Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/M4DJMGFBwnaDRZDSNbQ0hR4yn-4.roa
File: M4DJMGFBwnaDRZDSNbQ0hR4yn-4.roa (raw, json)
Hash identifier: dsny/P2fqjP+Sn+J/ZyXFT5BzZjeTQXqWN7M6QD9ACU=
Subject key identifier: 33:80:C9:30:61:41:C2:76:83:45:90:D2:35:B4:34:85:1E:32:9F:EE
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 018A52721C0038B26EEF1560213A4E38BD98
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/M4DJMGFBwnaDRZDSNbQ0hR4yn-4.roa
Signing time: Fri 01 Sep 2023 20:32:04 +0000
ROA not before: Fri 01 Sep 2023 20:32:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
2a02:fe80:13::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:72:1c:00:38:b2:6e:ef:15:60:21:3a:4e:38:bd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Sep 1 20:32:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3380c9306141c276834590d235b434851e329fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:36:2b:0f:8d:cb:cb:1f:e8:87:9f:11:44:
ec:f9:5c:da:dc:9a:75:7c:ff:c5:00:c6:74:fc:79:
44:a6:52:e3:45:fc:6e:a0:52:e1:84:ab:1c:92:bd:
86:3a:03:34:07:f5:4d:9f:80:24:91:7d:44:01:af:
08:2f:0b:c3:33:28:49:a9:cd:da:7e:04:76:4b:56:
d6:e1:f4:96:88:07:b3:38:68:72:2c:f0:33:a8:0c:
cc:dd:d7:d1:1e:99:55:42:ff:81:b2:24:6f:ec:13:
94:61:3a:be:4d:c9:df:46:96:50:2a:dc:f5:a2:a6:
5f:57:83:06:9e:d4:87:fa:f4:45:41:82:e8:45:7f:
a2:c1:9a:a5:1e:90:b3:eb:4e:d6:11:b7:e9:32:8b:
1b:c9:d7:8c:65:47:c3:3c:8e:da:60:77:31:e3:f8:
10:c4:7e:85:53:89:76:3a:96:a3:8f:30:26:e6:a8:
e1:24:bc:8c:26:41:95:de:06:40:86:5a:91:4b:24:
0a:76:d4:42:8c:98:ca:0d:b2:ad:94:e1:5a:26:ae:
dc:40:fe:de:d1:1e:eb:ac:9a:47:93:d4:c7:bd:75:
91:f1:8b:dc:b9:4e:b9:98:7f:1c:a2:13:41:6e:39:
e2:19:3b:1c:df:97:02:2a:a3:e7:79:6f:58:90:26:
2e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:80:C9:30:61:41:C2:76:83:45:90:D2:35:B4:34:85:1E:32:9F:EE
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/M4DJMGFBwnaDRZDSNbQ0hR4yn-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
IPv6:
2a02:fe80:13::/48
Signature Algorithm: sha256WithRSAEncryption
52:dc:18:40:5c:48:cf:67:91:01:72:24:44:1d:b3:ca:b1:1d:
7f:ca:97:f5:4c:39:6d:81:d0:14:fd:a0:92:f0:4f:3d:91:41:
af:a6:79:b4:e9:54:19:62:5a:4a:11:0b:f9:00:af:a7:cc:30:
f9:12:0c:36:ae:33:c5:3a:65:be:39:3e:fd:3f:e1:de:a9:90:
69:58:14:4d:63:de:93:b3:59:12:67:60:2d:0a:18:4e:3c:85:
f8:7c:2b:37:9e:2c:50:31:34:17:d3:0c:78:7c:a3:4c:a9:d7:
c5:c5:85:b2:ca:9a:af:7b:d3:61:46:d2:38:59:b4:dc:7d:84:
a0:04:d9:80:bd:3f:6d:01:87:2a:58:fe:e1:dd:5a:e6:aa:47:
7d:bf:4a:47:55:3e:27:f7:fe:52:66:d7:b3:00:0d:0c:f3:3d:
2d:90:50:9a:76:0e:4d:13:45:43:14:ea:d8:2d:7f:4b:11:eb:
eb:76:85:1d:0a:1c:1f:dd:9a:1d:50:da:9e:e3:b4:09:a6:fe:
e3:49:13:b8:61:7f:13:3a:42:40:d3:8b:e9:13:7e:84:af:d9:
54:d0:09:dc:72:16:a6:d6:18:43:d8:ea:66:20:1d:38:2b:77:
3e:d8:9d:b6:86:18:36:c5:81:d3:35:bb:f0:d3:08:9e:45:7f:
3e:3e:83:03
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYpSchwAOLJu7xVgITpOOL2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjMwOTAxMjAzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzgwYzkzMDYxNDFjMjc2ODM0NTkwZDIzNWI0MzQ4NTFlMzI5ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1g2Kw+Ny8sf6IefEUTs+Vza3Jp1
fP/FAMZ0/HlEplLjRfxuoFLhhKsckr2GOgM0B/VNn4AkkX1EAa8ILwvDMyhJqc3a
fgR2S1bW4fSWiAezOGhyLPAzqAzM3dfRHplVQv+BsiRv7BOUYTq+TcnfRpZQKtz1
oqZfV4MGntSH+vRFQYLoRX+iwZqlHpCz607WEbfpMosbydeMZUfDPI7aYHcx4/gQ
xH6FU4l2OpajjzAm5qjhJLyMJkGV3gZAhlqRSyQKdtRCjJjKDbKtlOFaJq7cQP7e
0R7rrJpHk9THvXWR8YvcuU65mH8cohNBbjniGTsc35cCKqPneW9YkCYuLQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDOAyTBhQcJ2g0WQ0jW0NIUeMp/uMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvTTRESk1HRkJ3bmFEUlpEU05iUTBoUjR5bi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuV3kAwQC
wRPgMA8EAgACMAkDBwAqAv6AABMwDQYJKoZIhvcNAQELBQADggEBAFLcGEBcSM9n
kQFyJEQds8qxHX/Kl/VMOW2B0BT9oJLwTz2RQa+mebTpVBliWkoRC/kAr6fMMPkS
DDauM8U6Zb45Pv0/4d6pkGlYFE1j3pOzWRJnYC0KGE48hfh8KzeeLFAxNBfTDHh8
o0yp18XFhbLKmq9702FG0jhZtNx9hKAE2YC9P20BhypY/uHdWuaqR32/SkdVPif3
/lJm17MADQzzPS2QUJp2Dk0TRUMU6tgtf0sR6+t2hR0KHB/dmh1Q2p7jtAmm/uNJ
E7hhfxM6QkDTi+kTfoSv2VTQCdxyFqbWGEPY6mYgHTgrdz7YnbaGGDbFgdM1u/DT
CJ5Ffz4+gwM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:00 2025 by rpki-client