Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MTfhoMhVaa2jvLpWsCmafYAY7JA.roa
File: MTfhoMhVaa2jvLpWsCmafYAY7JA.roa (raw, json)
Hash identifier: 3m+kRkEl2wmWqDNlaY4ekeMfluU4hnJDaRCFsllksbo=
Subject key identifier: 31:37:E1:A0:C8:55:69:AD:A3:BC:BA:56:B0:29:9A:7D:80:18:EC:90
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428241425481F65AB79ACA7FC46C4BF72
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MTfhoMhVaa2jvLpWsCmafYAY7JA.roa
Signing time: Thu 02 Jan 2025 17:50:40 +0000
ROA not before: Thu 02 Jan 2025 17:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 5.102.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:14:25:48:1f:65:ab:79:ac:a7:fc:46:c4:bf:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3137e1a0c85569ada3bcba56b0299a7d8018ec90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a2:36:7c:59:5c:45:b9:ec:f6:b8:61:63:0f:
9c:f1:09:56:f3:7e:1a:34:b8:4f:ae:1b:97:63:df:
76:6d:4f:9f:ff:ba:d5:a9:22:b6:a9:0c:0e:05:a5:
f5:8c:3a:8b:f0:4e:e1:95:0d:66:5a:5c:11:96:94:
ba:01:5e:b5:f9:e7:3c:bd:fd:3b:0b:4f:4d:ea:40:
fc:44:9e:d1:66:7d:c3:77:6e:ff:38:c3:54:28:b1:
e4:30:e5:ce:b3:ba:63:4e:2e:57:5d:e8:8f:9d:81:
68:a0:7b:92:0e:49:3e:93:dd:db:2f:80:17:83:df:
79:9a:a2:05:1f:2a:49:82:73:6c:60:73:7d:51:1e:
49:a5:2d:be:7b:81:85:bc:65:00:30:ec:f5:79:5d:
b7:21:87:a8:ba:7f:4b:34:37:11:b1:8e:4b:fb:50:
39:6b:9f:f9:ea:f1:24:43:7e:05:af:ca:38:8d:10:
79:0d:83:68:c8:5e:9d:7b:b5:d5:df:6c:ec:b6:19:
e6:ff:98:19:20:8f:9a:cf:fc:8b:4a:63:c8:a8:b0:
a4:ff:a1:fd:4c:44:e4:45:e6:fd:6b:15:eb:81:3b:
af:51:a3:9d:b2:91:31:8a:4a:1d:ea:43:23:83:b2:
56:07:07:07:26:e0:95:fd:b0:f9:44:9e:43:25:c3:
7a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:37:E1:A0:C8:55:69:AD:A3:BC:BA:56:B0:29:9A:7D:80:18:EC:90
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/MTfhoMhVaa2jvLpWsCmafYAY7JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
Signature Algorithm: sha256WithRSAEncryption
12:88:82:89:5c:94:ae:89:c8:b9:0a:48:a8:ce:21:55:6f:3e:
f8:64:93:c5:32:99:ba:67:d4:1f:98:fa:4f:78:b8:b3:77:6c:
c1:5d:68:b9:ab:75:66:04:22:4c:c6:df:d5:13:97:2c:18:60:
f5:77:38:b9:d0:16:ba:01:88:8a:ab:db:36:51:7e:cd:d1:02:
1f:d0:22:32:61:6a:e5:7f:ce:7d:c6:aa:52:e9:c6:25:57:ea:
ce:09:70:35:85:70:b0:cf:ba:52:ab:f8:5c:fc:e4:29:23:3e:
d6:10:49:f0:10:e3:1a:de:da:ae:d0:d2:8e:09:74:eb:70:b9:
6a:ef:50:7e:4e:01:96:c7:63:18:04:be:e8:8c:95:cc:d3:02:
c7:43:2b:d0:a7:d7:df:97:8f:58:f2:b2:78:0d:88:9d:47:e5:
eb:a1:ac:6e:69:da:be:35:14:ac:e7:91:87:f4:bf:4c:20:b4:
ca:ac:38:ef:82:27:f4:69:3a:1e:d2:a4:c2:19:30:67:89:b5:
7f:d1:53:f4:73:94:34:bf:b6:00:a1:42:5e:1b:27:3a:54:50:
2b:21:5f:de:b4:aa:99:be:05:4a:bf:1e:d6:b7:32:bf:d8:84:
1a:fc:4e:53:3c:a7:b8:17:1b:db:99:0f:a3:6a:88:c5:c5:db:
0a:26:c2:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJBQlSB9lq3msp/xGxL9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM3ZTFhMGM4NTU2OWFkYTNiY2JhNTZiMDI5OWE3ZDgwMThlYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6I2fFlcRbns9rhhYw+c8QlW834a
NLhPrhuXY992bU+f/7rVqSK2qQwOBaX1jDqL8E7hlQ1mWlwRlpS6AV61+ec8vf07
C09N6kD8RJ7RZn3Dd27/OMNUKLHkMOXOs7pjTi5XXeiPnYFooHuSDkk+k93bL4AX
g995mqIFHypJgnNsYHN9UR5JpS2+e4GFvGUAMOz1eV23IYeoun9LNDcRsY5L+1A5
a5/56vEkQ34Fr8o4jRB5DYNoyF6de7XV32zsthnm/5gZII+az/yLSmPIqLCk/6H9
TETkReb9axXrgTuvUaOdspExikod6kMjg7JWBwcHJuCV/bD5RJ5DJcN6AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDE34aDIVWmto7y6VrApmn2AGOyQMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTVRmaG9NaFZhYTJqdkxwV3NDbWFmWUFZN0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWZkMA0G
CSqGSIb3DQEBCwUAA4IBAQASiIKJXJSuici5CkioziFVbz74ZJPFMpm6Z9QfmPpP
eLizd2zBXWi5q3VmBCJMxt/VE5csGGD1dzi50Ba6AYiKq9s2UX7N0QIf0CIyYWrl
f859xqpS6cYlV+rOCXA1hXCwz7pSq/hc/OQpIz7WEEnwEOMa3tqu0NKOCXTrcLlq
71B+TgGWx2MYBL7ojJXM0wLHQyvQp9ffl49Y8rJ4DYidR+Xroaxuadq+NRSs55GH
9L9MILTKrDjvgif0aToe0qTCGTBnibV/0VP0c5Q0v7YAoUJeGyc6VFArIV/etKqZ
vgVKvx7WtzK/2IQa/E5TPKe4FxvbmQ+jaojFxdsKJsJs
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:19:32 2025 by rpki-client