Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a42699-1d3f-4a70-83ce-c564b40eca05/1/MNitg_keBs4dR0_QJsKKFy2jt9w.roa
File: MNitg_keBs4dR0_QJsKKFy2jt9w.roa (raw, json)
Hash identifier: sEGk1tMGmp6moB/qNZm65GUjuchkzx/EiGw40gyU6pI=
Subject key identifier: 30:D8:AD:83:F9:1E:06:CE:1D:47:4F:D0:26:C2:8A:17:2D:A3:B7:DC
Certificate issuer: /CN=58ee47d32a599341f5ff1a88bf142e1538da40ea
Certificate serial: 01941F8C7E885D8C1C2CBE78B1B712E98A00
Authority key identifier: 58:EE:47:D3:2A:59:93:41:F5:FF:1A:88:BF:14:2E:15:38:DA:40:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WO5H0ypZk0H1_xqIvxQuFTjaQOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a42699-1d3f-4a70-83ce-c564b40eca05/1/MNitg_keBs4dR0_QJsKKFy2jt9w.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 45.15.4.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7e:88:5d:8c:1c:2c:be:78:b1:b7:12:e9:8a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ee47d32a599341f5ff1a88bf142e1538da40ea
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30d8ad83f91e06ce1d474fd026c28a172da3b7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f1:df:44:04:95:d1:f9:3a:5f:97:23:d0:dc:
dd:33:2b:e6:84:87:e4:22:ae:fb:03:9c:7b:d3:5f:
f8:bc:4c:3f:76:c7:6f:9d:e6:31:e0:3e:c0:c9:37:
ba:25:8c:c4:92:b9:db:eb:df:85:fb:54:ba:b5:fa:
62:de:09:a7:ca:92:f3:83:5f:f3:46:92:d6:1c:76:
d5:a2:f2:d7:a8:f8:84:4d:2f:44:88:fe:7f:14:f6:
10:ad:5c:ef:8a:f5:b4:b8:d9:15:f9:21:26:c3:66:
b3:33:11:6e:ad:63:2f:94:c3:1a:34:83:af:31:bc:
13:a9:44:39:d5:86:38:b2:31:07:0e:ff:87:c0:35:
c5:1a:15:55:17:b4:72:69:bb:d9:10:00:1c:ca:70:
f6:f1:48:f1:a6:e5:6d:f5:72:17:91:0f:7b:a8:9e:
d6:ae:07:8a:f1:1e:55:75:bc:1f:88:27:6e:11:1c:
1e:21:77:a2:69:03:21:6d:8a:0a:c0:7a:d6:1c:23:
f8:48:6b:48:5f:65:cd:34:da:ff:ff:c7:ce:97:02:
61:47:6e:44:77:bf:86:6f:f2:e9:a2:cd:dd:d5:53:
ea:4b:8a:3b:56:5c:ce:87:1f:4c:74:c3:99:db:12:
2b:43:1d:5b:6f:99:fd:c8:4a:82:9e:27:f4:fd:92:
b4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D8:AD:83:F9:1E:06:CE:1D:47:4F:D0:26:C2:8A:17:2D:A3:B7:DC
X509v3 Authority Key Identifier:
keyid:58:EE:47:D3:2A:59:93:41:F5:FF:1A:88:BF:14:2E:15:38:DA:40:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WO5H0ypZk0H1_xqIvxQuFTjaQOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a42699-1d3f-4a70-83ce-c564b40eca05/1/MNitg_keBs4dR0_QJsKKFy2jt9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a42699-1d3f-4a70-83ce-c564b40eca05/1/WO5H0ypZk0H1_xqIvxQuFTjaQOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.4.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:5e:ed:9b:64:1a:c6:c1:85:e8:cf:70:cf:62:43:7e:fa:75:
99:08:ec:f3:48:1e:85:94:76:f1:b1:ef:d0:14:82:72:9d:cc:
eb:7d:e9:8f:c2:30:15:9a:8f:70:4a:12:0a:1b:6b:1e:3f:60:
7e:77:87:ad:3e:29:ab:bd:22:c4:92:30:9a:7b:0b:1a:fc:e7:
20:d5:d6:e2:5c:d2:8a:27:43:3c:1f:07:85:db:d7:91:f3:ff:
cd:85:d8:6c:b3:0b:f0:e5:4a:15:ec:f1:68:56:69:e5:20:9a:
00:a5:54:bc:b6:f0:64:00:5e:9b:91:4a:79:c6:81:12:dc:04:
be:12:40:63:e9:af:71:15:a9:d4:5c:ff:4a:f4:21:c4:87:2f:
c3:34:87:42:6f:90:1f:61:b7:e3:64:fb:1f:2d:6f:69:a4:0c:
b3:e6:9f:e4:5b:8d:ca:0a:d5:13:d8:22:fb:4d:56:ae:29:ea:
fa:f8:0c:b8:3a:ff:5a:95:9e:be:a7:3f:cc:a9:a1:1a:38:ea:
d0:09:6f:3c:c9:b0:75:b2:b3:b4:53:e0:b4:18:bd:82:ef:d0:
d7:38:61:2f:13:7f:f9:bc:67:3a:a3:d6:be:cc:21:a3:72:58:
1c:a1:cc:46:ee:1e:16:c1:23:11:d6:2a:47:2e:44:80:dd:b0:
fd:77:c1:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjH6IXYwcLL54sbcS6YoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZWU0N2QzMmE1OTkzNDFmNWZmMWE4OGJmMTQyZTE1Mzhk
YTQwZWEwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ4YWQ4M2Y5MWUwNmNlMWQ0NzRmZDAyNmMyOGExNzJkYTNiN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivHfRASV0fk6X5cj0NzdMyvmhIfk
Iq77A5x701/4vEw/dsdvneYx4D7AyTe6JYzEkrnb69+F+1S6tfpi3gmnypLzg1/z
RpLWHHbVovLXqPiETS9EiP5/FPYQrVzvivW0uNkV+SEmw2azMxFurWMvlMMaNIOv
MbwTqUQ51YY4sjEHDv+HwDXFGhVVF7RyabvZEAAcynD28UjxpuVt9XIXkQ97qJ7W
rgeK8R5VdbwfiCduERweIXeiaQMhbYoKwHrWHCP4SGtIX2XNNNr//8fOlwJhR25E
d7+Gb/Lpos3d1VPqS4o7VlzOhx9MdMOZ2xIrQx1bb5n9yEqCnif0/ZK0wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDYrYP5HgbOHUdP0CbCihcto7fcMB8GA1UdIwQY
MBaAFFjuR9MqWZNB9f8aiL8ULhU42kDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV081SDB5cFprMEgxX3hxSXZ4UXVGVGphUU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hNDI2OTktMWQzZi00YTcwLTgzY2Ut
YzU2NGI0MGVjYTA1LzEvTU5pdGdfa2VCczRkUjBfUUpzS0tGeTJqdDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hNDI2OTktMWQzZi00YTcwLTgzY2UtYzU2NGI0MGVjYTA1
LzEvV081SDB5cFprMEgxX3hxSXZ4UXVGVGphUU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ8EMA0G
CSqGSIb3DQEBCwUAA4IBAQAbXu2bZBrGwYXoz3DPYkN++nWZCOzzSB6FlHbxse/Q
FIJynczrfemPwjAVmo9wShIKG2seP2B+d4etPimrvSLEkjCaewsa/Ocg1dbiXNKK
J0M8HweF29eR8//Nhdhsswvw5UoV7PFoVmnlIJoApVS8tvBkAF6bkUp5xoES3AS+
EkBj6a9xFanUXP9K9CHEhy/DNIdCb5AfYbfjZPsfLW9ppAyz5p/kW43KCtUT2CL7
TVauKer6+Ay4Ov9alZ6+pz/MqaEaOOrQCW88ybB1srO0U+C0GL2C79DXOGEvE3/5
vGc6o9a+zCGjclgcocxG7h4WwSMR1ipHLkSA3bD9d8GD
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:55:50 2025 by rpki-client