7a:c3:bc:64:63:a8:
98:c6:64:4b:c2:78:5c:d7:97:5c:99:9e:a9:ad:0d:05:d9:43:
0f:a5:a4:e6:6d:37:10:a3:58:68:c9:15:1f:41:db:5c:5e:27:
78:be:91:8d:b6:cb:6e:36:96:7e:91:6f:50:ce:df:22:f3:ea:
14:39:67:bd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZW4+lplBYyBrlbb8BNS+BxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzAwNzMxYzVhZGM3MGJjYjcxM2U1N2E1MWE0MDNlNjRl
ZDkxYzgwHhcNMjUwMzIxMTM1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2YzMjBhYzEyM2Y1ZWEyZTZkZWYzY2M2ZDU3Y2UxZDEwOTE4ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorECE4KhpyVTWqkblQq/9qJFA+tH
tHsmVViyZUtDyj3jfBOuRVyr5UhwADtV/fdUeTNB3QQ3q226pfUFJa5FLy4gJkNN
VL5E1VnLOFKVIsEA2YmIcKHXebbkAceWebLTZ1fu71m4NFVvGtSAMtZyfY/J2uOS
SbCr1Fhfs1jJiAGratJA2P2svOF/T45lxAhgY2CzJdPzf1fcwfXBayYGGcL4AsZg
IvpM4pvFu8Dy/Vx3MGvgdkp/EKBLWO1qBFgCxJ9a3EXt4My21TorrwVp8HwSAjFt
59lVA8iSIw4JsDffbIcK/7trB/KNgu1hcOn55UAplXuZhpEKzY81j/Fr1wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHfzIKwSP16i5t7zzG1Xzh0QkY5TMB8GA1UdIwQY
MBaAFFNwBzHFrccLy3E+V6UaQD5k7ZHIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNBSE1jV3R4d3ZMY1Q1WHBScEFQbVR0a2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84M2NmNzMtYjdjZS00NDQwLWE0YWQt
N2M1MjNiNThkZWNmLzEvZF9NZ3JCSV9YcUxtM3ZQTWJWZk9IUkNSamxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84M2NmNzMtYjdjZS00NDQwLWE0YWQtN2M1MjNiNThkZWNm
LzEvVTNBSE1jV3R4d3ZMY1Q1WHBScEFQbVR0a2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLYWgAwQC
uT5EMBQEAgACMA4DBQMqAwBgAwUDKg52QDANBgkqhkiG9w0BAQsFAAOCAQEAbnrO
74t6poleZgel55JQl1PnLiNSVSTeJheyqXlCjflZBboe4QqTzbeQGkFHJpdj/Ulh
OWdrb80QbXBjjOj2jzQ5w4ib0f1GGCHSzQQcpk7hfQU199lUIrBhvNFefKHFs5y7
MfgMwTL4SYMAgd7xwpeqSYC+QDeE9nnM5rTesq0WxMOu0CRM4YPZNFV35eBePbGi
04K7hI6ecR5YouWrcDg6TnEcEtdYMJmb+zbcg3UWCAqiGPtF8bFrfO8/OhTKesO8
ZGOomMZkS8J4XNeXXJmeqa0NBdlDD6Wk5m03EKNYaMkVH0HbXF4neL6RjbbLbjaW
fpFvUM7fIvPqFDlnvQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:56 2025 by rpki-client