Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/mBuSqZlPOLCiX0JdwuETMTWMqrQ.roa
File: mBuSqZlPOLCiX0JdwuETMTWMqrQ.roa (raw, json)
Hash identifier: nMR2tjBYaSh3MQj9pOsuG58Z3i9AePd+PLdQk0k8WS8=
Subject key identifier: 98:1B:92:A9:99:4F:38:B0:A2:5F:42:5D:C2:E1:13:31:35:8C:AA:B4
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01856D789A41C091A9CDF9691164475EDCFF
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/mBuSqZlPOLCiX0JdwuETMTWMqrQ.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 702
IP address blocks: 185.42.233.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9a:41:c0:91:a9:cd:f9:69:11:64:47:5e:dc:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981b92a9994f38b0a25f425dc2e11331358caab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bf:1e:6d:83:10:e0:b1:4d:12:a9:0d:2e:1e:
df:66:ac:74:24:db:8a:52:62:be:40:f0:3a:ea:b9:
fd:f4:7d:ef:78:31:79:fd:24:2d:d3:40:b9:b4:0d:
19:be:95:44:8d:69:7a:0f:a1:2f:48:72:d0:93:0d:
ba:dd:6c:84:c2:23:f3:db:51:34:a0:84:5d:ee:66:
87:ff:15:40:d4:35:14:ea:39:a3:c9:80:c5:11:b4:
55:c7:b7:2b:ca:85:3f:77:00:64:c0:e6:73:95:1a:
29:49:8a:83:14:59:35:15:e5:4c:09:f5:c0:c6:31:
1d:cf:cf:4d:f5:2c:df:7c:62:84:df:a4:1d:dd:94:
e6:38:ff:c0:e8:04:fb:8e:b4:af:38:15:0d:2e:e4:
eb:ec:5b:6a:94:25:34:99:33:c4:1b:98:ca:0c:b8:
05:61:83:45:ac:df:d6:31:d7:e9:b1:be:08:d1:38:
cc:3c:1f:61:3c:8d:24:4a:68:da:29:f1:e0:78:34:
f0:d9:76:ae:ec:18:54:39:c1:1f:ef:4f:c9:29:fe:
8f:28:aa:e2:48:37:fb:73:39:03:5b:08:dd:1c:a5:
46:ef:81:81:86:37:91:90:a6:b0:cf:37:99:e1:ce:
d4:bb:d7:70:19:ef:6e:f0:3c:16:d3:38:24:31:a1:
50:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1B:92:A9:99:4F:38:B0:A2:5F:42:5D:C2:E1:13:31:35:8C:AA:B4
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/mBuSqZlPOLCiX0JdwuETMTWMqrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
32:34:09:15:9c:5e:ff:55:09:e8:9c:06:28:cd:22:1b:df:11:
ad:14:23:b7:3f:b5:e3:fa:12:8f:ac:23:98:53:b8:ff:1b:15:
48:ed:a5:6b:e8:9c:bb:f3:47:a8:03:99:f9:da:65:c2:3d:ad:
f6:b0:0e:80:3e:6d:5d:89:78:bc:83:4e:dc:4e:ae:5d:1c:78:
b9:de:31:56:5c:f4:44:eb:91:89:ce:e1:09:91:53:3b:8f:fb:
31:16:cd:64:72:03:13:43:8f:c1:85:de:e7:b1:34:de:77:fb:
37:3d:af:e1:f4:cb:3d:e0:eb:56:89:24:41:cf:8d:0d:43:26:
00:53:11:43:93:90:dc:b2:ab:8f:b5:2c:e3:65:f3:10:7b:51:
bf:c8:46:d3:00:96:53:c8:a6:3f:f3:9e:7b:1e:7e:75:6f:2a:
47:02:7f:67:71:86:fd:09:b4:09:13:83:08:50:3d:90:d1:e7:
86:b5:e3:9d:b4:49:97:b8:9c:b7:6a:ea:46:d2:aa:81:b7:3f:
e5:e8:06:b1:47:19:95:76:d3:04:5d:d0:a2:e2:20:68:76:ab:
1c:85:b8:87:cb:46:08:a0:bc:df:6f:a6:47:75:e7:fa:2a:81:
39:2b:41:0e:89:d7:82:44:c6:4f:d2:01:69:73:fd:d9:e4:67:
38:85:1b:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteJpBwJGpzflpEWRHXtz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFiOTJhOTk5NGYzOGIwYTI1ZjQyNWRjMmUxMTMzMTM1OGNhYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr8ebYMQ4LFNEqkNLh7fZqx0JNuK
UmK+QPA66rn99H3veDF5/SQt00C5tA0ZvpVEjWl6D6EvSHLQkw263WyEwiPz21E0
oIRd7maH/xVA1DUU6jmjyYDFEbRVx7cryoU/dwBkwOZzlRopSYqDFFk1FeVMCfXA
xjEdz89N9SzffGKE36Qd3ZTmOP/A6AT7jrSvOBUNLuTr7FtqlCU0mTPEG5jKDLgF
YYNFrN/WMdfpsb4I0TjMPB9hPI0kSmjaKfHgeDTw2Xau7BhUOcEf70/JKf6PKKri
SDf7czkDWwjdHKVG74GBhjeRkKawzzeZ4c7Uu9dwGe9u8DwW0zgkMaFQ0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgbkqmZTziwol9CXcLhEzE1jKq0MB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvbUJ1U3FabFBPTENpWDBKZHd1RVRNVFdNcXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSroMA0G
CSqGSIb3DQEBCwUAA4IBAQAyNAkVnF7/VQnonAYozSIb3xGtFCO3P7Xj+hKPrCOY
U7j/GxVI7aVr6Jy780eoA5n52mXCPa32sA6APm1diXi8g07cTq5dHHi53jFWXPRE
65GJzuEJkVM7j/sxFs1kcgMTQ4/Bhd7nsTTed/s3Pa/h9Ms94OtWiSRBz40NQyYA
UxFDk5DcsquPtSzjZfMQe1G/yEbTAJZTyKY/8557Hn51bypHAn9ncYb9CbQJE4MI
UD2Q0eeGteOdtEmXuJy3aupG0qqBtz/l6AaxRxmVdtMEXdCi4iBodqschbiHy0YI
oLzfb6ZHdef6KoE5K0EOideCRMZP0gFpc/3Z5Gc4hRue
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:03:36 2025 by rpki-client