Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/MUJfIeriR1knxRBmDTAU_UGM2G0.roa
File: MUJfIeriR1knxRBmDTAU_UGM2G0.roa (raw, json)
Hash identifier: +j+nW+PIrLVUlYMjFsxHH00riREWKH88ubnC9Ksdaw8=
Subject key identifier: 31:42:5F:21:EA:E2:47:59:27:C5:10:66:0D:30:14:FD:41:8C:D8:6D
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 01860A6E92A8B21E7F1780D5C54AD11A6DB4
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/MUJfIeriR1knxRBmDTAU_UGM2G0.roa
Signing time: Wed 01 Feb 2023 00:44:23 +0000
ROA not before: Wed 01 Feb 2023 00:44:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210439
IP address blocks: 85.237.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0a:6e:92:a8:b2:1e:7f:17:80:d5:c5:4a:d1:1a:6d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Feb 1 00:44:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31425f21eae2475927c510660d3014fd418cd86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1b:e7:19:98:2c:9c:aa:23:0b:3c:3e:d1:0c:
ff:be:19:7f:37:23:3e:97:d7:99:20:49:33:61:1b:
b2:cb:d8:92:be:82:ce:1f:fa:ef:43:1b:4b:48:49:
96:33:82:84:21:1d:51:2f:b5:89:0b:e2:87:03:f7:
24:a3:a7:ff:c3:91:b9:2f:41:d2:ff:0e:5c:02:5a:
62:bd:04:4d:ab:01:9e:8c:39:42:8d:e5:a9:e0:a0:
cd:30:b8:41:4e:1f:8d:b0:bb:ac:63:44:6c:6e:ba:
f2:a0:1c:55:e7:8c:7f:16:de:d5:b4:4e:ee:8b:ee:
7e:28:0e:41:ac:10:db:63:d8:ed:d9:4c:e9:fd:99:
16:14:16:e5:a5:23:8f:d4:25:25:43:a7:39:dd:e2:
49:e6:28:6e:3d:c0:94:92:80:05:07:4e:dc:b0:83:
7a:2b:ea:ab:11:80:12:3a:bc:19:eb:8e:03:37:e1:
58:d1:53:e3:dd:46:a4:2b:9e:a3:fd:76:24:6f:76:
9a:72:43:87:9d:91:cb:36:13:c8:09:97:ee:59:52:
c4:53:e1:79:a2:e5:94:d4:ab:72:1f:7a:69:c0:4c:
22:02:26:6b:64:52:ae:45:e3:26:9f:2a:63:24:0d:
1c:97:2e:8b:a6:2e:32:9b:27:a3:2a:6f:ff:3d:e3:
b3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:42:5F:21:EA:E2:47:59:27:C5:10:66:0D:30:14:FD:41:8C:D8:6D
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/MUJfIeriR1knxRBmDTAU_UGM2G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.213.0/24
Signature Algorithm: sha256WithRSAEncryption
61:bd:50:43:14:05:52:1d:6f:1b:1a:52:2e:6b:96:47:a3:a7:
a4:42:d1:e1:5c:60:4f:23:82:d7:64:34:d2:d2:7a:84:f8:3d:
53:bc:65:e0:e6:25:e8:95:d3:19:10:7a:02:07:3e:82:cd:8d:
3e:a6:bd:70:bb:6e:c9:5d:7d:2e:88:e2:9e:c6:77:a7:3e:f5:
4f:af:c7:46:d5:d3:e3:62:67:2e:38:2c:4f:4a:7c:31:a0:71:
4c:03:65:58:99:be:f4:75:0a:a2:38:b5:43:c9:33:85:f6:ee:
d5:d1:97:9a:7d:bb:43:09:f9:38:00:24:4e:04:f5:04:b8:c0:
64:ac:6f:bd:a8:82:4e:4a:d8:0c:53:43:1f:60:a4:5e:f4:c6:
bc:5e:c1:0f:29:2d:8c:a8:68:4a:9d:76:2f:3e:24:4f:0c:15:
76:44:e9:66:5e:c6:54:aa:26:e0:bb:b9:2d:b6:79:6d:46:96:
3a:31:ed:10:c3:fd:96:16:a7:0f:59:b0:b4:a6:6f:92:94:21:
18:5f:d7:6a:80:18:a2:79:c5:2a:7b:3a:9c:82:83:7b:8b:4f:
ae:a1:f0:b4:3b:91:9e:ee:f4:d6:04:ff:6a:bb:fb:e9:eb:cb:
1e:43:6f:f5:eb:c5:18:4f:35:8a:9d:cd:0c:4f:14:04:26:cc:
74:cc:bc:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYKbpKosh5/F4DVxUrRGm20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMjAxMDA0NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQyNWYyMWVhZTI0NzU5MjdjNTEwNjYwZDMwMTRmZDQxOGNkODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxvnGZgsnKojCzw+0Qz/vhl/NyM+
l9eZIEkzYRuyy9iSvoLOH/rvQxtLSEmWM4KEIR1RL7WJC+KHA/cko6f/w5G5L0HS
/w5cAlpivQRNqwGejDlCjeWp4KDNMLhBTh+NsLusY0RsbrryoBxV54x/Ft7VtE7u
i+5+KA5BrBDbY9jt2Uzp/ZkWFBblpSOP1CUlQ6c53eJJ5ihuPcCUkoAFB07csIN6
K+qrEYASOrwZ644DN+FY0VPj3UakK56j/XYkb3aackOHnZHLNhPICZfuWVLEU+F5
ouWU1KtyH3ppwEwiAiZrZFKuReMmnypjJA0cly6Lpi4ymyejKm//PeOzNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFCXyHq4kdZJ8UQZg0wFP1BjNhtMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvTVVKZkllcmlSMWtueFJCbURUQVVfVUdNMkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe3VMA0G
CSqGSIb3DQEBCwUAA4IBAQBhvVBDFAVSHW8bGlIua5ZHo6ekQtHhXGBPI4LXZDTS
0nqE+D1TvGXg5iXoldMZEHoCBz6CzY0+pr1wu27JXX0uiOKexnenPvVPr8dG1dPj
YmcuOCxPSnwxoHFMA2VYmb70dQqiOLVDyTOF9u7V0ZeafbtDCfk4ACROBPUEuMBk
rG+9qIJOStgMU0MfYKRe9Ma8XsEPKS2MqGhKnXYvPiRPDBV2ROlmXsZUqibgu7kt
tnltRpY6Me0Qw/2WFqcPWbC0pm+SlCEYX9dqgBiiecUqezqcgoN7i0+uofC0O5Ge
7vTWBP9qu/vp68seQ2/168UYTzWKnc0MTxQEJsx0zLza
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:51 2025 by rpki-client