Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MJZfoH0ZhW_hbvXo4dd-ay01Opk.roa
File: MJZfoH0ZhW_hbvXo4dd-ay01Opk.roa (raw, json)
Hash identifier: MLgaYf2gLQTmG2twUX7cAehunxj5DMT1FoMnplBvNS4=
Subject key identifier: 30:96:5F:A0:7D:19:85:6F:E1:6E:F5:E8:E1:D7:7E:6B:2D:35:3A:99
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018C86B129852B6A9F079FCF82FC3F3FFC3F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MJZfoH0ZhW_hbvXo4dd-ay01Opk.roa
Signing time: Wed 20 Dec 2023 10:06:46 +0000
ROA not before: Wed 20 Dec 2023 10:06:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35004
IP address blocks: 93.170.116.0/22 maxlen: 24
93.170.118.0/24 maxlen: 24
95.47.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:b1:29:85:2b:6a:9f:07:9f:cf:82:fc:3f:3f:fc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 20 10:06:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30965fa07d19856fe16ef5e8e1d77e6b2d353a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:96:1d:92:04:58:9a:9f:1c:58:13:88:89:3d:
b1:e7:d4:4b:96:bb:ee:b8:16:c1:7f:00:8d:60:41:
73:9b:65:fe:0b:75:fc:db:48:da:f5:a0:8f:98:96:
62:81:39:72:73:f7:9d:e4:0f:7b:e5:c1:93:76:e0:
e8:f8:3a:14:d3:f3:a2:06:4b:d1:0c:6a:0b:41:a4:
b4:e2:5b:5b:66:14:cd:3d:54:8d:16:3c:3a:55:18:
3f:a3:d3:2d:59:ef:e4:d2:c3:dd:3b:38:54:17:4d:
93:c3:30:8f:f6:fe:cc:f3:e1:f8:e8:d9:db:8c:5e:
90:a9:16:7c:2d:7e:4a:38:0f:ab:34:ed:45:97:9f:
72:75:59:6d:d4:32:2f:b6:18:28:2c:40:d3:f3:27:
55:de:93:e8:02:fb:a0:f4:dd:30:5b:57:72:28:df:
7c:fd:1e:a2:d0:b2:ba:5d:8f:4e:fe:d8:3a:30:8a:
de:e1:98:f0:ad:06:e0:74:00:49:0b:69:04:6d:86:
7d:73:3b:da:6c:47:ac:62:d9:69:d2:55:96:cd:97:
43:0e:7d:39:16:71:29:0a:5e:09:86:52:14:20:cd:
58:4f:b8:b5:a1:20:25:ad:bf:52:fb:c4:e6:07:23:
b1:fa:5c:78:f3:5d:f2:1d:f5:1e:21:2a:25:2d:0f:
f2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:96:5F:A0:7D:19:85:6F:E1:6E:F5:E8:E1:D7:7E:6B:2D:35:3A:99
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MJZfoH0ZhW_hbvXo4dd-ay01Opk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.116.0/22
95.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:2e:2b:36:c2:40:05:30:cf:a6:15:8d:23:c0:db:2b:c9:51:
22:8e:58:67:2a:4e:34:31:0c:b4:e6:1d:a3:cc:dc:05:b5:03:
30:30:8d:b7:06:49:c2:45:14:5d:8f:dc:2b:5f:94:5b:34:a9:
02:b8:ff:8f:d8:f9:f6:59:f8:b2:e4:f9:a6:13:b8:bc:97:f9:
2b:96:78:58:bc:45:bf:7c:61:1c:3b:2a:9f:3e:23:d2:05:a9:
b4:ad:34:07:61:99:fa:37:c5:c2:79:a8:84:b7:62:f8:17:9c:
12:56:b6:e1:91:7e:9a:6c:0e:22:12:99:c4:77:3a:0b:9d:4e:
31:04:ca:34:ac:5b:d9:e2:51:83:db:f2:92:f6:ef:cd:2c:37:
ad:b6:ef:0f:82:a1:43:3a:b0:9d:80:60:43:be:d4:83:be:34:
ee:2f:51:74:7a:61:b6:5d:75:1e:1b:ae:c8:86:65:6e:e8:84:
bd:a8:82:69:31:bf:84:28:59:da:ca:de:1c:22:02:a4:cb:73:
49:6d:69:b4:9a:47:35:9e:23:b4:cd:cc:6a:35:f2:15:1b:3b:
db:73:46:e2:9f:f5:60:43:28:02:03:bf:1a:ec:dd:f9:fe:c3:
85:7b:07:b1:75:29:bc:fe:26:16:c8:ad:a9:dd:0a:4c:2a:54:
61:05:db:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyGsSmFK2qfB5/Pgvw/P/w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMjIwMTAwNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk2NWZhMDdkMTk4NTZmZTE2ZWY1ZThlMWQ3N2U2YjJkMzUzYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJYdkgRYmp8cWBOIiT2x59RLlrvu
uBbBfwCNYEFzm2X+C3X820ja9aCPmJZigTlyc/ed5A975cGTduDo+DoU0/OiBkvR
DGoLQaS04ltbZhTNPVSNFjw6VRg/o9MtWe/k0sPdOzhUF02TwzCP9v7M8+H46Nnb
jF6QqRZ8LX5KOA+rNO1Fl59ydVlt1DIvthgoLEDT8ydV3pPoAvug9N0wW1dyKN98
/R6i0LK6XY9O/tg6MIre4ZjwrQbgdABJC2kEbYZ9czvabEesYtlp0lWWzZdDDn05
FnEpCl4JhlIUIM1YT7i1oSAlrb9S+8TmByOx+lx4813yHfUeISolLQ/yuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDCWX6B9GYVv4W716OHXfmstNTqZMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTUpaZm9IMFpoV19oYnZYbzRkZC1heTAxT3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXap0AwQA
Xy87MA0GCSqGSIb3DQEBCwUAA4IBAQBbLis2wkAFMM+mFY0jwNsryVEijlhnKk40
MQy05h2jzNwFtQMwMI23BknCRRRdj9wrX5RbNKkCuP+P2Pn2Wfiy5PmmE7i8l/kr
lnhYvEW/fGEcOyqfPiPSBam0rTQHYZn6N8XCeaiEt2L4F5wSVrbhkX6abA4iEpnE
dzoLnU4xBMo0rFvZ4lGD2/KS9u/NLDettu8PgqFDOrCdgGBDvtSDvjTuL1F0emG2
XXUeG67IhmVu6IS9qIJpMb+EKFnayt4cIgKky3NJbWm0mkc1niO0zcxqNfIVGzvb
c0bin/VgQygCA78a7N35/sOFewexdSm8/iYWyK2p3QpMKlRhBdvN
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:25 2025 by rpki-client