Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/mBVhkGAlCNj0S2Xo0LqvUs7mlpg.roa
File: mBVhkGAlCNj0S2Xo0LqvUs7mlpg.roa (raw, json)
Hash identifier: nnTzadcdEQXEc3Vf0fF9k2rQlfCtQs7W0gU8C4cQG78=
Subject key identifier: 98:15:61:90:60:25:08:D8:F4:4B:65:E8:D0:BA:AF:52:CE:E6:96:98
Certificate issuer: /CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Certificate serial: 0189F31A0F58B5CDA25C0E9F8FB5EE187F94
Authority key identifier: 30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/mBVhkGAlCNj0S2Xo0LqvUs7mlpg.roa
Signing time: Mon 14 Aug 2023 08:11:58 +0000
ROA not before: Mon 14 Aug 2023 08:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21234
IP address blocks: 217.25.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:1a:0f:58:b5:cd:a2:5c:0e:9f:8f:b5:ee:18:7f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=302f09f265e9b278f8073d6982ff175713a5a0fa
Validity
Not Before: Aug 14 08:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98156190602508d8f44b65e8d0baaf52cee69698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ef:12:ac:55:ff:fa:c8:4d:6c:16:1b:41:2f:
c7:74:1a:b0:6d:78:ec:96:9c:2a:24:f6:99:59:ef:
18:57:94:8f:00:d5:b5:b5:9e:cb:d2:a6:d5:b7:c6:
a6:9f:8a:62:32:53:34:10:b3:72:66:7a:90:db:30:
e6:af:76:14:e7:73:5a:f3:d2:0a:55:e3:18:b7:80:
02:f9:80:ce:f6:14:eb:a9:3f:51:33:8d:2a:0f:66:
b7:0d:66:10:0a:a2:df:d9:19:09:74:f8:df:8e:59:
03:e2:e5:e4:84:6c:59:16:0d:9e:a4:bd:84:c8:d2:
e9:94:dc:ae:14:4f:b3:41:5f:2f:7f:45:21:a4:6c:
17:53:3a:16:a0:b8:e9:5e:6c:1d:46:e9:99:c0:34:
96:7a:c6:f6:18:1d:01:d4:fc:13:87:d0:85:ca:fb:
44:13:48:d8:02:99:40:3d:1c:11:e6:1e:81:1d:92:
45:b4:6c:ca:46:46:ba:1e:98:5a:b8:c1:06:3c:56:
d1:04:35:d8:17:cd:c1:4c:47:ae:f6:13:24:b6:f5:
ce:b5:17:5d:29:7a:c1:fc:0f:85:ac:4d:ed:b4:d8:
1c:2c:ae:17:d2:65:c9:99:37:bd:6b:65:1a:d5:9d:
dc:c2:8a:aa:22:ee:1a:fc:25:2d:c6:9d:07:08:7e:
91:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:15:61:90:60:25:08:D8:F4:4B:65:E8:D0:BA:AF:52:CE:E6:96:98
X509v3 Authority Key Identifier:
keyid:30:2F:09:F2:65:E9:B2:78:F8:07:3D:69:82:FF:17:57:13:A5:A0:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MC8J8mXpsnj4Bz1pgv8XVxOloPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/mBVhkGAlCNj0S2Xo0LqvUs7mlpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/e75ad2-1e30-455e-9787-3b55f2327b34/1/MC8J8mXpsnj4Bz1pgv8XVxOloPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.128.0/20
Signature Algorithm: sha256WithRSAEncryption
09:04:72:9c:3f:de:a4:d7:d3:b1:80:65:64:34:4f:0d:2a:22:
d5:c5:1a:fe:52:9d:0f:72:a1:35:12:78:6a:b1:bb:17:9e:0a:
2f:28:f5:a6:fd:42:1e:72:35:29:0a:3a:59:53:f2:c8:13:48:
74:1c:ba:be:21:7a:2e:83:e4:cf:b8:03:a7:e2:0a:bc:3a:d8:
97:ad:be:0c:a6:2f:89:65:7d:6a:9c:6b:16:18:4b:f4:43:52:
dc:57:b9:cb:07:fe:2c:83:90:f6:f4:0c:3c:13:d5:da:46:05:
e8:e6:5d:c7:51:cb:ae:6d:b3:78:71:d0:b6:31:5e:96:b3:65:
e3:c0:33:8d:65:86:76:e4:50:fd:99:35:58:b9:bd:18:d9:16:
da:06:7d:ca:ac:df:39:34:49:82:9e:7e:95:c6:13:b5:52:a7:
e3:d0:f2:3e:11:33:d2:25:91:53:62:7f:ad:d7:fc:5d:b8:57:
be:51:f0:ec:77:e8:45:98:ca:9a:f4:8d:c4:dc:ae:83:32:e9:
bc:0a:ff:be:2d:4f:b1:9a:3a:ed:9e:5e:f3:b1:df:ab:db:3e:
91:22:d2:88:22:f3:2e:c8:d3:79:56:08:59:87:92:16:d0:de:
a0:6b:9c:c6:2b:8c:80:ac:83:0b:06:cd:03:4f:4a:c9:e8:10:
57:91:38:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnzGg9Ytc2iXA6fj7XuGH+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMmYwOWYyNjVlOWIyNzhmODA3M2Q2OTgyZmYxNzU3MTNh
NWEwZmEwHhcNMjMwODE0MDgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE1NjE5MDYwMjUwOGQ4ZjQ0YjY1ZThkMGJhYWY1MmNlZTY5Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku8SrFX/+shNbBYbQS/HdBqwbXjs
lpwqJPaZWe8YV5SPANW1tZ7L0qbVt8amn4piMlM0ELNyZnqQ2zDmr3YU53Na89IK
VeMYt4AC+YDO9hTrqT9RM40qD2a3DWYQCqLf2RkJdPjfjlkD4uXkhGxZFg2epL2E
yNLplNyuFE+zQV8vf0UhpGwXUzoWoLjpXmwdRumZwDSWesb2GB0B1PwTh9CFyvtE
E0jYAplAPRwR5h6BHZJFtGzKRka6HphauMEGPFbRBDXYF83BTEeu9hMktvXOtRdd
KXrB/A+FrE3ttNgcLK4X0mXJmTe9a2Ua1Z3cwoqqIu4a/CUtxp0HCH6R1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgVYZBgJQjY9Etl6NC6r1LO5paYMB8GA1UdIwQY
MBaAFDAvCfJl6bJ4+Ac9aYL/F1cTpaD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODct
M2I1NWYyMzI3YjM0LzEvbUJWaGtHQWxDTmowUzJYbzBMcXZVczdtbHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lNzVhZDItMWUzMC00NTVlLTk3ODctM2I1NWYyMzI3YjM0
LzEvTUM4SjhtWHBzbmo0QnoxcGd2OFhWeE9sb1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RmAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJBHKcP96k19OxgGVkNE8NKiLVxRr+Up0PcqE1Enhq
sbsXngovKPWm/UIecjUpCjpZU/LIE0h0HLq+IXoug+TPuAOn4gq8OtiXrb4Mpi+J
ZX1qnGsWGEv0Q1LcV7nLB/4sg5D29Aw8E9XaRgXo5l3HUcuubbN4cdC2MV6Ws2Xj
wDONZYZ25FD9mTVYub0Y2RbaBn3KrN85NEmCnn6VxhO1Uqfj0PI+ETPSJZFTYn+t
1/xduFe+UfDsd+hFmMqa9I3E3K6DMum8Cv++LU+xmjrtnl7zsd+r2z6RItKIIvMu
yNN5VghZh5IW0N6ga5zGK4yArIMLBs0DT0rJ6BBXkTjn
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:02 2025 by rpki-client