Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/mLHY6APDzy9ibMY9kSMM1Nqu7mc.roa
File: mLHY6APDzy9ibMY9kSMM1Nqu7mc.roa (raw, json)
Hash identifier: 2vgil1OLrsyrNYnckQVsaCP8jQL2UV5oxzEJuWr3sPY=
Subject key identifier: 98:B1:D8:E8:03:C3:CF:2F:62:6C:C6:3D:91:23:0C:D4:DA:AE:EE:67
Certificate issuer: /CN=0a7a1277ef1d56415498c712a943f53006b6cd17
Certificate serial: 018571DE73A15F1E091C84FC4DE87D51F655
Authority key identifier: 0A:7A:12:77:EF:1D:56:41:54:98:C7:12:A9:43:F5:30:06:B6:CD:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnoSd-8dVkFUmMcSqUP1MAa2zRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/mLHY6APDzy9ibMY9kSMM1Nqu7mc.roa
Signing time: Mon 02 Jan 2023 09:44:41 +0000
ROA not before: Mon 02 Jan 2023 09:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43267
IP address blocks: 82.112.184.0/23 maxlen: 23
82.112.186.0/23 maxlen: 24
82.112.187.0/24 maxlen: 24
82.112.188.0/24 maxlen: 24
82.112.188.0/23 maxlen: 24
82.112.188.0/22 maxlen: 24
91.196.74.0/24 maxlen: 24
91.196.72.0/24 maxlen: 24
91.196.73.0/24 maxlen: 24
82.112.191.254/32 maxlen: 32
2a06:aa80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:73:a1:5f:1e:09:1c:84:fc:4d:e8:7d:51:f6:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7a1277ef1d56415498c712a943f53006b6cd17
Validity
Not Before: Jan 2 09:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98b1d8e803c3cf2f626cc63d91230cd4daaeee67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a9:90:7b:bb:ec:a6:22:ef:4a:9b:15:0f:cf:
c8:67:b1:fd:15:bd:f4:5e:94:ee:39:4b:1e:aa:0c:
1d:9e:5d:62:1c:cd:d7:c1:cb:58:6d:ef:40:9d:3e:
12:09:96:17:bf:05:f0:ea:fb:10:c4:8a:1a:be:f9:
06:7d:45:dc:bc:96:f6:58:cc:c1:b3:d8:5a:a7:5a:
d8:53:31:c6:9d:03:ac:02:1d:49:bf:60:43:f4:55:
d7:d8:8b:54:03:5f:f4:eb:af:5d:c3:2d:a3:9d:ea:
d1:7e:75:80:2f:e6:22:39:06:30:b4:e2:70:d1:b9:
25:5e:ff:1a:9e:20:f4:75:af:87:7b:4a:fe:65:b5:
52:ee:52:4d:db:ce:27:05:82:5d:55:e4:e4:02:57:
8a:6a:6d:da:57:cf:fc:bc:b5:34:91:fe:ca:61:c2:
5f:f7:38:c2:1a:2b:f7:ad:1b:66:5d:e7:17:e3:c7:
ca:63:d6:a4:82:2a:e0:fc:1b:67:5c:40:42:f5:8f:
57:68:ce:4f:ed:14:2a:ec:39:29:de:92:bf:0d:3b:
a4:e6:fb:75:f9:42:59:63:76:77:eb:39:b0:c8:d0:
72:8b:ea:ee:50:f1:79:b7:ec:8c:60:51:6e:d9:72:
79:da:6a:92:c8:a9:ec:a1:84:02:04:8d:4c:7c:07:
b7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B1:D8:E8:03:C3:CF:2F:62:6C:C6:3D:91:23:0C:D4:DA:AE:EE:67
X509v3 Authority Key Identifier:
keyid:0A:7A:12:77:EF:1D:56:41:54:98:C7:12:A9:43:F5:30:06:B6:CD:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnoSd-8dVkFUmMcSqUP1MAa2zRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/mLHY6APDzy9ibMY9kSMM1Nqu7mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/CnoSd-8dVkFUmMcSqUP1MAa2zRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.184.0/21
91.196.72.0-91.196.74.255
IPv6:
2a06:aa80::/32
Signature Algorithm: sha256WithRSAEncryption
43:01:1a:a9:bc:48:c5:be:57:bf:e7:2f:a4:10:c3:cc:d7:ec:
b3:ee:ab:9c:af:e2:ae:51:62:8f:12:c5:36:99:81:d1:3b:8c:
c4:7a:c4:2a:2c:93:7c:4b:14:96:6c:66:03:11:d2:50:0f:ce:
a4:c0:82:a3:16:ad:1e:83:f9:24:aa:4d:03:8b:2b:89:40:25:
13:d7:22:62:f4:88:3f:c8:df:c6:84:8f:0f:3b:bf:a8:7f:12:
ba:0b:61:02:0e:ab:28:b6:d8:a3:c2:97:e7:a8:df:8f:59:13:
41:14:69:02:b2:06:9c:c8:40:95:e9:6d:f5:23:0e:d7:e0:da:
c7:71:9f:4e:43:1d:0b:13:86:97:af:cb:6e:a8:22:e0:c0:36:
98:bb:13:c6:1d:32:38:f4:b6:80:20:2c:66:b7:cc:0f:23:1b:
23:0c:74:89:b9:69:24:67:d7:5a:61:56:b9:7f:8f:b4:7d:6a:
af:91:b6:11:70:9b:3e:21:0b:c1:09:a3:cc:c2:f9:99:0e:96:
03:ee:6c:6f:2d:57:ee:34:1a:8b:6c:81:4e:e5:b5:23:62:fd:
21:6a:33:e5:8d:e0:0b:6c:67:41:23:d2:88:c4:03:74:2a:3e:
f7:3c:00:7a:fc:fd:c7:87:5a:e9:e1:b5:3a:19:05:a0:42:c4:
3d:4e:79:68
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVx3nOhXx4JHIT8Teh9UfZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhN2ExMjc3ZWYxZDU2NDE1NDk4YzcxMmE5NDNmNTMwMDZi
NmNkMTcwHhcNMjMwMTAyMDk0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGIxZDhlODAzYzNjZjJmNjI2Y2M2M2Q5MTIzMGNkNGRhYWVlZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsamQe7vspiLvSpsVD8/IZ7H9Fb30
XpTuOUseqgwdnl1iHM3XwctYbe9AnT4SCZYXvwXw6vsQxIoavvkGfUXcvJb2WMzB
s9hap1rYUzHGnQOsAh1Jv2BD9FXX2ItUA1/0669dwy2jnerRfnWAL+YiOQYwtOJw
0bklXv8aniD0da+He0r+ZbVS7lJN284nBYJdVeTkAleKam3aV8/8vLU0kf7KYcJf
9zjCGiv3rRtmXecX48fKY9akgirg/BtnXEBC9Y9XaM5P7RQq7Dkp3pK/DTuk5vt1
+UJZY3Z36zmwyNByi+ruUPF5t+yMYFFu2XJ52mqSyKnsoYQCBI1MfAe3DQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJix2OgDw88vYmzGPZEjDNTaru5nMB8GA1UdIwQY
MBaAFAp6EnfvHVZBVJjHEqlD9TAGts0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25vU2QtOGRWa0ZVbU1jU3FVUDFNQWEyelJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi82NTgyMDYtYjUyYi00NWYwLWJhNWQt
NTNlNWE5OWI2NzA4LzEvbUxIWTZBUER6eTlpYk1ZOWtTTU0xTnF1N21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi82NTgyMDYtYjUyYi00NWYwLWJhNWQtNTNlNWE5OWI2NzA4
LzEvQ25vU2QtOGRWa0ZVbU1jU3FVUDFNQWEyelJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDUnC4MAwD
BANbxEgDBABbxEowDQQCAAIwBwMFACoGqoAwDQYJKoZIhvcNAQELBQADggEBAEMB
Gqm8SMW+V7/nL6QQw8zX7LPuq5yv4q5RYo8SxTaZgdE7jMR6xCosk3xLFJZsZgMR
0lAPzqTAgqMWrR6D+SSqTQOLK4lAJRPXImL0iD/I38aEjw87v6h/EroLYQIOqyi2
2KPCl+eo349ZE0EUaQKyBpzIQJXpbfUjDtfg2sdxn05DHQsThpevy26oIuDANpi7
E8YdMjj0toAgLGa3zA8jGyMMdIm5aSRn11phVrl/j7R9aq+RthFwmz4hC8EJo8zC
+ZkOlgPubG8tV+40GotsgU7ltSNi/SFqM+WN4AtsZ0Ej0ojEA3QqPvc8AHr8/ceH
WunhtToZBaBCxD1OeWg=
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:37:21 2025 by rpki-client