Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/MBaWylrBVCifHO75NhqX3hwA3gI.roa
File: MBaWylrBVCifHO75NhqX3hwA3gI.roa (raw, json)
Hash identifier: rBGbEwve3PVfVzEgeSB6FNde2V4Ej5oriQNU2JdSej4=
Subject key identifier: 30:16:96:CA:5A:C1:54:28:9F:1C:EE:F9:36:1A:97:DE:1C:00:DE:02
Certificate issuer: /CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Certificate serial: 019424458C0E4EE9C5B4CF57247158BAA3A3
Authority key identifier: AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/MBaWylrBVCifHO75NhqX3hwA3gI.roa
Signing time: Wed 01 Jan 2025 23:48:45 +0000
ROA not before: Wed 01 Jan 2025 23:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61243
IP address blocks: 91.250.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:8c:0e:4e:e9:c5:b4:cf:57:24:71:58:ba:a3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Validity
Not Before: Jan 1 23:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=301696ca5ac154289f1ceef9361a97de1c00de02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3a:0e:5d:8a:aa:bf:18:39:78:d5:30:3e:5d:
eb:83:df:1c:07:07:16:a9:a4:d3:6d:33:8c:33:a8:
2f:53:f9:fa:0e:04:ea:99:52:94:89:2d:5e:3b:d7:
3c:f5:21:e0:7c:84:44:48:d1:bc:11:b9:30:ea:b5:
22:6f:48:76:d3:06:99:c4:ae:d4:83:3e:a6:e8:4c:
62:85:97:2a:8a:ec:da:2e:a9:05:4a:a9:df:08:5e:
ee:e2:39:3c:be:ba:5d:33:bc:5d:ec:7e:71:0c:8d:
03:a8:87:cb:87:fd:01:f8:15:31:89:2c:fa:88:ad:
a6:12:76:af:62:41:1c:ce:55:bb:ba:91:90:71:57:
5e:a9:3b:60:ff:69:1c:38:fe:7d:d8:3b:81:e6:33:
d9:18:1c:99:ba:4e:3f:7b:74:d9:53:4e:2a:16:8c:
e3:39:93:a6:d4:9a:40:4e:22:32:17:65:23:43:f7:
a3:f6:91:78:ae:27:64:ce:d8:98:c4:de:01:2f:ab:
a5:a8:90:30:a8:2e:0e:65:4d:84:55:f0:b0:37:63:
fe:54:86:01:34:d6:19:db:55:77:46:d5:1b:f6:48:
a0:d1:17:c0:0c:0d:1f:70:02:fa:d3:a4:1d:76:61:
dd:43:0d:4d:12:21:fe:1d:88:97:aa:b3:34:55:64:
3f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:16:96:CA:5A:C1:54:28:9F:1C:EE:F9:36:1A:97:DE:1C:00:DE:02
X509v3 Authority Key Identifier:
keyid:AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/MBaWylrBVCifHO75NhqX3hwA3gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.250.252.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:0e:4c:48:69:61:45:2c:7a:d7:a9:bb:43:54:59:d7:5a:39:
d5:37:52:d1:b3:00:3c:0a:26:75:85:2b:ff:3a:85:ba:f8:29:
a3:c6:09:db:c9:63:53:75:2d:19:22:4b:20:5b:8d:70:1d:d0:
6f:56:79:59:7a:da:42:75:c2:0a:f3:07:b4:f0:fd:09:39:cc:
62:f9:01:72:1a:ab:50:ff:97:36:de:2c:03:a5:a4:9f:5f:1b:
0f:79:13:11:fa:a7:b9:b9:d1:6f:32:eb:9c:d9:cd:d8:b8:c5:
10:2c:3e:57:b5:69:d9:37:a8:44:51:c2:26:9e:cd:8d:d2:d1:
88:3e:7b:5f:b4:f4:e3:b5:a7:74:f8:a0:bd:a5:e1:e4:21:46:
3f:bb:89:8e:f7:d0:a3:27:44:4d:9f:96:82:03:44:2d:cb:2f:
95:7b:c0:96:82:a5:46:6f:1c:6a:c6:b8:71:0c:7d:ab:ad:4e:
2c:57:1e:1e:b1:2a:a5:b3:29:78:13:55:8f:48:01:81:a5:03:
9c:dd:16:08:ef:61:3b:c1:97:7b:2a:88:68:4f:e3:f0:dd:7b:
98:ff:93:ff:f8:97:ca:38:73:55:31:7b:a6:ff:6d:cf:e3:22:
e5:7b:05:fc:4a:f5:2c:34:d4:e2:29:56:68:d5:df:93:6b:e3:
5b:95:8a:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRYwOTunFtM9XJHFYuqOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOGM2YzU4YjYwN2ZmMjNhZTcxNzVhNjE2ODJjNzU0ODBm
MWUyMTQwHhcNMjUwMTAxMjM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE2OTZjYTVhYzE1NDI4OWYxY2VlZjkzNjFhOTdkZTFjMDBkZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DoOXYqqvxg5eNUwPl3rg98cBwcW
qaTTbTOMM6gvU/n6DgTqmVKUiS1eO9c89SHgfIRESNG8Ebkw6rUib0h20waZxK7U
gz6m6ExihZcqiuzaLqkFSqnfCF7u4jk8vrpdM7xd7H5xDI0DqIfLh/0B+BUxiSz6
iK2mEnavYkEczlW7upGQcVdeqTtg/2kcOP592DuB5jPZGByZuk4/e3TZU04qFozj
OZOm1JpATiIyF2UjQ/ej9pF4ridkztiYxN4BL6ulqJAwqC4OZU2EVfCwN2P+VIYB
NNYZ21V3RtUb9kig0RfADA0fcAL606QddmHdQw1NEiH+HYiXqrM0VWQ/pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAWlspawVQonxzu+TYal94cAN4CMB8GA1UdIwQY
MBaAFKuMbFi2B/8jrnF1phaCx1SA8eIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2Mt
ODhhM2M0MWZhZWUyLzEvTUJhV3lsckJWQ2lmSE83NU5ocVgzaHdBM2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2MtODhhM2M0MWZhZWUy
LzEvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/r8MA0G
CSqGSIb3DQEBCwUAA4IBAQC7DkxIaWFFLHrXqbtDVFnXWjnVN1LRswA8CiZ1hSv/
OoW6+CmjxgnbyWNTdS0ZIksgW41wHdBvVnlZetpCdcIK8we08P0JOcxi+QFyGqtQ
/5c23iwDpaSfXxsPeRMR+qe5udFvMuuc2c3YuMUQLD5XtWnZN6hEUcImns2N0tGI
PntftPTjtad0+KC9peHkIUY/u4mO99CjJ0RNn5aCA0Qtyy+Ve8CWgqVGbxxqxrhx
DH2rrU4sVx4esSqlsyl4E1WPSAGBpQOc3RYI72E7wZd7KohoT+Pw3XuY/5P/+JfK
OHNVMXum/23P4yLlewX8SvUsNNTiKVZo1d+Ta+NblYqd
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:58:47 2025 by rpki-client