Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/MG_LemiZ4GgmFKwuBUT8GzFCS9o.roa
File: MG_LemiZ4GgmFKwuBUT8GzFCS9o.roa (raw, json)
Hash identifier: OHMWKPBCF82oEvnytVAEpjmK3rUs3XOc7SKkHkxU2KQ=
Subject key identifier: 30:6F:CB:7A:68:99:E0:68:26:14:AC:2E:05:44:FC:1B:31:42:4B:DA
Certificate issuer: /CN=c2b52ea3cabd146a577dfcdfb875ff5a357572d7
Certificate serial: 01941FFA210C6F038C418A65C7A9A3DC07AB
Authority key identifier: C2:B5:2E:A3:CA:BD:14:6A:57:7D:FC:DF:B8:75:FF:5A:35:75:72:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wrUuo8q9FGpXffzfuHX_WjV1ctc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/MG_LemiZ4GgmFKwuBUT8GzFCS9o.roa
Signing time: Wed 01 Jan 2025 03:47:53 +0000
ROA not before: Wed 01 Jan 2025 03:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204988
IP address blocks: 185.229.148.0/22 maxlen: 22
185.229.148.0/24 maxlen: 24
2a0d:9e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:21:0c:6f:03:8c:41:8a:65:c7:a9:a3:dc:07:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2b52ea3cabd146a577dfcdfb875ff5a357572d7
Validity
Not Before: Jan 1 03:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=306fcb7a6899e0682614ac2e0544fc1b31424bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:37:c9:e9:8b:84:93:c9:60:c4:bc:19:c7:50:
0b:89:d8:63:76:9a:5b:aa:0e:26:05:81:58:81:46:
f0:1b:48:f5:84:40:06:2b:2b:09:81:7e:f6:66:fd:
e1:28:c0:96:e8:47:77:76:23:ec:2a:b8:41:73:ab:
ac:2d:5e:01:d1:e4:78:6a:0d:53:8a:01:77:d0:e9:
75:77:5b:d5:ff:1b:5c:04:41:a7:66:67:b1:f0:bb:
da:41:09:62:e3:03:d9:dc:f4:79:5b:97:86:3b:c9:
63:4f:8c:f3:37:1d:b9:fb:86:b8:29:b4:cf:f4:d8:
f3:52:44:c6:6c:87:5c:8e:f6:78:97:bc:75:81:da:
91:3d:2f:92:9f:5d:02:e5:50:d6:bb:61:af:07:5a:
e9:7f:f9:8e:e2:8c:b8:33:0c:7d:79:04:3d:b5:c7:
22:bc:8c:28:5a:52:7e:bf:ce:49:fe:9f:72:69:cb:
28:c5:5d:f7:62:b8:c8:91:c9:ec:87:8c:a8:2f:dd:
20:83:9a:2b:05:3d:c9:43:1e:c9:6e:1c:a7:19:5b:
4f:11:5e:f0:1e:39:e6:c3:e3:3c:cc:9b:0f:4f:8b:
88:db:c1:32:e8:9a:b1:dd:82:44:c4:44:56:f9:0e:
af:1c:43:c1:d1:5e:71:22:18:39:8f:4f:2d:85:83:
b7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6F:CB:7A:68:99:E0:68:26:14:AC:2E:05:44:FC:1B:31:42:4B:DA
X509v3 Authority Key Identifier:
keyid:C2:B5:2E:A3:CA:BD:14:6A:57:7D:FC:DF:B8:75:FF:5A:35:75:72:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wrUuo8q9FGpXffzfuHX_WjV1ctc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/MG_LemiZ4GgmFKwuBUT8GzFCS9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/wrUuo8q9FGpXffzfuHX_WjV1ctc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.148.0/22
IPv6:
2a0d:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
72:0c:ba:f6:51:a0:03:a2:89:8d:ca:09:34:ee:df:e3:f4:9e:
77:5e:44:4b:b9:59:16:ab:af:cf:04:7d:a9:25:7e:87:78:6d:
c9:79:d4:e3:e9:6b:05:fd:c4:71:70:8a:b6:a6:57:a8:44:e2:
0d:7e:3f:aa:05:3b:92:4b:8f:d5:99:b0:f4:3a:d3:24:85:3e:
6b:ab:a7:71:26:57:07:d5:22:57:87:98:7e:8c:ce:10:bb:2d:
4d:69:68:1f:15:08:bd:38:86:ad:3b:6c:da:b8:79:27:38:c9:
e5:5e:3a:40:1c:e9:f1:76:52:fe:76:76:b6:ad:c1:71:08:d9:
43:08:e1:f4:ea:41:5c:8d:88:c7:13:de:c9:92:18:5d:dd:bf:
ee:9a:03:a0:94:94:54:89:27:bd:a3:0f:71:83:b2:30:7e:85:
3c:b6:c5:8f:78:78:c0:15:ae:68:a0:6d:c4:9e:e9:0d:d3:32:
d4:c4:34:b0:e8:38:cb:29:8d:d3:dd:98:8c:5a:e9:ce:ed:47:
31:bc:58:c1:05:8c:fc:bb:86:f7:a9:4c:23:07:5d:7a:4c:3f:
ef:61:20:08:8e:b0:79:2b:94:23:84:26:7c:eb:2c:c8:5a:a8:
db:66:15:3d:2a:f5:5c:84:c2:a3:17:44:50:8f:0c:83:9d:b2:
7d:65:de:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+iEMbwOMQYplx6mj3AerMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYjUyZWEzY2FiZDE0NmE1NzdkZmNkZmI4NzVmZjVhMzU3
NTcyZDcwHhcNMjUwMTAxMDM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZmY2I3YTY4OTllMDY4MjYxNGFjMmUwNTQ0ZmMxYjMxNDI0YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DfJ6YuEk8lgxLwZx1ALidhjdppb
qg4mBYFYgUbwG0j1hEAGKysJgX72Zv3hKMCW6Ed3diPsKrhBc6usLV4B0eR4ag1T
igF30Ol1d1vV/xtcBEGnZmex8LvaQQli4wPZ3PR5W5eGO8ljT4zzNx25+4a4KbTP
9NjzUkTGbIdcjvZ4l7x1gdqRPS+Sn10C5VDWu2GvB1rpf/mO4oy4Mwx9eQQ9tcci
vIwoWlJ+v85J/p9yacsoxV33YrjIkcnsh4yoL90gg5orBT3JQx7JbhynGVtPEV7w
Hjnmw+M8zJsPT4uI28Ey6Jqx3YJExERW+Q6vHEPB0V5xIhg5j08thYO3AwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDBvy3pomeBoJhSsLgVE/BsxQkvaMB8GA1UdIwQY
MBaAFMK1LqPKvRRqV33837h1/1o1dXLXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3JVdW84cTlGR3BYZmZ6ZnVIWF9XalYxY3RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kODVhMjMtMTQ4YS00ZGJmLWIyYTMt
NGMyNmQwMjBkNDI1LzEvTUdfTGVtaVo0R2dtRkt3dUJVVDhHekZDUzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kODVhMjMtMTQ4YS00ZGJmLWIyYTMtNGMyNmQwMjBkNDI1
LzEvd3JVdW84cTlGR3BYZmZ6ZnVIWF9XalYxY3RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueWUMA0E
AgACMAcDBQMqDZ4AMA0GCSqGSIb3DQEBCwUAA4IBAQByDLr2UaADoomNygk07t/j
9J53XkRLuVkWq6/PBH2pJX6HeG3JedTj6WsF/cRxcIq2pleoROINfj+qBTuSS4/V
mbD0OtMkhT5rq6dxJlcH1SJXh5h+jM4Quy1NaWgfFQi9OIatO2zauHknOMnlXjpA
HOnxdlL+dna2rcFxCNlDCOH06kFcjYjHE97Jkhhd3b/umgOglJRUiSe9ow9xg7Iw
foU8tsWPeHjAFa5ooG3EnukN0zLUxDSw6DjLKY3T3ZiMWunO7UcxvFjBBYz8u4b3
qUwjB116TD/vYSAIjrB5K5QjhCZ86yzIWqjbZhU9KvVchMKjF0RQjwyDnbJ9Zd6G
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:06:18 2025 by rpki-client