Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/d1b6b1-223a-410b-9596-5ae307304b0b/1/mgFhpVWpKKOAS9kS1Whb-f8EjPw.roa
File: mgFhpVWpKKOAS9kS1Whb-f8EjPw.roa (raw, json)
Hash identifier: b1ojmUR/j/a0k5umyT93sSV7c2lVJTgs9RA7eYuyM+k=
Subject key identifier: 9A:01:61:A5:55:A9:28:A3:80:4B:D9:12:D5:68:5B:F9:FF:04:8C:FC
Certificate issuer: /CN=1693737a01469c95011d697392565916045d3a20
Certificate serial: 0194228D240DF4A8E48210F418052AD7D446
Authority key identifier: 16:93:73:7A:01:46:9C:95:01:1D:69:73:92:56:59:16:04:5D:3A:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpNzegFGnJUBHWlzklZZFgRdOiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/d1b6b1-223a-410b-9596-5ae307304b0b/1/mgFhpVWpKKOAS9kS1Whb-f8EjPw.roa
Signing time: Wed 01 Jan 2025 15:47:42 +0000
ROA not before: Wed 01 Jan 2025 15:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204475
IP address blocks: 185.155.84.0/22 maxlen: 22
2a0d:ac80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:24:0d:f4:a8:e4:82:10:f4:18:05:2a:d7:d4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1693737a01469c95011d697392565916045d3a20
Validity
Not Before: Jan 1 15:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a0161a555a928a3804bd912d5685bf9ff048cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:23:a0:63:b0:59:d7:f4:27:3d:60:63:a8:01:
4e:b0:36:d6:76:91:1e:88:e9:7b:50:e8:85:8e:f1:
04:65:e6:21:48:77:41:b1:ec:e0:25:78:cd:34:4b:
02:8e:4a:60:30:de:fe:2b:48:16:53:b8:d4:13:c7:
c8:88:d1:53:87:ae:41:9a:ef:3e:d6:f0:7c:13:36:
26:95:9b:40:6e:fc:f7:7b:3d:f9:36:78:7b:3d:d0:
a7:f7:d6:f4:8c:22:ad:f7:45:ab:5a:84:0a:51:a1:
04:3e:dc:c3:dd:2b:17:2a:59:a9:a5:e3:4f:dc:e0:
88:97:78:d3:15:a4:71:58:6a:a6:ae:65:4a:c6:c1:
e0:d9:0e:42:5c:c9:0d:0b:9b:0a:4a:ab:56:dd:3b:
13:8d:45:af:ab:12:e5:e3:bb:0e:80:28:93:00:7e:
cd:b7:49:58:f6:b9:07:c5:17:35:ef:1a:a9:af:97:
b2:e1:b7:ad:7f:f3:22:dd:c3:a6:d2:be:81:83:ea:
46:84:7a:d0:90:6e:01:c6:ee:61:ce:06:a6:63:5f:
ec:50:c6:40:b2:3c:bb:08:15:80:c6:d4:5c:c2:da:
46:57:17:8e:e8:5e:34:ef:26:52:12:49:b9:87:d2:
f8:8f:92:88:7d:93:a1:4d:3d:45:04:5d:4a:a2:2d:
11:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:01:61:A5:55:A9:28:A3:80:4B:D9:12:D5:68:5B:F9:FF:04:8C:FC
X509v3 Authority Key Identifier:
keyid:16:93:73:7A:01:46:9C:95:01:1D:69:73:92:56:59:16:04:5D:3A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpNzegFGnJUBHWlzklZZFgRdOiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/d1b6b1-223a-410b-9596-5ae307304b0b/1/mgFhpVWpKKOAS9kS1Whb-f8EjPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/d1b6b1-223a-410b-9596-5ae307304b0b/1/FpNzegFGnJUBHWlzklZZFgRdOiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.84.0/22
IPv6:
2a0d:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
c0:b6:da:c6:94:6c:f7:41:e0:5c:16:9d:87:a5:05:b7:f5:7a:
39:9c:79:17:72:ed:45:46:56:e0:4f:95:d6:06:84:74:b3:fb:
75:e0:f9:4b:b3:c4:41:d3:8f:78:9c:6c:f6:29:80:54:27:2c:
5c:85:08:78:45:2f:25:9b:e8:88:1e:31:68:c1:31:f3:a5:f8:
31:45:c6:37:10:28:a1:57:25:1c:ea:8e:8b:07:aa:0b:79:ee:
da:de:06:03:5c:40:79:05:2e:3a:0b:b9:b3:45:2a:65:80:51:
4e:9f:41:d3:9c:de:95:c9:d7:17:47:1e:3e:f4:f3:1d:2a:ff:
83:6a:30:66:4b:4e:5b:08:ed:53:5b:49:7b:62:41:e1:84:f7:
2c:b5:77:73:ff:af:99:a4:fd:07:14:c5:5d:6b:35:ce:04:7a:
f8:af:c4:05:49:9a:18:ca:f8:56:53:9e:d6:c7:b4:6b:ec:aa:
27:8e:14:f5:ba:7a:2c:4b:52:81:7f:ab:57:b7:5d:97:8c:68:
58:75:7e:20:33:6d:12:0b:47:0a:17:72:96:44:45:23:07:96:
53:0d:46:ca:e8:37:af:d2:c9:26:d1:50:f3:3d:59:1e:6a:e6:
5c:8c:c6:f3:5b:13:bc:6e:88:37:bc:67:e1:4e:06:db:5f:08:
89:dd:99:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijSQN9KjkghD0GAUq19RGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTM3MzdhMDE0NjljOTUwMTFkNjk3MzkyNTY1OTE2MDQ1
ZDNhMjAwHhcNMjUwMTAxMTU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAxNjFhNTU1YTkyOGEzODA0YmQ5MTJkNTY4NWJmOWZmMDQ4Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCOgY7BZ1/QnPWBjqAFOsDbWdpEe
iOl7UOiFjvEEZeYhSHdBsezgJXjNNEsCjkpgMN7+K0gWU7jUE8fIiNFTh65Bmu8+
1vB8EzYmlZtAbvz3ez35Nnh7PdCn99b0jCKt90WrWoQKUaEEPtzD3SsXKlmppeNP
3OCIl3jTFaRxWGqmrmVKxsHg2Q5CXMkNC5sKSqtW3TsTjUWvqxLl47sOgCiTAH7N
t0lY9rkHxRc17xqpr5ey4betf/Mi3cOm0r6Bg+pGhHrQkG4Bxu5hzgamY1/sUMZA
sjy7CBWAxtRcwtpGVxeO6F407yZSEkm5h9L4j5KIfZOhTT1FBF1Koi0RjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJoBYaVVqSijgEvZEtVoW/n/BIz8MB8GA1UdIwQY
MBaAFBaTc3oBRpyVAR1pc5JWWRYEXTogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBOemVnRkduSlVCSFdsemtsWlpGZ1JkT2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9kMWI2YjEtMjIzYS00MTBiLTk1OTYt
NWFlMzA3MzA0YjBiLzEvbWdGaHBWV3BLS09BUzlrUzFXaGItZjhFalB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9kMWI2YjEtMjIzYS00MTBiLTk1OTYtNWFlMzA3MzA0YjBi
LzEvRnBOemVnRkduSlVCSFdsemtsWlpGZ1JkT2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZtUMA0E
AgACMAcDBQMqDayAMA0GCSqGSIb3DQEBCwUAA4IBAQDAttrGlGz3QeBcFp2HpQW3
9Xo5nHkXcu1FRlbgT5XWBoR0s/t14PlLs8RB0494nGz2KYBUJyxchQh4RS8lm+iI
HjFowTHzpfgxRcY3ECihVyUc6o6LB6oLee7a3gYDXEB5BS46C7mzRSplgFFOn0HT
nN6VydcXRx4+9PMdKv+DajBmS05bCO1TW0l7YkHhhPcstXdz/6+ZpP0HFMVdazXO
BHr4r8QFSZoYyvhWU57Wx7Rr7KonjhT1unosS1KBf6tXt12XjGhYdX4gM20SC0cK
F3KWREUjB5ZTDUbK6Dev0skm0VDzPVkeauZcjMbzWxO8bog3vGfhTgbbXwiJ3Zm/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:03 2025 by rpki-client