Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/MSLvSmMWiqip4JGvJvCHw0heJWY.roa
File: MSLvSmMWiqip4JGvJvCHw0heJWY.roa (raw, json)
Hash identifier: ahhKdh0Az4OPJ4vhmOYZ4IapOWczZHtx+c6r+13lM9g=
Subject key identifier: 31:22:EF:4A:63:16:8A:A8:A9:E0:91:AF:26:F0:87:C3:48:5E:25:66
Certificate issuer: /CN=cce57dc8234df5f59d67fdc6856bb262e7193f52
Certificate serial: 018CC726B7E70C1365F347F96290B6D5A14D
Authority key identifier: CC:E5:7D:C8:23:4D:F5:F5:9D:67:FD:C6:85:6B:B2:62:E7:19:3F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zOV9yCNN9fWdZ_3GhWuyYucZP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/MSLvSmMWiqip4JGvJvCHw0heJWY.roa
Signing time: Mon 01 Jan 2024 22:30:52 +0000
ROA not before: Mon 01 Jan 2024 22:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48093
IP address blocks: 91.207.112.0/23 maxlen: 23
37.26.152.0/21 maxlen: 21
2a03:28e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:b7:e7:0c:13:65:f3:47:f9:62:90:b6:d5:a1:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cce57dc8234df5f59d67fdc6856bb262e7193f52
Validity
Not Before: Jan 1 22:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3122ef4a63168aa8a9e091af26f087c3485e2566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:92:6e:a3:df:57:38:68:5f:83:00:0e:92:f3:
9b:41:89:91:f4:a2:d2:bf:83:8a:27:3d:c7:64:8c:
c6:2f:d0:90:af:a2:b3:96:b9:46:43:53:f1:ce:c9:
2c:c4:e8:9e:fc:d6:70:5a:65:f6:b5:f0:a2:01:2d:
90:9e:0f:5d:6c:76:9b:5a:c3:23:9b:1f:c3:cd:26:
01:e0:61:06:6f:65:9d:f6:4f:fb:e0:cd:bb:8e:76:
6c:77:f5:4d:4f:8c:6d:44:60:25:61:23:0a:c1:eb:
4b:05:4a:62:2c:47:08:d8:37:66:8b:ab:ab:86:8c:
6e:e5:36:f0:c7:71:f5:c1:2d:b5:ef:a4:c4:7d:db:
03:c6:42:70:ff:78:ae:3f:2e:71:9b:66:94:24:8a:
7d:c2:d5:09:35:50:44:8e:83:68:fb:fc:51:4c:52:
53:1c:c1:95:9c:d8:a3:3d:f0:a2:53:ac:26:c0:d5:
73:e5:55:a0:fc:18:a8:07:1a:84:39:46:f0:c0:cf:
51:ad:d1:fb:3b:3c:9c:9a:a6:69:a0:e8:af:11:b2:
23:5e:7c:06:12:9a:8c:1f:4d:0f:e2:c2:0f:42:55:
bb:fb:9f:9b:5c:46:76:f2:3f:26:b8:f6:fa:83:a3:
5d:a2:cb:de:94:74:d1:5b:92:2f:d9:fd:a3:c7:3c:
d8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:22:EF:4A:63:16:8A:A8:A9:E0:91:AF:26:F0:87:C3:48:5E:25:66
X509v3 Authority Key Identifier:
keyid:CC:E5:7D:C8:23:4D:F5:F5:9D:67:FD:C6:85:6B:B2:62:E7:19:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zOV9yCNN9fWdZ_3GhWuyYucZP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/MSLvSmMWiqip4JGvJvCHw0heJWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/34acf4-747f-45fe-8129-402f1fb848cf/1/zOV9yCNN9fWdZ_3GhWuyYucZP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.152.0/21
91.207.112.0/23
IPv6:
2a03:28e0::/32
Signature Algorithm: sha256WithRSAEncryption
19:bd:ed:9e:c8:1c:21:0d:10:24:08:b9:89:98:68:c7:49:32:
af:3a:cb:97:b6:6f:c4:81:c0:64:18:ae:f2:2c:98:b9:fc:cb:
f1:bb:e3:be:2d:92:80:93:e2:ae:9d:7d:c9:b6:06:4e:06:c6:
25:a6:21:24:e1:3e:92:1c:95:b0:c6:af:04:5a:53:93:75:8c:
ab:3c:32:6e:ed:a7:e0:d5:c3:75:8d:ed:3a:95:d3:d5:ff:d9:
b4:ea:77:df:4e:01:52:b4:e6:62:86:5b:5e:d7:25:10:b9:67:
c3:72:ac:2d:b5:e5:19:b7:29:a1:1c:ed:36:77:8d:65:0a:8f:
4e:2a:70:74:ab:b7:a1:6d:cf:4a:e2:82:1f:d2:de:31:5c:71:
16:e2:d0:2e:65:27:56:ac:de:12:00:11:19:70:1b:87:07:81:
2a:57:f4:ce:01:7e:48:49:1a:b1:c3:4a:c5:b0:0d:2f:c2:08:
12:09:cd:f9:b9:d9:0b:9d:36:8b:e8:3c:a7:63:ab:49:56:aa:
8a:d8:94:2e:cd:ae:21:8f:e1:7e:51:fb:e7:1b:2b:b2:cd:8f:
9d:7a:5f:58:59:77:a3:53:90:a5:5d:aa:58:a8:e6:5d:f4:d2:
91:f8:9f:5b:2b:f1:f1:89:73:56:1e:0b:33:14:5e:a2:46:1c:
71:95:1c:ed
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJrfnDBNl80f5YpC21aFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZTU3ZGM4MjM0ZGY1ZjU5ZDY3ZmRjNjg1NmJiMjYyZTcx
OTNmNTIwHhcNMjQwMTAxMjIzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIyZWY0YTYzMTY4YWE4YTllMDkxYWYyNmYwODdjMzQ4NWUyNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJJuo99XOGhfgwAOkvObQYmR9KLS
v4OKJz3HZIzGL9CQr6KzlrlGQ1PxzsksxOie/NZwWmX2tfCiAS2Qng9dbHabWsMj
mx/DzSYB4GEGb2Wd9k/74M27jnZsd/VNT4xtRGAlYSMKwetLBUpiLEcI2Ddmi6ur
hoxu5Tbwx3H1wS2176TEfdsDxkJw/3iuPy5xm2aUJIp9wtUJNVBEjoNo+/xRTFJT
HMGVnNijPfCiU6wmwNVz5VWg/BioBxqEOUbwwM9RrdH7OzycmqZpoOivEbIjXnwG
EpqMH00P4sIPQlW7+5+bXEZ28j8muPb6g6NdosvelHTRW5Iv2f2jxzzYQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDEi70pjFoqoqeCRrybwh8NIXiVmMB8GA1UdIwQY
MBaAFMzlfcgjTfX1nWf9xoVrsmLnGT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek9WOXlDTk45ZldkWl8zR2hXdXlZdWNaUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zNGFjZjQtNzQ3Zi00NWZlLTgxMjkt
NDAyZjFmYjg0OGNmLzEvTVNMdlNtTVdpcWlwNEpHdkp2Q0h3MGhlSldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zNGFjZjQtNzQ3Zi00NWZlLTgxMjktNDAyZjFmYjg0OGNm
LzEvek9WOXlDTk45ZldkWl8zR2hXdXlZdWNaUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRqYAwQB
W89wMA0EAgACMAcDBQAqAyjgMA0GCSqGSIb3DQEBCwUAA4IBAQAZve2eyBwhDRAk
CLmJmGjHSTKvOsuXtm/EgcBkGK7yLJi5/Mvxu+O+LZKAk+KunX3JtgZOBsYlpiEk
4T6SHJWwxq8EWlOTdYyrPDJu7afg1cN1je06ldPV/9m06nffTgFStOZihlte1yUQ
uWfDcqwtteUZtymhHO02d41lCo9OKnB0q7ehbc9K4oIf0t4xXHEW4tAuZSdWrN4S
ABEZcBuHB4EqV/TOAX5ISRqxw0rFsA0vwggSCc35udkLnTaL6DynY6tJVqqK2JQu
za4hj+F+UfvnGyuyzY+del9YWXejU5ClXapYqOZd9NKR+J9bK/HxiXNWHgszFF6i
RhxxlRzt
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:21:32 2025 by rpki-client