Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MPfuJ4Q8APoop0BinD-N3y2WqW8.roa
File: MPfuJ4Q8APoop0BinD-N3y2WqW8.roa (raw, json)
Hash identifier: 8a6YmAs0yMuu5h7XDO5OTlOBjpxyqTj8JoEMSjg576I=
Subject key identifier: 30:F7:EE:27:84:3C:00:FA:28:A7:40:62:9C:3F:8D:DF:2D:96:A9:6F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709524C1B2AF4C9165F542478FB85330
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MPfuJ4Q8APoop0BinD-N3y2WqW8.roa
Signing time: Mon 02 Jan 2023 03:45:00 +0000
ROA not before: Mon 02 Jan 2023 03:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43301
IP address blocks: 31.148.206.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:24:c1:b2:af:4c:91:65:f5:42:47:8f:b8:53:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f7ee27843c00fa28a740629c3f8ddf2d96a96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:75:85:3a:48:8f:6a:df:c9:c5:db:a9:a3:c9:
67:c3:9c:50:d8:4b:b6:dc:3b:9c:6e:0a:c1:44:95:
31:11:5b:1a:3a:0c:45:ca:b7:dd:c0:1a:4f:2e:99:
f7:e2:c9:1b:3b:bf:92:27:40:17:b3:69:52:f8:04:
51:d5:95:45:77:fe:86:61:2f:a6:12:97:b0:2c:b5:
1d:dc:fa:2d:f5:09:ad:1c:c7:f8:75:1c:56:3d:79:
68:6b:72:d8:68:1c:14:ed:f8:28:19:71:9e:f7:f4:
be:10:2b:c0:87:08:7d:b3:f2:bf:a1:f5:88:bf:cd:
60:c9:3c:bf:e4:c3:66:7b:44:e0:12:be:b0:9b:e6:
41:e5:65:0c:29:c5:e6:8f:2b:2e:54:f9:9b:d1:e5:
1f:39:6c:31:8f:64:8a:0f:b4:32:fc:86:27:48:25:
ea:57:ca:3c:20:f8:0d:02:d0:14:19:17:81:b4:fc:
94:d8:80:54:7e:4e:0d:d2:ba:f8:19:4b:b2:4e:43:
ad:36:87:8a:da:e3:ae:f5:c5:f2:de:e5:a2:25:c1:
a5:7d:6e:84:6b:21:73:1b:df:c1:f2:89:45:2b:8c:
ea:10:18:71:19:7a:9c:72:d6:ee:49:2f:8e:19:c6:
8f:c2:21:dd:cd:92:76:b3:32:fa:77:94:a7:e7:ac:
64:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:EE:27:84:3C:00:FA:28:A7:40:62:9C:3F:8D:DF:2D:96:A9:6F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/MPfuJ4Q8APoop0BinD-N3y2WqW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.206.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:33:fd:f0:17:f7:a1:74:86:3c:ac:e0:de:1e:b6:3b:59:98:
f7:5e:7b:47:49:74:a2:3b:9e:ef:bf:49:c9:b4:a0:f6:62:f6:
bf:c0:27:d9:68:e6:2f:82:d6:15:cc:c7:b0:62:90:85:6b:58:
bd:51:c6:a6:90:0c:05:ad:d9:29:d0:28:3c:c3:a7:14:46:41:
75:04:2f:b3:ec:ee:3e:2e:84:5c:cd:5e:cf:af:7a:3e:5a:bd:
f3:a3:14:d2:ca:0e:9f:fa:6d:ca:d8:f5:6f:18:ff:25:f7:6e:
fd:b4:3c:57:f5:7f:41:dc:3e:38:ff:69:7f:80:4a:9e:29:b6:
a1:03:99:0a:c5:1e:44:f0:64:b1:40:f7:58:68:28:1e:6e:66:
47:67:1c:9f:62:f3:59:fd:02:8b:48:47:ea:2a:54:06:5b:2d:
76:95:29:99:7d:38:4f:c9:ee:9b:d5:08:a0:30:89:4b:d1:cd:
ec:b1:d7:86:77:72:fb:03:e8:c5:31:fe:f2:c0:30:1c:02:ca:
06:b3:9d:c0:8d:f2:9a:81:4e:19:c8:19:b5:b2:89:aa:b4:41:
f7:9b:3f:0d:e8:80:99:2f:2b:85:b2:85:6b:c3:ab:4b:85:c1:
c7:f6:bb:92:10:14:fd:7a:9e:07:c0:4d:27:eb:40:66:2d:cf:
f7:ee:de:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlSTBsq9MkWX1QkePuFMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY3ZWUyNzg0M2MwMGZhMjhhNzQwNjI5YzNmOGRkZjJkOTZhOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3WFOkiPat/Jxdupo8lnw5xQ2Eu2
3DucbgrBRJUxEVsaOgxFyrfdwBpPLpn34skbO7+SJ0AXs2lS+ARR1ZVFd/6GYS+m
EpewLLUd3Pot9QmtHMf4dRxWPXloa3LYaBwU7fgoGXGe9/S+ECvAhwh9s/K/ofWI
v81gyTy/5MNme0TgEr6wm+ZB5WUMKcXmjysuVPmb0eUfOWwxj2SKD7Qy/IYnSCXq
V8o8IPgNAtAUGReBtPyU2IBUfk4N0rr4GUuyTkOtNoeK2uOu9cXy3uWiJcGlfW6E
ayFzG9/B8olFK4zqEBhxGXqcctbuSS+OGcaPwiHdzZJ2szL6d5Sn56xkTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDD37ieEPAD6KKdAYpw/jd8tlqlvMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTVBmdUo0UThBUG9vcDBCaW5ELU4zeTJXcVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH5TOMA0G
CSqGSIb3DQEBCwUAA4IBAQAPM/3wF/ehdIY8rODeHrY7WZj3XntHSXSiO57vv0nJ
tKD2Yva/wCfZaOYvgtYVzMewYpCFa1i9UcamkAwFrdkp0Cg8w6cURkF1BC+z7O4+
LoRczV7Pr3o+Wr3zoxTSyg6f+m3K2PVvGP8l9279tDxX9X9B3D44/2l/gEqeKbah
A5kKxR5E8GSxQPdYaCgebmZHZxyfYvNZ/QKLSEfqKlQGWy12lSmZfThPye6b1Qig
MIlL0c3ssdeGd3L7A+jFMf7ywDAcAsoGs53AjfKagU4ZyBm1somqtEH3mz8N6ICZ
LyuFsoVrw6tLhcHH9ruSEBT9ep4HwE0n60BmLc/37t7C
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:46:53 2025 by rpki-client