Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/2fc150-ad36-4fe7-a6b0-d63b98ce1dd6/1/mgPFPwNtHJgL7IbzvZrrLiKUccE.roa
File: mgPFPwNtHJgL7IbzvZrrLiKUccE.roa (raw, json)
Hash identifier: rLw1C9G0qKhxxSPhjDQcKo42QTqL3jpDOyIm5Eu6ix8=
Subject key identifier: 9A:03:C5:3F:03:6D:1C:98:0B:EC:86:F3:BD:9A:EB:2E:22:94:71:C1
Certificate issuer: /CN=1d7c51255cb0653562fb869911f05d45414e61c5
Certificate serial: 01857067466652F643949DAF2FA2D2D20253
Authority key identifier: 1D:7C:51:25:5C:B0:65:35:62:FB:86:99:11:F0:5D:45:41:4E:61:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HXxRJVywZTVi-4aZEfBdRUFOYcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/2fc150-ad36-4fe7-a6b0-d63b98ce1dd6/1/mgPFPwNtHJgL7IbzvZrrLiKUccE.roa
Signing time: Mon 02 Jan 2023 02:54:54 +0000
ROA not before: Mon 02 Jan 2023 02:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 188.95.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:46:66:52:f6:43:94:9d:af:2f:a2:d2:d2:02:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d7c51255cb0653562fb869911f05d45414e61c5
Validity
Not Before: Jan 2 02:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a03c53f036d1c980bec86f3bd9aeb2e229471c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:63:10:a2:63:7b:af:03:2c:25:7b:8e:25:0e:
8b:8e:37:86:0b:e3:9f:16:b1:9d:ae:8f:93:fc:d5:
2c:4d:f1:aa:1d:57:2f:8c:0a:70:cb:e4:66:eb:92:
ca:75:6c:a8:8f:fe:3d:d9:ec:36:ba:f7:53:9f:72:
6b:34:7e:f8:24:74:14:69:bf:e5:6b:6d:90:1f:20:
ae:f2:22:b2:c4:7a:1c:e6:ac:54:6d:e9:eb:db:7f:
cb:3b:be:7e:12:bf:94:d7:36:96:20:3d:c4:b7:76:
59:05:58:d0:4c:7e:a0:49:a5:81:62:b3:5d:5b:2e:
0c:5e:06:8b:91:f6:27:76:67:a1:d9:4a:9c:f8:c2:
03:a0:27:49:81:4e:b0:e4:59:df:d0:fb:15:7b:b7:
56:fb:d0:05:66:48:1b:bd:de:6a:01:6d:65:83:8b:
24:b2:5a:a9:ca:18:de:4b:6c:17:7c:21:d1:4f:ec:
74:d8:b4:f4:a4:50:97:94:7d:b7:39:f7:04:c6:7e:
4f:35:f2:ac:67:83:3b:12:df:10:7d:24:45:ce:ac:
c5:8d:34:01:1d:e7:a6:a9:ba:71:cc:13:2f:6e:47:
6b:06:d7:dc:22:90:33:de:d3:4c:9d:0f:15:e7:1a:
a5:78:cf:16:9e:c1:1b:63:2b:35:d7:b8:0c:39:31:
89:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:03:C5:3F:03:6D:1C:98:0B:EC:86:F3:BD:9A:EB:2E:22:94:71:C1
X509v3 Authority Key Identifier:
keyid:1D:7C:51:25:5C:B0:65:35:62:FB:86:99:11:F0:5D:45:41:4E:61:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HXxRJVywZTVi-4aZEfBdRUFOYcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/2fc150-ad36-4fe7-a6b0-d63b98ce1dd6/1/mgPFPwNtHJgL7IbzvZrrLiKUccE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/2fc150-ad36-4fe7-a6b0-d63b98ce1dd6/1/HXxRJVywZTVi-4aZEfBdRUFOYcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.67.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:3a:9c:0f:ea:80:c8:06:f9:51:3e:4a:07:8b:c8:ef:54:aa:
34:0d:30:7f:e6:bc:bd:d1:0a:79:4a:e8:7b:fb:c2:96:99:a3:
fe:c3:bf:a6:00:08:1a:1f:a3:c2:80:e4:c2:1c:6f:8f:d4:e1:
2b:82:23:fe:88:4f:65:bd:17:34:02:16:8c:58:56:ab:4c:36:
2f:2d:db:81:13:ce:bb:34:e3:a9:4d:19:2c:bf:e5:ea:8d:b7:
bb:1b:bc:5c:93:6a:e8:bb:cc:b5:7b:53:00:69:3a:65:7d:92:
94:dc:a8:d8:f4:05:7a:f0:4c:35:17:a2:65:6a:ac:6c:b4:a3:
92:ef:73:30:46:3b:56:94:50:66:5e:5f:09:83:64:c8:51:69:
16:e8:3b:c7:4a:e3:d4:5a:7b:3f:ec:b6:58:12:35:18:55:67:
e1:23:0f:c9:76:f9:e1:87:52:87:a9:e9:46:f2:ae:05:67:c1:
fc:3b:b4:fa:0f:dc:bf:58:04:1f:f7:8c:fe:4d:0a:e0:25:55:
49:c6:32:9c:49:d5:de:d7:1a:7d:d1:52:6f:74:4c:f8:5b:56:
a6:bd:d4:d3:43:33:98:bc:83:b9:95:1e:ed:11:db:ab:4d:01:
0c:4e:bc:52:cd:f3:ff:28:b0:d0:00:9e:f5:d2:2d:1b:db:4c:
9d:65:56:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ0ZmUvZDlJ2vL6LS0gJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkN2M1MTI1NWNiMDY1MzU2MmZiODY5OTExZjA1ZDQ1NDE0
ZTYxYzUwHhcNMjMwMTAyMDI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAzYzUzZjAzNmQxYzk4MGJlYzg2ZjNiZDlhZWIyZTIyOTQ3MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2MQomN7rwMsJXuOJQ6LjjeGC+Of
FrGdro+T/NUsTfGqHVcvjApwy+Rm65LKdWyoj/492ew2uvdTn3JrNH74JHQUab/l
a22QHyCu8iKyxHoc5qxUbenr23/LO75+Er+U1zaWID3Et3ZZBVjQTH6gSaWBYrNd
Wy4MXgaLkfYndmeh2Uqc+MIDoCdJgU6w5Fnf0PsVe7dW+9AFZkgbvd5qAW1lg4sk
slqpyhjeS2wXfCHRT+x02LT0pFCXlH23OfcExn5PNfKsZ4M7Et8QfSRFzqzFjTQB
HeemqbpxzBMvbkdrBtfcIpAz3tNMnQ8V5xqleM8WnsEbYys117gMOTGJ/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoDxT8DbRyYC+yG872a6y4ilHHBMB8GA1UdIwQY
MBaAFB18USVcsGU1YvuGmRHwXUVBTmHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFh4UkpWeXdaVFZpLTRhWkVmQmRSVUZPWWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8yZmMxNTAtYWQzNi00ZmU3LWE2YjAt
ZDYzYjk4Y2UxZGQ2LzEvbWdQRlB3TnRISmdMN0lienZacnJMaUtVY2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8yZmMxNTAtYWQzNi00ZmU3LWE2YjAtZDYzYjk4Y2UxZGQ2
LzEvSFh4UkpWeXdaVFZpLTRhWkVmQmRSVUZPWWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9DMA0G
CSqGSIb3DQEBCwUAA4IBAQA8OpwP6oDIBvlRPkoHi8jvVKo0DTB/5ry90Qp5Suh7
+8KWmaP+w7+mAAgaH6PCgOTCHG+P1OErgiP+iE9lvRc0AhaMWFarTDYvLduBE867
NOOpTRksv+Xqjbe7G7xck2rou8y1e1MAaTplfZKU3KjY9AV68Ew1F6JlaqxstKOS
73MwRjtWlFBmXl8Jg2TIUWkW6DvHSuPUWns/7LZYEjUYVWfhIw/Jdvnhh1KHqelG
8q4FZ8H8O7T6D9y/WAQf94z+TQrgJVVJxjKcSdXe1xp90VJvdEz4W1amvdTTQzOY
vIO5lR7tEdurTQEMTrxSzfP/KLDQAJ710i0b20ydZVbv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:34 2025 by rpki-client