Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/mMhmcSnBtPYU48zDanAOHPsakbk.roa
File: mMhmcSnBtPYU48zDanAOHPsakbk.roa (raw, json)
Hash identifier: Q7SwxYVQV3nbpcnCiOpdRYrjGyoIJC6VBvUMsqX3OXM=
Subject key identifier: 98:C8:66:71:29:C1:B4:F6:14:E3:CC:C3:6A:70:0E:1C:FB:1A:91:B9
Certificate issuer: /CN=1fc5955940bbd7555df0a2e417379fc447ef0cdc
Certificate serial: 0194266C2830014390B6237988EDB2C0F8F9
Authority key identifier: 1F:C5:95:59:40:BB:D7:55:5D:F0:A2:E4:17:37:9F:C4:47:EF:0C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8WVWUC711Vd8KLkFzefxEfvDNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/mMhmcSnBtPYU48zDanAOHPsakbk.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.159.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:28:30:01:43:90:b6:23:79:88:ed:b2:c0:f8:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc5955940bbd7555df0a2e417379fc447ef0cdc
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98c8667129c1b4f614e3ccc36a700e1cfb1a91b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:60:e3:f1:77:05:45:a1:d7:3c:8e:56:91:
3b:8f:0c:bc:65:5d:d3:cb:d2:af:f4:2f:28:0a:94:
b5:91:8e:14:33:f0:2c:5e:5a:af:cf:84:d7:84:f8:
52:d6:6b:6a:b9:b8:29:ad:92:d6:ac:6c:c0:c6:82:
72:00:90:0c:2f:c7:5b:87:89:77:1c:28:4d:49:f4:
5b:7d:8b:5e:be:3a:fc:8b:cb:37:f1:ef:70:b5:78:
db:44:f4:74:86:4a:ad:24:af:2d:55:20:34:08:cb:
c0:59:1a:a8:7f:07:93:08:27:c0:dc:5c:c8:a5:81:
9b:2a:6f:29:8d:ae:d4:3f:ad:84:a2:06:e3:0c:73:
53:07:36:57:a9:c8:09:9a:0a:3c:28:4a:3e:d0:ff:
29:7f:a1:f8:e1:20:56:30:13:d2:42:f2:ad:a0:59:
6e:0e:7f:fd:1d:92:6f:bc:ec:6e:0f:e8:16:e1:de:
08:1d:25:7a:29:86:6f:ec:67:56:8e:9d:a6:6a:e8:
2c:8a:58:e0:f0:02:61:55:b2:12:bb:4d:fc:2a:27:
c3:90:0b:71:8a:06:34:ea:05:ab:cd:a6:d4:7a:d3:
57:c6:0e:5f:ac:66:0e:c0:63:93:5b:45:5b:fb:77:
03:d4:36:19:26:94:ed:69:c2:96:f9:b5:d2:67:30:
1e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C8:66:71:29:C1:B4:F6:14:E3:CC:C3:6A:70:0E:1C:FB:1A:91:B9
X509v3 Authority Key Identifier:
keyid:1F:C5:95:59:40:BB:D7:55:5D:F0:A2:E4:17:37:9F:C4:47:EF:0C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8WVWUC711Vd8KLkFzefxEfvDNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/mMhmcSnBtPYU48zDanAOHPsakbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/H8WVWUC711Vd8KLkFzefxEfvDNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.120.0/22
Signature Algorithm: sha256WithRSAEncryption
e4:4d:3c:b0:e8:70:ba:70:19:d6:d3:7c:6b:a8:91:09:6f:ee:
2a:c0:98:76:fe:33:14:df:e5:95:31:98:56:a0:61:44:f8:6e:
1b:14:bc:eb:c5:c6:b4:b2:a0:92:e7:e2:82:73:73:3f:5d:62:
d8:9d:31:c3:0d:a2:f7:83:46:a3:6a:b7:84:d3:96:dd:bc:5c:
ae:27:f1:47:53:43:0a:4e:f8:9a:79:20:36:a5:d3:e2:cb:3d:
43:a4:e8:2b:cb:f9:dc:9a:b7:5c:21:48:c6:8c:b7:b3:e6:c8:
4d:fc:78:01:28:02:c9:9b:ee:84:e0:73:07:fe:0a:84:ed:e5:
9d:c9:01:5d:79:f8:51:d0:f7:ce:a5:20:4e:31:db:bb:1f:fc:
64:79:60:a5:e4:a0:dd:50:c7:25:2c:92:62:74:45:37:2b:0f:
43:f8:14:1c:8f:89:a2:fd:b6:33:8e:fd:b6:07:cf:2b:45:e9:
cc:39:a6:79:27:95:72:b9:e6:6a:72:9a:34:f4:46:3c:b6:3d:
63:dc:ea:66:63:b4:f5:26:68:b1:dc:88:83:df:9d:b9:78:c7:
dc:82:67:a4:6c:2d:4e:3b:2f:da:4e:36:0d:b6:71:92:ef:91:
8a:3d:07:a1:75:82:a9:c8:2f:75:af:4a:58:28:e9:a2:f9:39:
0d:53:44:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCgwAUOQtiN5iO2ywPj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzU5NTU5NDBiYmQ3NTU1ZGYwYTJlNDE3Mzc5ZmM0NDdl
ZjBjZGMwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM4NjY3MTI5YzFiNGY2MTRlM2NjYzM2YTcwMGUxY2ZiMWE5MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptJg4/F3BUWh1zyOVpE7jwy8ZV3T
y9Kv9C8oCpS1kY4UM/AsXlqvz4TXhPhS1mtqubgprZLWrGzAxoJyAJAML8dbh4l3
HChNSfRbfYtevjr8i8s38e9wtXjbRPR0hkqtJK8tVSA0CMvAWRqofweTCCfA3FzI
pYGbKm8pja7UP62EogbjDHNTBzZXqcgJmgo8KEo+0P8pf6H44SBWMBPSQvKtoFlu
Dn/9HZJvvOxuD+gW4d4IHSV6KYZv7GdWjp2maugsiljg8AJhVbISu038KifDkAtx
igY06gWrzabUetNXxg5frGYOwGOTW0Vb+3cD1DYZJpTtacKW+bXSZzAevwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjIZnEpwbT2FOPMw2pwDhz7GpG5MB8GA1UdIwQY
MBaAFB/FlVlAu9dVXfCi5Bc3n8RH7wzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhXVldVQzcxMVZkOEtMa0Z6ZWZ4RWZ2RE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYzg4OTYtN2JlMi00MmNkLTkxMWYt
MmZkYjdhYjY1ZDUyLzEvbU1obWNTbkJ0UFlVNDh6RGFuQU9IUHNha2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYzg4OTYtN2JlMi00MmNkLTkxMWYtMmZkYjdhYjY1ZDUy
LzEvSDhXVldVQzcxMVZkOEtMa0Z6ZWZ4RWZ2RE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ94MA0G
CSqGSIb3DQEBCwUAA4IBAQDkTTyw6HC6cBnW03xrqJEJb+4qwJh2/jMU3+WVMZhW
oGFE+G4bFLzrxca0sqCS5+KCc3M/XWLYnTHDDaL3g0ajareE05bdvFyuJ/FHU0MK
TviaeSA2pdPiyz1DpOgry/ncmrdcIUjGjLez5shN/HgBKALJm+6E4HMH/gqE7eWd
yQFdefhR0PfOpSBOMdu7H/xkeWCl5KDdUMclLJJidEU3Kw9D+BQcj4mi/bYzjv22
B88rRenMOaZ5J5VyueZqcpo09EY8tj1j3OpmY7T1Jmix3IiD3525eMfcgmekbC1O
Oy/aTjYNtnGS75GKPQehdYKpyC91r0pYKOmi+TkNU0TF
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:43:12 2025 by rpki-client