Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/MJwJUSF4280URcaWPwH6Dr69oNI.roa
File: MJwJUSF4280URcaWPwH6Dr69oNI.roa (raw, json)
Hash identifier: 1uYyKLbVB9vjLqqGg7dov4o5R3GwE5Z1GTAsGE9D3Go=
Subject key identifier: 30:9C:09:51:21:78:DB:CD:14:45:C6:96:3F:01:FA:0E:BE:BD:A0:D2
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 095E7C8A
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/MJwJUSF4280URcaWPwH6Dr69oNI.roa
Signing time: Sat 01 Jan 2022 03:55:19 +0000
ROA not before: Sat 01 Jan 2022 03:55:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3549
IP address blocks: 85.209.206.0/23 maxlen: 23
85.209.204.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157187210 (0x95e7c8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Jan 1 03:55:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=309c09512178dbcd1445c6963f01fa0ebebda0d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:c4:3b:f1:11:33:7b:e2:b1:fa:08:87:9a:
9b:f5:7c:d9:47:f3:1f:96:37:cb:d6:b1:bc:f5:8f:
df:d1:1a:00:48:c0:5b:79:34:be:85:9b:06:94:64:
67:e9:00:53:40:74:49:1d:02:b4:7c:13:79:fb:89:
2e:20:e4:93:32:da:c5:4d:75:04:3f:e1:b4:46:c8:
f2:3f:ca:b2:3b:49:d6:c9:80:cf:db:2c:6a:a8:93:
05:a8:5d:05:2c:7b:90:21:d7:ed:6e:99:7c:87:40:
8c:2a:4c:95:87:a2:b6:a1:ae:ef:e3:ef:c4:5a:30:
f3:4b:72:08:db:08:3d:42:d5:38:fa:f3:e0:92:38:
ab:61:c0:56:cb:ea:51:92:5a:a4:6a:8a:52:cc:8c:
7b:32:06:59:5b:07:71:5e:5f:55:08:3b:ae:db:03:
3e:2f:7d:bc:37:55:ea:1e:95:b8:90:5c:43:59:36:
f6:7f:32:ce:fe:2f:b5:ea:92:d1:35:22:b5:1d:61:
18:2c:fa:30:a7:0c:92:ab:82:de:71:23:c6:6c:5f:
c0:9e:f9:43:69:2a:25:62:ff:5d:22:69:aa:38:ba:
af:eb:2e:2f:d9:eb:fd:30:5c:f3:a4:d0:a4:9b:93:
53:47:2c:08:9f:b4:fa:69:cb:60:b0:d4:37:86:bd:
87:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9C:09:51:21:78:DB:CD:14:45:C6:96:3F:01:FA:0E:BE:BD:A0:D2
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/MJwJUSF4280URcaWPwH6Dr69oNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.204.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:d6:23:15:61:5a:26:7f:a0:7d:46:ed:63:4e:b8:87:14:b9:
a0:fd:fe:3a:37:2f:76:b3:72:81:39:6d:17:89:4b:f9:44:84:
aa:50:cd:39:56:36:a7:07:93:ab:4c:81:cd:96:d3:00:5c:27:
67:29:25:af:4a:a3:18:19:64:96:c1:cd:5d:1b:96:f7:bb:6d:
e5:8e:3a:bc:e9:a1:e4:0e:4b:bf:b4:91:b9:c0:d0:58:a7:48:
c4:da:b1:ae:76:eb:da:9d:94:e4:bd:86:70:ca:37:29:08:75:
b2:76:1d:4c:b8:59:ce:f9:a3:e8:44:c8:d8:ab:95:77:44:4b:
83:54:44:28:f7:ed:2b:cd:78:d0:fa:18:27:8b:b5:57:8d:bc:
4d:72:71:78:5e:20:61:9c:d2:97:6d:83:ce:57:e8:88:c9:c6:
52:38:0e:45:0f:e9:09:82:3f:b0:8c:94:4b:65:a3:f5:d9:2b:
6d:60:87:eb:b8:3a:2b:74:a6:74:75:5f:02:b7:d5:32:82:ca:
fb:ad:78:80:15:5e:fb:bd:f3:e2:dd:8a:66:46:e0:6d:da:a6:
94:dd:a8:9f:80:59:8b:0f:57:3a:a2:b1:01:bc:6b:59:b2:c5:
55:e9:11:32:b3:8e:6a:9c:43:82:47:a2:64:77:dd:cf:d2:8e:
08:ec:3f:01
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECV58ijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmJlY2M0YmE4YTRkNTI0OThhMGQyOTgzYTY4YjYxMzgzYWE3ZmQ3MB4XDTIyMDEw
MTAzNTUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA5YzA5NTEyMTc4
ZGJjZDE0NDVjNjk2M2YwMWZhMGViZWJkYTBkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMK7xDvxETN74rH6CIeam/V82UfzH5Y3y9axvPWP39EaAEjA
W3k0voWbBpRkZ+kAU0B0SR0CtHwTefuJLiDkkzLaxU11BD/htEbI8j/KsjtJ1smA
z9ssaqiTBahdBSx7kCHX7W6ZfIdAjCpMlYeitqGu7+PvxFow80tyCNsIPULVOPrz
4JI4q2HAVsvqUZJapGqKUsyMezIGWVsHcV5fVQg7rtsDPi99vDdV6h6VuJBcQ1k2
9n8yzv4vteqS0TUitR1hGCz6MKcMkquC3nEjxmxfwJ75Q2kqJWL/XSJpqji6r+su
L9nr/TBc86TQpJuTU0csCJ+0+mnLYLDUN4a9h0kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwnAlRIXjbzRRFxpY/AfoOvr2g0jAfBgNVHSMEGDAWgBRivsxLqKTVJJig
0pg6aLYTg6p/1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lyN01TNmlrMVNTWW9OS1lPbWkyRTRPcWY5Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvOWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8x
L01Kd0pVU0Y0MjgwVVJjYVdQd0g2RHI2OW9OSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
OWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8xL1lyN01TNmlrMVNT
WW9OS1lPbWkyRTRPcWY5Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXRzDANBgkqhkiG9w0BAQsFAAOC
AQEALNYjFWFaJn+gfUbtY064hxS5oP3+OjcvdrNygTltF4lL+USEqlDNOVY2pweT
q0yBzZbTAFwnZyklr0qjGBlklsHNXRuW97tt5Y46vOmh5A5Lv7SRucDQWKdIxNqx
rnbr2p2U5L2GcMo3KQh1snYdTLhZzvmj6ETI2KuVd0RLg1REKPftK8140PoYJ4u1
V428TXJxeF4gYZzSl22DzlfoiMnGUjgORQ/pCYI/sIyUS2Wj9dkrbWCH67g6K3Sm
dHVfArfVMoLK+614gBVe+73z4t2KZkbgbdqmlN2on4BZiw9XOqKxAbxrWbLFVekR
MrOOapxDgkeiZHfdz9KOCOw/AQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:21:22 2025 by rpki-client